001/* 002 * Licensed to the Apache Software Foundation (ASF) under one or more 003 * contributor license agreements. See the NOTICE file distributed with 004 * this work for additional information regarding copyright ownership. 005 * The ASF licenses this file to You under the Apache license, Version 2.0 006 * (the "License"); you may not use this file except in compliance with 007 * the License. You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the license for the specific language governing permissions and 015 * limitations under the license. 016 */ 017package org.apache.logging.log4j.core.appender; 018 019import org.apache.logging.log4j.core.Filter; 020import org.apache.logging.log4j.core.Layout; 021import org.apache.logging.log4j.core.config.Configuration; 022import org.apache.logging.log4j.core.config.plugins.*; 023import org.apache.logging.log4j.core.helpers.Booleans; 024import org.apache.logging.log4j.core.layout.LoggerFields; 025import org.apache.logging.log4j.core.layout.RFC5424Layout; 026import org.apache.logging.log4j.core.layout.SyslogLayout; 027import org.apache.logging.log4j.core.net.AbstractSocketManager; 028import org.apache.logging.log4j.core.net.Advertiser; 029import org.apache.logging.log4j.core.net.TLSSocketManager; 030import org.apache.logging.log4j.core.net.ssl.SSLConfiguration; 031 032import java.io.Serializable; 033 034/** 035 * 036 * Secure Syslog Appender. 037 */ 038@Plugin(name = "TLSSyslog", category = "Core", elementType = "appender", printObject = true) 039public final class TLSSyslogAppender extends SyslogAppender { 040 041 042 protected TLSSyslogAppender(String name, Layout<? extends Serializable> layout, Filter filter, 043 boolean ignoreExceptions, boolean immediateFlush, AbstractSocketManager manager, 044 Advertiser advertiser) { 045 super(name, layout, filter, ignoreExceptions, immediateFlush, manager, advertiser); 046 } 047 048 /** 049 * Create a SyslogAppender. 050 * @param host The name of the host to connect to. 051 * @param portNum The port to connect to on the target host. 052 * @param sslConfig The SSL configuration 053 * @param delay The interval in which failed writes should be retried. 054 * @param immediateFail True if the write should fail if no socket is immediately available. 055 * @param name The name of the Appender. 056 * @param immediateFlush "true" if data should be flushed on each write. 057 * @param ignore If {@code "true"} (default) exceptions encountered when appending events are logged; otherwise 058 * they are propagated to the caller. 059 * @param facility The Facility is used to try to classify the message. 060 * @param id The default structured data id to use when formatting according to RFC 5424. 061 * @param ein The IANA enterprise number. 062 * @param includeMDC Indicates whether data from the ThreadContextMap will be included in the RFC 5424 Syslog 063 * record. Defaults to "true:. 064 * @param mdcId The id to use for the MDC Structured Data Element. 065 * @param mdcPrefix The prefix to add to MDC key names. 066 * @param eventPrefix The prefix to add to event key names. 067 * @param includeNL If true, a newline will be appended to the end of the syslog record. The default is false. 068 * @param escapeNL String that should be used to replace newlines within the message text. 069 * @param appName The value to use as the APP-NAME in the RFC 5424 syslog record. 070 * @param msgId The default value to be used in the MSGID field of RFC 5424 syslog records. 071 * @param excludes A comma separated list of mdc keys that should be excluded from the LogEvent. 072 * @param includes A comma separated list of mdc keys that should be included in the FlumeEvent. 073 * @param required A comma separated list of mdc keys that must be present in the MDC. 074 * @param format If set to "RFC5424" the data will be formatted in accordance with RFC 5424. Otherwise, 075 * it will be formatted as a BSD Syslog record. 076 * @param filter A Filter to determine if the event should be handled by this Appender. 077 * @param config The Configuration. 078 * @param charsetName The character set to use when converting the syslog String to a byte array. 079 * @param exceptionPattern The converter pattern to use for formatting exceptions. 080 * @param loggerFields The logger fields 081 * @param advertise Whether to advertise 082 * @return A TLSSyslogAppender. 083 */ 084 @PluginFactory 085 public static TLSSyslogAppender createAppender(@PluginAttribute("host") final String host, 086 @PluginAttribute("port") final String portNum, 087 @PluginElement("ssl") final SSLConfiguration sslConfig, 088 @PluginAttribute("reconnectionDelay") final String delay, 089 @PluginAttribute("immediateFail") final String immediateFail, 090 @PluginAttribute("name") final String name, 091 @PluginAttribute("immediateFlush") final String immediateFlush, 092 @PluginAttribute("ignoreExceptions") final String ignore, 093 @PluginAttribute("facility") final String facility, 094 @PluginAttribute("id") final String id, 095 @PluginAttribute("enterpriseNumber") final String ein, 096 @PluginAttribute("includeMDC") final String includeMDC, 097 @PluginAttribute("mdcId") final String mdcId, 098 @PluginAttribute("mdcPrefix") final String mdcPrefix, 099 @PluginAttribute("eventPrefix") final String eventPrefix, 100 @PluginAttribute("newLine") final String includeNL, 101 @PluginAttribute("newLineEscape") final String escapeNL, 102 @PluginAttribute("appName") final String appName, 103 @PluginAttribute("messageId") final String msgId, 104 @PluginAttribute("mdcExcludes") final String excludes, 105 @PluginAttribute("mdcIncludes") final String includes, 106 @PluginAttribute("mdcRequired") final String required, 107 @PluginAttribute("format") final String format, 108 @PluginElement("filters") final Filter filter, 109 @PluginConfiguration final Configuration config, 110 @PluginAttribute("charset") final String charsetName, 111 @PluginAttribute("exceptionPattern") final String exceptionPattern, 112 @PluginElement("LoggerFields") final LoggerFields[] loggerFields, 113 @PluginAttribute("advertise") final String advertise) { 114 final boolean isFlush = Booleans.parseBoolean(immediateFlush, true); 115 final boolean ignoreExceptions = Booleans.parseBoolean(ignore, true); 116 final int reconnectDelay = AbstractAppender.parseInt(delay, 0); 117 final boolean fail = Booleans.parseBoolean(immediateFail, true); 118 final int port = AbstractAppender.parseInt(portNum, 0); 119 final boolean isAdvertise = Boolean.parseBoolean(advertise); 120 @SuppressWarnings("unchecked") 121 final Layout<? extends Serializable> layout = (RFC5424.equalsIgnoreCase(format) ? 122 RFC5424Layout.createLayout(facility, id, ein, includeMDC, mdcId, mdcPrefix, eventPrefix, includeNL, 123 escapeNL, appName, msgId, excludes, includes, required, exceptionPattern, "true" ,loggerFields, 124 config) : 125 SyslogLayout.createLayout(facility, includeNL, escapeNL, charsetName)); 126 127 if (name == null) { 128 LOGGER.error("No name provided for TLSSyslogAppender"); 129 return null; 130 } 131 final AbstractSocketManager manager = createSocketManager(sslConfig, host, port, reconnectDelay, fail, layout); 132 if (manager == null) { 133 return null; 134 } 135 136 return new TLSSyslogAppender(name, layout, filter, ignoreExceptions, isFlush, manager, 137 isAdvertise ? config.getAdvertiser() : null); 138 } 139 140 public static AbstractSocketManager createSocketManager(SSLConfiguration sslConf, String host, int port, 141 int reconnectDelay, boolean fail, 142 Layout<? extends Serializable> layout) { 143 return TLSSocketManager.getSocketManager(sslConf, host, port, reconnectDelay, fail, layout); 144 } 145}