Syslog JSON Error Log Publisher

The Syslog JSON Error Log Publisher can be used to write JSON-formatted error log messages to a syslog server.

Parent Component Relations from This Component Properties dsconfig Usage

Parent Component

The Syslog JSON Error Log Publisher component inherits from the JSON Formatted Error Log Publisher

Relations from This Component

The following components have a direct aggregation relation from Syslog JSON Error Log Publishers:

Properties

The properties supported by this managed object are as follows:


General Configuration Basic Properties: Advanced Properties:
 description  None
 enabled
 logging-error-behavior
Syslog Configuration Basic Properties: Advanced Properties:
 syslog-external-server  queue-size
 syslog-facility
 syslog-severity
 syslog-message-host-name
 syslog-message-application-name
Log Messages To Include Basic Properties: Advanced Properties:
 default-severity  None
 override-severity
Filtering Criteria Basic Properties: Advanced Properties:
 log-message-exclusion-policy  None
Log Message Elements To Include Basic Properties: Advanced Properties:
 include-product-name  include-thread-id
 include-instance-name
 include-startup-id
 generify-message-strings-when-possible

Basic Properties

description

Property Group
General Configuration
Description
A description for this Log Publisher
Default Value
None
Allowed Values
A string
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action

enabled

Property Group
General Configuration
Description
Indicates whether the Log Publisher is enabled for use.
Default Value
None
Allowed Values
true
false
Multi-Valued
No
Required
Yes
Admin Action Required
None. Modification requires no further action

logging-error-behavior

Property Group
General Configuration
Description
Specifies the behavior that the server should exhibit if an error occurs during logging processing.
Default Value
standard-error
Allowed Values
standard-error - Write a message to standard error in the event of a logging failure.

lockdown-mode - Place the server in lockdown mode in the event of a logging failure.
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action

syslog-external-server

Property Group
Syslog Configuration
Description
The syslog server to which messages should be sent. Multiple servers can be configured for the sake of redundancy. If multiple servers are configured, then they must all be configured to communicate over TCP (with or without TLS encryption). When sending a syslog message, servers will be tried in the order in which they are listed.
Default Value
None
Allowed Values
The DN of any Syslog External Server.
Multi-Valued
Yes
Required
Yes
Admin Action Required
None. Modification requires no further action

syslog-facility

Property Group
Syslog Configuration
Description
The syslog facility to use for the messages that are logged by this Syslog JSON Error Log Publisher.
Default Value
system-daemons
Allowed Values
user-level-messages - A facility that is commonly used for messages logged by user applications running on the system. This facility has an integer value of 1.

system-daemons - A facility that is commonly used for messages logged by daemon processes running on the system. This facility has an integer value of 3.

security-and-authorization - A facility that is commonly used for messages related to security and authorization-related processing. This facility has an integer value of 4.

security-and-authorization-alternative - An alternative facility for messages related to security and authorization-related processing. This facility has an integer value of 10.

log-audit - A facility for messages related to log audit processing. This facility has an integer value of 13.

log-alert - A facility for messages related to log alert processing. This facility has an integer value of 14.

local-use-0 - A facility that does not have any predefined purpose and may be used for any arbitrary purpose. This facility has an integer value of 16.

local-use-1 - A facility that does not have any predefined purpose and may be used for any arbitrary purpose. This facility has an integer value of 17.

local-use-2 - A facility that does not have any predefined purpose and may be used for any arbitrary purpose. This facility has an integer value of 18.

local-use-3 - A facility that does not have any predefined purpose and may be used for any arbitrary purpose. This facility has an integer value of 19.

local-use-4 - A facility that does not have any predefined purpose and may be used for any arbitrary purpose. This facility has an integer value of 20.

local-use-5 - A facility that does not have any predefined purpose and may be used for any arbitrary purpose. This facility has an integer value of 21.

local-use-6 - A facility that does not have any predefined purpose and may be used for any arbitrary purpose. This facility has an integer value of 22.

local-use-7 - A facility that does not have any predefined purpose and may be used for any arbitrary purpose. This facility has an integer value of 23.
Multi-Valued
No
Required
Yes
Admin Action Required
None. Modification requires no further action

syslog-severity

Property Group
Syslog Configuration
Description
The syslog severity to use for the messages that are logged by this Syslog JSON Error Log Publisher. If this is not specified, then the severity for each syslog message will be automatically based on the severity for the associated log message.
Default Value
The severity for each syslog message will be automatically based on the severity for the associated log message.
Allowed Values
emergency - A severity that is commonly used for messages indicating that the system is unusable. This severity has an integer value of 0.

alert - A severity that is commonly used for messages that require immediate administrative action. This severity has an integer value of 1.

critical - A severity that is commonly used for messages that represent critical error conditions. This severity has an integer value of 2.

error - A severity that is commonly used for messages that represent non-critical error conditions. This severity has an integer value of 3.

warning - A severity that is commonly used for messages that represent warning conditions. This severity has an integer value of 4.

notice - A severity that is commonly used for messages that represent normal but significant conditions. This severity has an integer value of 5.

informational - A severity that is commonly used for informational messages. This severity has an integer value of 6.

debug - A severity that is commonly used for debug messages. This severity has an integer value of 7.
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action

syslog-message-host-name

Property Group
Syslog Configuration
Description
The local host name that will be included in syslog messages that are logged by this Syslog JSON Error Log Publisher. If this is specified, then the value must be between 1 and 255 characters in length, and it must contain only printable ASCII characters between 0x21 (the '!' character) and 0x7E (the '~') character, inclusive. It should represent a qualified or unqualified hostname, an IPv4 address, or an IPv6 address.

If this is not specified, then the server will attempt to automatically determine the hostname for the local system.

If no hostname should be included in syslog messages, then a value of "-" should be used.

Default Value
The server will attempt to automatically determine the hostname for the local system.
Allowed Values
A string
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action

syslog-message-application-name

Property Group
Syslog Configuration
Description
The application name that will be included in syslog messages that are logged by this Syslog JSON Error Log Publisher. If this is specified, then the value must be between 1 and 48 characters in length, and it must contain only printable ASCII characters between 0x21 (the '!' character) and 0x7E (the '~') character, inclusive.

If this is not specified, then the server will use a default value of "PingDirectory".

If no application name should be included in syslog messages, then a value of "-" should be used.

Default Value
The server will use a default value of "PingDirectory".
Allowed Values
A string
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action

default-severity

Property Group
Log Messages To Include
Description
Specifies the default severity levels for the logger.
Default Value
fatal-error
severe-error
severe-warning
notice
Allowed Values
all - Messages of all severity levels are logged.

none - No messages of any severity are logged by default. This value is intended to be used in conjunction with the override-severity property to define an error logger that will publish no error message beside the errors of a given category.

fatal-error - The error log severity that is used for messages that provide information about fatal errors which may force the server to shut down or operate in a significantly degraded state.

info - The error log severity that is used for messages that provide information about significant events within the server that are not warnings or errors.

mild-error - The error log severity that is used for messages that provide information about mild (recoverable) errors encountered during processing.

mild-warning - The error log severity that is used for messages that provide information about mild warnings triggered during processing.

notice - The error log severity that is used for the most important informational messages (i.e., information that should almost always be logged but is not associated with a warning or error condition).

severe-error - The error log severity that is used for messages that provide information about severe errors encountered during processing.

severe-warning - The error log severity that is used for messages that provide information about severe warnings triggered during processing.

debug - The error log severity that is used for messages that provide debugging information triggered during processing.
Multi-Valued
Yes
Required
No
Admin Action Required
None. Modification requires no further action

override-severity

Property Group
Log Messages To Include
Description
Specifies the override severity levels for the logger based on the category of the messages. Each override severity level should include the category and the severity levels to log for that category, for example, core=mild-error,info,mild-warning. Valid categories are: core, extensions, protocol, config, log, util, schema, plugin, jeb, backend, tools, task, access-control, admin, replication, version, quicksetup, admin-tool, dsconfig, user-defined. Valid severities are: all, fatal-error, info, mild-error, mild-warning, notice, severe-error, severe-warning, debug.
Default Value
All messages with the default severity levels are logged.
Allowed Values
A string in the form category=severity1,severity2...
Multi-Valued
Yes
Required
No
Admin Action Required
None. Modification requires no further action

log-message-exclusion-policy

Property Group
Filtering Criteria
Description
Policy to determine whether the Error Log Publisher should print a message to the log.
Default Value
None
Allowed Values
The DN of any Error Log Publisher Message Exclusion Policy.
Multi-Valued
Yes
Required
No
Admin Action Required
None. Modification requires no further action

include-product-name

Property Group
Log Message Elements To Include
Description
Indicates whether log messages should include the product name for the Directory Server.
Default Value
true
Allowed Values
true
false
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action

include-instance-name

Property Group
Log Message Elements To Include
Description
Indicates whether log messages should include the instance name for the Directory Server.
Default Value
true
Allowed Values
true
false
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action

include-startup-id

Property Group
Log Message Elements To Include
Description
Indicates whether log messages should include the startup ID for the Directory Server, which is a value assigned to the server instance at startup and may be used to identify when the server has been restarted.
Default Value
true
Allowed Values
true
false
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action

generify-message-strings-when-possible

Property Group
Log Message Elements To Include
Description
Indicates whether to use the generified version of the log message string (which may use placeholders like %s for a string or %d for an integer), rather than the version of the message with those placeholders replaced with specific values that would normally be written to the log. Using generified versions of message strings may make those messages somewhat less useful since context-specific detail will not be included in the log message, but they may improve privacy and security because any potentially sensitive information will have been redacted.
Note that in some cases, it may not be possible to completely generify message strings. For example, it is not possible to generify messages that originate outside the server codebase (like messages generated by a third-party library or received from an external service).
Default Value
false
Allowed Values
true
false
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action


Advanced Properties

queue-size (Advanced Property)

Property Group
Syslog Configuration
Description
The maximum number of log records that can be stored in the asynchronous queue. The server will continuously flush messages from the queue to the log. That is, it does not wait for the queue to fill up before flushing to the log. Lowering this value can impact performance.
Default Value
100000
Allowed Values
An integer value. Lower limit is 1000. Upper limit is 100000 .
Multi-Valued
No
Required
No
Admin Action Required
The Syslog JSON Error Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.

include-thread-id (Advanced Property)

Property Group
Log Message Elements To Include
Description
Indicates whether log messages should include the thread ID for the Directory Server in each log message. This ID can be used to correlate log messages from the same thread within a single log as well as generated by the same thread across different types of log files. More information about the thread with a specific ID can be obtained using the cn=JVM Stack Trace,cn=monitor entry.
Default Value
true
Allowed Values
true
false
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action


dsconfig Usage

To list the configured Log Publishers:

dsconfig list-log-publishers
     [--property {propertyName}] ...

To view the configuration for an existing Log Publisher:

dsconfig get-log-publisher-prop
     --publisher-name {name}
     [--tab-delimited]
     [--script-friendly]
     [--property {propertyName}] ...

To update the configuration for an existing Log Publisher:

dsconfig set-log-publisher-prop
     --publisher-name {name}
     (--set|--add|--remove) {propertyName}:{propertyValue}
     [(--set|--add|--remove) {propertyName}:{propertyValue}] ...

To create a new Syslog JSON Error Log Publisher:

dsconfig create-log-publisher
     --publisher-name {name}
     --type {type}
     --set enabled:{propertyValue}
     --set syslog-external-server:{propertyValue}
     [--set {propertyName}:{propertyValue}] ...

To delete an existing Log Publisher:

dsconfig delete-log-publisher
     --publisher-name {name}