log4j2 syslog 数据报大小超过 UDP 的限制
Posted
技术标签:
【中文标题】log4j2 syslog 数据报大小超过 UDP 的限制【英文标题】:log4j2 syslog datagram size eceeds limit for UDP 【发布时间】:2017-08-10 08:58:56 【问题描述】:我在log4j2 Syslog appender 中使用UDP,我已经以编程方式配置了appender,消息被记录到控制台和系统日志中,除非消息大于65446 个字符,否则它工作正常。
Syslog (Log4j2) 中的UDP 有什么方法可以增加通过网络发送的消息的限制大小..
我将不胜感激任何形式的帮助....
以下是它抛出的错误-:
2017-08-10 14:12:21,321 main ERROR Unable to write to stream UDP:localhost:514 for appender Bill: org.apache.logging.log4j.core.appender.AppenderLoggingException: Error flushing stream UDP:localhost:514
2017-08-10 14:12:21,322 main ERROR An exception occurred processing Appender Bill org.apache.logging.log4j.core.appender.AppenderLoggingException: Error flushing stream UDP:localhost:514
at org.apache.logging.log4j.core.appender.OutputStreamManager.flushDestination(OutputStreamManager.java:272)
at org.apache.logging.log4j.core.appender.OutputStreamManager.write(OutputStreamManager.java:228)
at org.apache.logging.log4j.core.appender.OutputStreamManager.write(OutputStreamManager.java:201)
at org.apache.logging.log4j.core.appender.AbstractOutputStreamAppender.writeByteArrayToManager(AbstractOutputStreamAppender.java:186)
at org.apache.logging.log4j.core.appender.SocketAppender.directEncodeEvent(SocketAppender.java:446)
at org.apache.logging.log4j.core.appender.AbstractOutputStreamAppender.tryAppend(AbstractOutputStreamAppender.java:170)
at org.apache.logging.log4j.core.appender.AbstractOutputStreamAppender.append(AbstractOutputStreamAppender.java:161)
at org.apache.logging.log4j.core.config.AppenderControl.tryCallAppender(AppenderControl.java:156)
at org.apache.logging.log4j.core.config.AppenderControl.callAppender0(AppenderControl.java:129)
at org.apache.logging.log4j.core.config.AppenderControl.callAppenderPreventRecursion(AppenderControl.java:120)
at org.apache.logging.log4j.core.config.AppenderControl.callAppender(AppenderControl.java:84)
at org.apache.logging.log4j.core.config.LoggerConfig.callAppenders(LoggerConfig.java:448)
at org.apache.logging.log4j.core.config.LoggerConfig.processLogEvent(LoggerConfig.java:433)
at org.apache.logging.log4j.core.config.LoggerConfig.log(LoggerConfig.java:417)
at org.apache.logging.log4j.core.config.LoggerConfig.log(LoggerConfig.java:403)
at org.apache.logging.log4j.core.config.AwaitCompletionReliabilityStrategy.log(AwaitCompletionReliabilityStrategy.java:63)
at org.apache.logging.log4j.core.Logger.logMessage(Logger.java:146)
at org.apache.logging.log4j.spi.AbstractLogger.logMessageSafely(AbstractLogger.java:2091)
at org.apache.logging.log4j.spi.AbstractLogger.logMessage(AbstractLogger.java:1988)
at org.apache.logging.log4j.spi.AbstractLogger.logIfEnabled(AbstractLogger.java:1960)
at org.apache.logging.log4j.spi.AbstractLogger.debug(AbstractLogger.java:311)
at Log4j2Example.main(Log4j2Example.java:81)
Caused by: java.net.SocketException: The message is larger than the maximum supported by the underlying transport: Datagram send failed
at java.net.DualStackPlainDatagramSocketImpl.socketSend(Native Method)
at java.net.DualStackPlainDatagramSocketImpl.send(Unknown Source)
at java.net.DatagramSocket.send(Unknown Source)
at org.apache.logging.log4j.core.net.DatagramOutputStream.flush(DatagramOutputStream.java:103)
at org.apache.logging.log4j.core.appender.OutputStreamManager.flushDestination(OutputStreamManager.java:270)
... 21 more
【问题讨论】:
【参考方案1】:UDP 消息的大小只能为 65,507 字节。如果您需要更大的消息,请使用不同的传输层。
【讨论】:
或者如果是 @EJP:这对 UDP 有何帮助? UDP 数据报的大小是有限制的。【参考方案2】:我遇到了同样的错误,我使用此处提供的自定义 JSONLayout 解决了它:https://github.com/vy/log4j2-logstash-layout。
我猜这个布局比 log4j2 提供的标准布局更简洁。 所以现在我可以通过 UDP 发送消息,即使是包含大堆栈跟踪的消息。
所以我的 log4j2.xml 看起来像:
<Socket name="Logstash" host="hostname" port="portnumber" protocol="UDP" immediateFlush="false" ignoreExceptions="true">
<LogstashLayout dateTimeFormatPattern="yyyy-MM-dd'T'HH:mm:ss.SSSZZZ" eventTemplateUri="classpath:LogstashJsonEventLayoutV1.json" prettyPrintEnabled="true" stackTraceEnabled="true" />
</Socket>
【讨论】:
以上是关于log4j2 syslog 数据报大小超过 UDP 的限制的主要内容,如果未能解决你的问题,请参考以下文章