logging-log4j-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Blake Day <bl...@chewy.com>
Subject Re: RFC5424 over TCP without TLS
Date Mon, 18 Jan 2016 23:17:57 GMT
It was worth a look, but no. SocketAppender creates an SslSocketManager when protocol = SSL.

On 1/18/16, 5:46 PM, "Gary Gregory" <garydgregory@gmail.com> wrote:

>I think you might be able to "cheat" by saying protocol="SSL" on the
>On Mon, Jan 18, 2016 at 2:07 PM, Blake Day <blake@chewy.com> wrote:
>> Hi all,
>> We are trying to achieve RFC5424 message formats over TCP transport
>> without TLS.
>> As you may know, SyslogAppender uses an instance of Rfc5424Layout to
>> provide the logging layout.  That layout takes a parameter called
>> “useTlsMessageFormat”, which SyslogAppender sets based on whether TLS is
>> configured.  When true, the layout wraps the log event in a
>> TlsSyslogFrame.  TlsSyslogFrame simply prepends a length to the full log
>> message, but that length is required by syslog-ng to frame RFC5424
>> messages.  While the RFC for TCP-based transport of the RFC5424 format does
>> not allow for non-TLS connections, some users (like us) would like to adopt
>> the RFC5424 format over TCP *without* TLS.  We believe, but have not
>> tested, that we could do this by simply adding a configuration parameter to
>> the SyslogAppender that allows us to override useTlsMessageFormat to true.
>> Any thoughts on this change?  Have we overlooked an obvious alternative to
>> achieving RFC5424 over TCP without TLS?
>> Thanks,
>> Michael Day
>E-Mail: garydgregory@gmail.com | ggregory@apache.org
>Java Persistence with Hibernate, Second Edition
>JUnit in Action, Second Edition <http://www.manning.com/tahchiev/>
>Spring Batch in Action <http://www.manning.com/templier/>
>Blog: http://garygregory.wordpress.com
>Home: http://garygregory.com/
>Tweet! http://twitter.com/GaryGregory
View raw message