Logging to Syslog

AMPS can also log messages to the host’s syslog mechanism. To use the syslog logging target, use a Protocol of syslog in the logging target definition.

The host’s syslog mechanism allows a logger to specify an identifier on the message. This identifier is set through the Ident property and defaults to the AMPS instance name (see AMPS Configuration Guide for configuration of the AMPS instance name.)

The syslog logging target can be further configured by setting the Options parameter to a comma-delimited list of syslog flags. The recognized syslog flags are:

Level

Description

LOG_CONS

Write directly to system console if there is an error while sending to system logger.

LOG_NDELAY

Open the connection immediately (normally, the connection is opened when the first message is logged).

LOG_NOWAIT

No effect on Linux platforms.

LOG_ODELAY

The converse of LOG_NDELAY; opening of the connection is delayed until syslog() is called. (This is the default, and need not be specified.)

LOG_PERROR

Print to standard error as well.

LOG_PID

Include PID with each message.

AMPS already includes the process identifier (PID) with every message it logs, however, it is a good practice to set the LOG_PID flag so that downstream syslog analysis tools will find the PID where they expect it.

The Facility parameter can be used to set the syslog “facility”. Valid options are: LOG_USER (the default), LOG_LOCAL0, LOG_LOCAL1, LOG_LOCAL2, LOG_LOCAL3, LOG_LOCAL4, LOG_LOCAL5, LOG_LOCAL6, or LOG_LOCAL7.

Finally, AMPS and the syslog do not have a perfect mapping between their respective log severity levels. AMPS uses the following table to convert the AMPS log level into one appropriate for the syslog:

AMPS Severity

Syslog Severity

none

LOG_DEBUG

developer

LOG_DEBUG

trace

LOG_DEBUG

stats

LOG_INFO

info

LOG_INFO

warning

LOG_WARNING

error

LOG_ERR

critical

LOG_CRIT

emergency

LOG_EMERG

Example

Below is an example of a syslog logging target that logs all messages at the critical severity level or higher and additionally the log messages matching 30-0000 to the syslog.

<AMPSConfig>
    ...
    <Logging>
        <Target>
            <Protocol>syslog</Protocol>
            <Level>critical</Level>
            <IncludeErrors>30-0000</IncludeErrors>
            <Ident>\amps dma</Ident>
            <Options>LOG_CONS,LOG_NDELAY,LOG_PID</Options>
            <Facility>LOG_USER</Facility>
        </Target>
    </Logging>
    ...
</AMPSConfig>

Last updated

Copyright 2013-2024 60East Technologies, Inc.