1

I use syslog4j (current version from 2011) to receive syslog messages. Obviously some of them are not processed and I can see using wireshark that they leave the originating server and arrive on my server which runs the syslog4j program.

Unfortunately I am limited to using syslog with udp as this is the only configuration the sender supports. But as I can see the packets in the wireshark this does not seem to be the cause of the problem.

My program looks like this:

SyslogServerIF syslogServer = SyslogServer.getInstance("udp");

SyslogServerConfigIF syslogServerConfig = syslogServer.getConfig();
syslogServerConfig.addEventHandler( new MyEventHandler());
SyslogServer.getThreadedInstance("udp");

while (true) {
    SyslogUtility.sleep(1000);
}

My (abbreviated) version of the Handler is written this way:

public class MyEventHandler implements SyslogServerSessionEventHandlerIF {
  public void event(Object session, SyslogServerIF syslogServer,
            SocketAddress socketAddress, SyslogServerEventIF event) {
    System.out.println("event.msg : " + event.getMessage());
    System.out.println("event.date: " + event.getDate());
  }
}

There is no high load on the application (about 100 messages in 5 minutes) but 10 to 20% of the messages are lost

4

0 回答 0