7

I have a java application using log4j SyslogAppender (facility=USER) and I can see using tcpdump on port 514 that my application is sending intended log message as a datagram and also netstat shows me that syslogd (red hat) is running and listening on 0.0.0.0:514 but I do not see any logging happening in /var/log/messages.

In my syslog.conf, I have

*.info         /var/log/messages

My conversion pattern for SyslogAppender is 

%d{MMM dd HH:mm:ss} %F %L %5p [%t] %m %n"

I am clueless as why it is failing to log or where exactly should I look for to see what is failing. And I don't have enough permissions on the machine to start/stop syslogd or run manually to have verbose debug logs enabled.

Any pointers as how I proceed?

Edit:

The Appender below

private void initSyslog() { 
    SyslogAppender syslogAppender = new SyslogAppender();   
    syslogAppender.setName("syslog");
    syslogAppender.setLayout(new PatternLayout("%d{MMM dd HH:mm:ss} %F %L %5p [%t] %m %n")); 
    syslogAppender.setFacility("USER"); 
    syslogAppender.setFacilityPrinting(true);
    syslogAppender.setSyslogHost("localhost");
    syslogAppender.activateOptions(); 
    Logger.getRootLogger().addAppender(syslogAppender);
    Logger.getRootLogger.info("Syslogdone");
}
The.Anti.9
  • 43,474
  • 48
  • 123
  • 161
Prasanna
  • 3,703
  • 9
  • 46
  • 74
  • will you show us your appender in your log4j config, please – Chris Dec 01 '11 at 23:57
  • I am setting up Syslog appender during runtime and here it is private void initSyslog() { SyslogAppender syslogAppender = new SyslogAppender(); syslogAppender.setName("syslog"); syslogAppender.setLayout(new PatternLayout%d{MMM dd HH:mm:ss} %F %L %5p [%t] %m %n")); syslogAppender.setFacility("USER"); syslogAppender.setFacilityPrinting(true); syslogAppender.setSyslogHost("localhost"); syslogAppender.activateOptions(); Logger.getRootLogger().addAppender(syslogAppender); Logger.getRootLogger.info("Syslogdone"); } – Prasanna Dec 02 '11 at 00:28

2 Answers2

9

Remote logging was not enabled in syslog. Weird, because it still opens and listens on 514. Once I started with syslog -r, everything started logging.

Prasanna
  • 3,703
  • 9
  • 46
  • 74
0

Maybe this will help: http://wiki.loggly.com/log4j

It's just an example set up with using SyslogAppender. Just ignore the part about forwarding it to Loggly.

Steven
  • 3,844
  • 3
  • 32
  • 53