Start a new topic

Send Commander logs to a remote syslog Server


If you want to send your Commander(8.0.0 and higher) logs to a remote Syslog server as part of an overall IT Security policy and Compliance. This is a quick sample on how to edit the log4j2.xml to send messages to a Syslog server such as Sumologic or Splunk. There are 7 lines that need to be added to the log4J2.xml in commander to enable sending logs to a syslog server.


On your commander server open the log4j2.xml typically located in "C:/Program Files/Embotics/vCommander/tomcat/common/classes" the first main block in the file is the <Appenders> Block navigate to the bottom of that block around line:60 of the file designated by </Appenders>.  Before the end of the Appenders block we are going to add a new block for Syslog. 


Add this block replacing the Host IP address with the IP of your syslog servers receiving address:


<Socket 
      name="SysLogAppender" 
      host="10.220.4.10" 
      port="514" protocol="UDP">
      <PatternLayout pattern="&lt;%level{TRACE=7, DEBUG=7, INFO=6, WARN=4, ERROR=3, Fatal=0}&gt;${hostName} - %d{MMM d hh:mm:ss} - %logger{} - %msg%n"/>
    </Socket>



Find the beginning of the <Loggers> block and the first block in that should be the Root logger block. we will need to add in the SysLogAppender block we created. 


<AppenderRef ref="SysLogAppender"/>  


Your Log4j2 should now look something like this:



After saving the file... No Reboot Required. You should start to see data populating. If not check to make sure you have the correct listening address on the syslog server and port that's being used for syslog.


Login or Signup to post a comment