logging-log4j-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Blake Day <bl...@chewy.com>
Subject RFC5424 over TCP without TLS
Date Mon, 18 Jan 2016 22:07:32 GMT
Hi all,

We are trying to achieve RFC5424 message formats over TCP transport without TLS.  

As you may know, SyslogAppender uses an instance of Rfc5424Layout to provide the logging layout.
 That layout takes a parameter called “useTlsMessageFormat”, which SyslogAppender sets
based on whether TLS is configured.  When true, the layout wraps the log event in a TlsSyslogFrame.
 TlsSyslogFrame simply prepends a length to the full log message, but that length is required
by syslog-ng to frame RFC5424 messages.  While the RFC for TCP-based transport of the RFC5424
format does not allow for non-TLS connections, some users (like us) would like to adopt the
RFC5424 format over TCP *without* TLS.  We believe, but have not tested, that we could do
this by simply adding a configuration parameter to the SyslogAppender that allows us to override
useTlsMessageFormat to true.

Any thoughts on this change?  Have we overlooked an obvious alternative to achieving RFC5424
over TCP without TLS?

Thanks,

Michael Day

Mime
View raw message