Logging to Syslog
AMPS can also log messages to the host’s syslog mechanism. To use the syslog logging target, use a Protocol of syslog in the logging target definition.
The host’s syslog mechanism allows a logger to specify an identifier on the message. This identifier is set through the Ident property and defaults to the AMPS instance name (see AMPS Configuration Guide for configuration of the AMPS instance name.)
The syslog logging target can be further configured by setting the Options parameter to a comma-delimited list of syslog flags. The recognized syslog flags are:
Level | Description |
| Write directly to system console if there is an error while sending to system logger. |
| Open the connection immediately (normally, the connection is opened when the first message is logged). |
| No effect on Linux platforms. |
| The converse of LOG_NDELAY; opening of the connection is delayed until |
| Print to standard error as well. |
| Include PID with each message. |
AMPS already includes the process identifier (PID) with every message it logs, however, it is a good practice to set the LOG_PID flag so that downstream syslog analysis tools will find the PID where they expect it.
The Facility parameter can be used to set the syslog “facility”. Valid options are: LOG_USER (the default), LOG_LOCAL0, LOG_LOCAL1, LOG_LOCAL2, LOG_LOCAL3, LOG_LOCAL4, LOG_LOCAL5, LOG_LOCAL6, or LOG_LOCAL7.
Finally, AMPS and the syslog do not have a perfect mapping between their respective log severity levels. AMPS uses the following table to convert the AMPS log level into one appropriate for the syslog:
AMPS Severity | Syslog Severity |
none | LOG_DEBUG |
developer | LOG_DEBUG |
trace | LOG_DEBUG |
stats | LOG_INFO |
info | LOG_INFO |
warning | LOG_WARNING |
error | LOG_ERR |
critical | LOG_CRIT |
emergency | LOG_EMERG |
Example
Below is an example of a syslog logging target that logs all messages at the critical severity level or higher and additionally the log messages matching 30-0000 to the syslog.
Last updated