1

Logs are coming from POSTGRESQL, I am also using Script Runner to implement this. I have been searching ways to send these logs to syslog servers, since I am really new to this I do not know where to start.

Let's say this is the name of the server: syslog12 and port: 514

I would really appreciate if someone can teach me how to send the logs to the syslog server.

This is my groovy code:

return getUserId()

class Logs{
                    String id = ""
                    String created = ""
                    String summary =""
                    String category =""
                    String searchField =""
     String toString(){
        "$id ==== $created-$summary,$category,$searchField"    
     }
}

def getUserId(){
        def driver = Class.forName('org.postgresql.Driver').newInstance() as Driver
        def props = new Properties()

        props.setProperty("user", "USERNAME")
        props.setProperty("password", "PASSWORD")
        props.setProperty("sslfactory", "org.postgresql.ssl.NonValidatingFactory")
        props.setProperty("ssl", "true")

        def conn = driver.connect("jdbc:postgresql://DATABASE:PORT/GRP", props)
        def sql = new Sql(conn)

        try {

                BufferedWriter outputFile = new BufferedWriter(new FileWriter("/GRP/atlassian/testProd1.txt", true))
                def logs = new Logs()
                String query = "SELECT * from audit_log where created >='2015-04-15' AND created < '2015-04-26' order by id ASC"

                PreparedStatement statement = conn.prepareStatement(query)

                ResultSet result = statement.executeQuery()

                while(result.next()){
                        String id1 = result.getString("id")
                        logs.id = id1

                        String created1 = result.getString("created")
                        logs.created = created1

                        String summary1 = result.getString("summary")
                        logs.summary = summary1

                        String category1 = result.getString("category")
                        logs.category = category1

                        String searchField1 = result.getString("search_field")
                        logs.searchField = searchField1

                        outputFile.write("[GRP2.0] "+logs.toString())
                        outputFile.newLine()
                }

                outputFile.close()
                return ("[GRP2.0] "+logs.toString())
        } finally {
            sql.close()
            conn.close()
        }

}
John Smith
  • 17
  • 5

1 Answers1

0

Logback has a really convenient syslog appender. Since it can be configured with groovy, a quick example is really straightforward:

Example.groovy

package com.jalopaba.syslog

import org.slf4j.Logger
import org.slf4j.LoggerFactory

class Example {
    private static final Logger LOG = LoggerFactory.getLogger(Example.class)

    static void main(args) {
        LOG.info('Test message: ' + new Date())
    }
}

logback.groovy

appender('console', ConsoleAppender) {
    encoder(PatternLayoutEncoder) {
        pattern = "%d{HH:mm:ss.SSS} %-5level [%thread] - %msg%n"
    }
}

appender('syslog', SyslogAppender) {
    syslogHost = 'remote_host'
    facility = 'USER'
    suffixPattern = "%thread: %-5level %logger{36} - %msg%n"
}

logger('com.jalopaba', DEBUG, ['console', 'syslog'])

So that:

remote_host:~$ tail -f /var/log/syslog
Nov 20 12:35:58 jalopaba_machine main: INFO  com.jalopaba.syslog.Example - Test message: Fri Nov 20 12:35:58 CET 2015#015

Bear in mind that syslog/rsyslog usually have remote logging NOT enabled by default: What's wrong with my logback syslog appender?

Community
  • 1
  • 1
jalopaba
  • 8,039
  • 2
  • 44
  • 57
  • Hi, I am just wondering where to put the port and whether if its is UDP or TCP? – John Smith Nov 20 '15 at 13:56
  • If not specified, port is the *syslog* default (514). If you want to change it, there is a `port` property of the SyslogAppender (check the documentation). – jalopaba Nov 20 '15 at 13:59
  • AFAIK, logback's syslog appender uses UDP. – jalopaba Nov 20 '15 at 14:06
  • i am a bit confused regarding the pattern and suffix pattern as I am learning how to implement this on my code above – John Smith Nov 20 '15 at 14:47
  • "Since the format of a syslog request follows rather strict rules, there is no layout to be used with SyslogAppender. However, using the suffixPattern option lets the user display whatever information." – jalopaba Nov 20 '15 at 17:05