syslogd/README.md

2.1 KiB

Simple Syslog Server

All received messages are written to stdout and optionally forwarded to another syslog server.

The syslog server is able to listen on UDP and/or TCP and parses syslog messages in either RFC5424 or RFC3164 (BSD) format.

The default syslog port (514) requires you to run syslogd as root / administrator. If you do not wish to do so, you can choose a port number (with the -p or --port flag) above 1024.

Usage Instructions

  • Install the syslogd package (.deb or .rpm) from downloads or build from source.
  • Run bin/syslogd, use the -h option for help :)
Usage: syslogd [-dhV] [--[no-]ansi] [--[no-]stdout] [--[no-]tcp] [--[no-]udp]
               [--rfc5424] [-f=<host>] [-p=<port>]
Simple Syslog Server
  -d, --debug            Enable debugging [default: 'false'].
  -f, --forward=<host>   Forward to UDP host[:port] (RFC-5424).
  -h, --help             Show this help message and exit.
      --[no-]ansi        Output ANSI colors [default: true].
      --[no-]stdout      Output messages to stdout [default: true].
      --[no-]tcp         Listen on TCP [default: true].
      --[no-]udp         Listen on UDP [default: true].
  -p, --port=<port>      Listening port [default: 514].
      --rfc5424          Parse RFC-5424 messages [default: RFC-3164].
  -V, --version          Print version information and exit.

Examples

Listening on a non-standard syslog port:

java -jar /path/to/syslogd-x.y.z-all.jar --port 1514

or, if installed as a deb or rpm package:

/opt/syslogd/bin/syslogd --port 1514

Listening on the standard syslog port (requires root privileges) and forwarding messages on to another log-system on a non-standard port.

java -jar /path/to/syslogd-x.y.z-all.jar --forward remotehost:1514

If you don't want any output locally (only forwarding), you can use the --no-stdout flag.

Notes

Syslog messages from AIX (and IBM Power Virtual I/O Servers) can be troublesome with some logging solutions. These can be received with syslogd and optionally forwarded on to Graylog, Splunk or other logging solutions.