4

We have a Java application logging structured data (MDC with log4j) via syslog to rsyslog (7.6.3) on localhost. localhost should then forward these log messages to a central logging host (also running rsyslog (7.4.4)) which will format the log messages and distribute them into files.

The problem is that we see the structured data on localhost (by logging %rawmsg% to a file), but there is no structured data in the %rawmsg% as received on the logging server. The forwading is done via UDP.

How can we transfer the structured data as structured data via rsyslog?

Improve this question

1 Answer 1

Reset to default
5

The standard template for remote forwarding uses a traditional BSD Syslog format. Try to use the predefined template RSYSLOG_SyslogProtocol23Format to forward in syslog-protocol format with structured data. E.g.:

*.* @logserver;RSYSLOG_SyslogProtocol23Format
Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.