logging-log4j-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ralph Goers <ralph.go...@dslextreme.com>
Subject Re: RFC5424 over TCP without TLS
Date Tue, 19 Jan 2016 00:47:47 GMT
When I wrote the SyslogAppender and RFC5424Layout I am pretty sure I tested it with syslog-ng.
At that time we didn’t support TLS, so I wasn’t adding a TLSSyslogFrame. I don’t recall
having any problems with that or with rsyslog.

Ralph

> On Jan 18, 2016, at 5:42 PM, Gary Gregory <garydgregory@gmail.com> wrote:
> 
> What about using a <SyslogAppender> with a <Rfc5424Layout>?
> 
> Gary
> 
> On Mon, Jan 18, 2016 at 3:17 PM, Blake Day <blake@chewy.com> wrote:
> 
>> It was worth a look, but no. SocketAppender creates an SslSocketManager
>> when protocol = SSL.
>> 
>> 
>> 
>> 
>> On 1/18/16, 5:46 PM, "Gary Gregory" <garydgregory@gmail.com> wrote:
>> 
>>> I think you might be able to "cheat" by saying protocol="SSL" on the
>>> appender...
>>> 
>>> Gary
>>> 
>>> On Mon, Jan 18, 2016 at 2:07 PM, Blake Day <blake@chewy.com> wrote:
>>> 
>>>> Hi all,
>>>> 
>>>> We are trying to achieve RFC5424 message formats over TCP transport
>>>> without TLS.
>>>> 
>>>> As you may know, SyslogAppender uses an instance of Rfc5424Layout to
>>>> provide the logging layout.  That layout takes a parameter called
>>>> “useTlsMessageFormat”, which SyslogAppender sets based on whether TLS
is
>>>> configured.  When true, the layout wraps the log event in a
>>>> TlsSyslogFrame.  TlsSyslogFrame simply prepends a length to the full log
>>>> message, but that length is required by syslog-ng to frame RFC5424
>>>> messages.  While the RFC for TCP-based transport of the RFC5424 format
>> does
>>>> not allow for non-TLS connections, some users (like us) would like to
>> adopt
>>>> the RFC5424 format over TCP *without* TLS.  We believe, but have not
>>>> tested, that we could do this by simply adding a configuration
>> parameter to
>>>> the SyslogAppender that allows us to override useTlsMessageFormat to
>> true.
>>>> 
>>>> Any thoughts on this change?  Have we overlooked an obvious alternative
>> to
>>>> achieving RFC5424 over TCP without TLS?
>>>> 
>>>> Thanks,
>>>> 
>>>> Michael Day
>>>> 
>>>> 
>>> 
>>> 
>>> --
>>> E-Mail: garydgregory@gmail.com | ggregory@apache.org
>>> Java Persistence with Hibernate, Second Edition
>>> <http://www.manning.com/bauer3/>
>>> JUnit in Action, Second Edition <http://www.manning.com/tahchiev/>
>>> Spring Batch in Action <http://www.manning.com/templier/>
>>> Blog: http://garygregory.wordpress.com
>>> Home: http://garygregory.com/
>>> Tweet! http://twitter.com/GaryGregory
>> 
> 
> 
> 
> -- 
> E-Mail: garydgregory@gmail.com | ggregory@apache.org
> Java Persistence with Hibernate, Second Edition
> <http://www.manning.com/bauer3/>
> JUnit in Action, Second Edition <http://www.manning.com/tahchiev/>
> Spring Batch in Action <http://www.manning.com/templier/>
> Blog: http://garygregory.wordpress.com
> Home: http://garygregory.com/
> Tweet! http://twitter.com/GaryGregory



---------------------------------------------------------------------
To unsubscribe, e-mail: log4j-user-unsubscribe@logging.apache.org
For additional commands, e-mail: log4j-user-help@logging.apache.org


Mime
View raw message