Logging to Syslog
AMPS can also log messages to the host’s syslog mechanism. To use the syslog logging target, use a Protocol
of syslog
in the logging target definition.
The host’s syslog mechanism allows a logger to specify an identifier on the message. This identifier is set through the Ident
property and defaults to the AMPS instance name (see AMPS Configuration Guide for configuration of the AMPS instance name.)
The syslog logging target can be further configured by setting the Options
parameter to a comma-delimited list of syslog flags. The recognized syslog flags are:
Level
Description
LOG_CONS
Write directly to system console if there is an error while sending to system logger.
LOG_NDELAY
Open the connection immediately (normally, the connection is opened when the first message is logged).
LOG_NOWAIT
No effect on Linux platforms.
LOG_ODELAY
The converse of LOG_NDELAY; opening of the connection is delayed until syslog()
is called. (This is the default, and need not be specified.)
LOG_PERROR
Print to standard error as well.
LOG_PID
Include PID with each message.
AMPS already includes the process identifier (PID) with every message it logs, however, it is a good practice to set the LOG_PID
flag so that downstream syslog analysis tools will find the PID where they expect it.
The Facility
parameter can be used to set the syslog “facility”. Valid options are: LOG_USER
(the default), LOG_LOCAL0
, LOG_LOCAL1
, LOG_LOCAL2
, LOG_LOCAL3
, LOG_LOCAL4
, LOG_LOCAL5
, LOG_LOCAL6
, or LOG_LOCAL7
.
Finally, AMPS and the syslog do not have a perfect mapping between their respective log severity levels. AMPS uses the following table to convert the AMPS log level into one appropriate for the syslog:
AMPS Severity
Syslog Severity
none
LOG_DEBUG
developer
LOG_DEBUG
trace
LOG_DEBUG
stats
LOG_INFO
info
LOG_INFO
warning
LOG_WARNING
error
LOG_ERR
critical
LOG_CRIT
emergency
LOG_EMERG
Example
Below is an example of a syslog logging target that logs all messages at the critical
severity level or higher and additionally the log messages matching 30-0000
to the syslog.
Last updated