Log4j Syslog

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Log4j Syslog

Vimochan.Cheethirala
Hello guys,

Not sure if this is a right forum, but trying my luck.

I am trying to use a properties file to enable my application to send syslog events to our ELM over SSL/TLS. I have installed my cert in the keystore, it looks like its not working…can anyone verify if these entries make sense.

appender.syslogELM.type=syslog
appender.syslogELM.name=syslogELM
appender.syslogELM.host=**myhostname
appender.syslogELM.port=6514
appender.syslogELM.protocol=TCP
appender.syslogELM.layout.type=PatternLayout
appender.syslogELM.layout.pattern=RFC 5424
appender.syslogELM.facility=LOCAL7
appender.syslogELM.SSL=ELMSSL

SSL.ELMSSL.name=core.net.ssl.SslConfiguration
SSL.ELMSSL.protocol=TLS
SSL.ELMSSL.KeyStore.location=**path to /.keystore
SSL.ELMSSL.KeyStore.password=**mypwd
SSL.ELMSSL.TrustStore.location=**path to /.keystore
SSL.ELMSSL.TrustStore.password=**mypwd

Log files throw and error saying that “syslog contains an invalid element or attribute "SSL””, Can you one help me with this?

Thanks


This email, including any attachments, is confidential and contains proprietary content and may be legally privileged. This transmission is intended only for the designated recipient(s), and any duplication or distribution, in any form or part, without the written consent of the sender is strictly prohibited. These confidentiality protections apply even if you received this transmission in error, in which case you should delete the message, disregard its contents and notify the sender of the mistake. CSL Behring

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Log4j Syslog

Ralph Goers
1. Please not that the paragraph after your signature is meaningless when posting to a publicly archived mailing list such as this one.
2. The pattern attribute needs to be a valid pattern “RFC 5424” is not a valid pattern. I would assume that you really should have specified layout.type=RFC5424Layout.
3. The SSL configuration needs to be defined as a subcomponent of the appender such as
appender.syslogELM.SSL.protocol=TLS
appender.syslogELM.SSL.KeyStore.location=path/to/keystore

etc.

Ralph

> On Nov 15, 2019, at 8:33 AM, [hidden email] wrote:
>
> Hello guys,
>
> Not sure if this is a right forum, but trying my luck.
>
> I am trying to use a properties file to enable my application to send syslog events to our ELM over SSL/TLS. I have installed my cert in the keystore, it looks like its not working…can anyone verify if these entries make sense.
>
> appender.syslogELM.type=syslog
> appender.syslogELM.name=syslogELM
> appender.syslogELM.host=**myhostname
> appender.syslogELM.port=6514
> appender.syslogELM.protocol=TCP
> appender.syslogELM.layout.type=PatternLayout
> appender.syslogELM.layout.pattern=RFC 5424
> appender.syslogELM.facility=LOCAL7
> appender.syslogELM.SSL=ELMSSL
>
> SSL.ELMSSL.name=core.net.ssl.SslConfiguration
> SSL.ELMSSL.protocol=TLS
> SSL.ELMSSL.KeyStore.location=**path to /.keystore
> SSL.ELMSSL.KeyStore.password=**mypwd
> SSL.ELMSSL.TrustStore.location=**path to /.keystore
> SSL.ELMSSL.TrustStore.password=**mypwd
>
> Log files throw and error saying that “syslog contains an invalid element or attribute "SSL””, Can you one help me with this?
>
> Thanks
>
>
> This email, including any attachments, is confidential and contains proprietary content and may be legally privileged. This transmission is intended only for the designated recipient(s), and any duplication or distribution, in any form or part, without the written consent of the sender is strictly prohibited. These confidentiality protections apply even if you received this transmission in error, in which case you should delete the message, disregard its contents and notify the sender of the mistake. CSL Behring
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>



---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]