Syslog is a message logging standard has been around for decades, but has renewed popularity as a method of log capture with the advent of containerization and centralized logging solutions.
Enabling an Ubutu 14.04 or 16.04 host to act as a syslog server only takes a few simple steps.
Continue reading “Ubuntu: Enabling syslog on Ubuntu and custom templates”
Building services using Spring Boot gives a development team a jump start on many production concerns, including logging. But unlike a standard deployment where logging to a local file is where the developer’s responsibility typically ends, with Docker we must think about how to log to a public space outside our ephemeral container space.
The Docker logging drivers capture all the output from a container’s stdout/stderr, and can send a container’s logs directly to most major logging solutions (syslog, Logstash, gelf, fluentd).
As an added benefit, by making the logging implementation a runtime choice for the container, it provides flexibility to use a simpler implementation during development but a highly-available, scalable logging solution in production.
Continue reading “Docker: Sending Spring Boot logging to syslog”
The Spring framework provides a proven and well documented model for the development of custom projects and services. The Spring Boot project takes an opinionated view of building production Spring applications, which favors convention over configuration.
In this article we will explore how to configure a Spring Boot project to use the Simple Logging Facade for Java (SLF4J) with a Logback backend to send log events to the console, filesystem, and syslog.
Continue reading “Spring: Spring Boot with SLF4J/Logback sending to syslog”
SLF4J, the Simple Logging Facade for Java, is a popular front for various logging backends, one of the being Logback. With the advent of containerization, using syslog to send data to remote logging infrastructure has become a popular transport method.
Enable Syslog Input
The first step is to enable the receipt of syslog messages. This could be any server listening for syslog messages. You can follow my previous article on configuring an Ubuntu server to receive RFC5424 compatible messages or you can configure a syslog input in Logstash.
Continue reading “Syslog: Sending Java SLF4J/Logback to Syslog”
Logging has always been a critical part of application development. But the rise of OS virtualization, applications containers, and cloud-scale logging solutions has turned logging into something bigger that managing local debug files.
Modern applications and services are now expected to feed log aggregation and analysis stacks (ELK, Graylog, Loggly, Splunk, etc). This can be done a multitude of ways, in this post I want to focus on modifying log4j2 so that it sends directly to an rsyslog server.
Even though we focus on sending to an Ubuntu ryslog server in this post, this could be any entity listening for syslog traffic, such as Logstash.
Continue reading “Syslog: Sending Java log4j2 to rsyslog on Ubuntu”