views:

294

answers:

1

I'm looking into hooking up a 3rd party Java application to our log aggregation/analysis solution (probably Splunk, we haven't finalized our selection yet though). It seems to be easiest to hook the Splunk agent to syslog, so I'm looking for a way to redirect the application logs to a local syslog daemon on the server.

The Java application uses java.util.logging, which unfortunately does not feature a syslog handler out of the box (I believe log4j does, though). Are there any proven libraries to do this? The log load isn't huge (probably 10-20 messages per minute from each process, up to 6 processes per host) but I'm concerned with reliability and durability (e.g. what happens when the daemon is down?...).

Any help would be appreciated...

+4  A: 

SLF4J has a bridge for passing java.util.logging events to SLF4J (and hence to log4j or logback) that you could use. It has a performance cost (see the link) but given your load, this shouldn't be a big deal. So you could then use Log4J's SyslogAppender (or better its successor, logback, which also has a SyslogAppender). I do not have any experience with this appender (so this might require some testing) but logback is definitely a reliable library and I know that it can be configured to not print stack traces using the "nopexception" or "nopex" conversion word (in case sending messages when the daemon is down would generate some exception). Coupling this appender with another one (e.g. file based) would allow to not loose any message.

Pascal Thivent
Thank you, but this does not answer the question - I'm looking to hook up an /existing/ Java application which uses JUL, so external libraries are not really useful.
Tomer Gabel
@Tomer I don't know how I missed that. I've update my answer to cover the bridging.
Pascal Thivent
+1 for using SLF4J
Matt
I'll check it out, thanks!
Tomer Gabel