Reply
Highlighted
New Contributor
Posts: 1
Registered: ‎11-19-2015

Unable to configure SYSLOG appender for Navigator

Hi,

I'm having issues trying to have audit logs forwarded to SYSLOG (rsyslogd)
Running CDH 5.4.2.0

Here's what I've done :

Step #1 :

In the Namenode logging safety valve, I added the following :

log4j.logger.auditStream = TRACE,SYSLOG
log4j.appender.SYSLOG = org.apache.log4j.net.SyslogAppender
log4j.appender.SYSLOG.SyslogHost = localhost
log4j.appender.SYSLOG.layout=org.apache.log4j.PatternLayout
log4j.appender.SYSLOG.layout.ConversionPattern=%d{ISO8601} %p %c: %m%n
log4j.appender.SYSLOG.Facility = Local2
log4j.appender.SYSLOG.FacilityPrinting = true

That did not make it work.

Step #2:

Digging a bit more, I found that the Log4j SyslogAppender supports only UDP. Finally I changed the /etc/rsyslog.conf file as:
$ModLoad imudp
$UDPServerRun 514
local2.* /var/log/navigtrail.log

After this I restarted the rsyslog using "/etc/init.d/rsyslog restart". Still not working. Any help would be welcome. I have no clue why syslog is not working.

Thanks

Announcements
New solutions