Logging to Syslog

AMPS can also log messages to the host’s syslog mechanism. To use the syslog logging target, use a Protocol of syslog in the logging target definition.

The host’s syslog mechanism allows a logger to specify an identifier on the message. This identifier is set through the Ident property and defaults to the AMPS instance name (see AMPS Configuration Guide for configuration of the AMPS instance name.)

The syslog logging target can be further configured by setting the Options parameter to a comma-delimited list of syslog flags. The recognized syslog flags are:

AMPS already includes the process identifier (PID) with every message it logs, however, it is a good practice to set the LOG_PID flag so that downstream syslog analysis tools will find the PID where they expect it.

The Facility parameter can be used to set the syslog “facility”. Valid options are: LOG_USER (the default), LOG_LOCAL0, LOG_LOCAL1, LOG_LOCAL2, LOG_LOCAL3, LOG_LOCAL4, LOG_LOCAL5, LOG_LOCAL6, or LOG_LOCAL7.

Finally, AMPS and the syslog do not have a perfect mapping between their respective log severity levels. AMPS uses the following table to convert the AMPS log level into one appropriate for the syslog:

Example

Below is an example of a syslog logging target that logs all messages at the critical severity level or higher and additionally the log messages matching 30-0000 to the syslog.

<AMPSConfig>
    ...
    <Logging>
        <Target>
            <Protocol>syslog</Protocol>
            <Level>critical</Level>
            <IncludeErrors>30-0000</IncludeErrors>
            <Ident>\amps dma</Ident>
            <Options>LOG_CONS,LOG_NDELAY,LOG_PID</Options>
            <Facility>LOG_USER</Facility>
        </Target>
    </Logging>
    ...
</AMPSConfig>

PreviousLogging to a Compressed File NextLogging to the Console

Last updated 6 months ago