DZone Snippets is a public source code repository. Easily build up your personal collection of code snippets, categorize them with tags / keywords, and share them with the world

Snippets has posted 5883 posts at DZone. View Full User Profile

Configure Log4j To Send It's Logs To Splunk

12.16.2010
| 5790 views |
  • submit to reddit
        Add 'syslog' to rootCategory
log4j.rootCategory=INFO, fileAppender, console, syslog
Add following configuration to log4j.properties
#Syslog appender
log4j.appender.syslog=org.apache.log4j.net.SyslogAppender
log4j.appender.syslog.layout=org.apache.log4j.PatternLayout
log4j.appender.syslog.layout.ConversionPattern=%-5p %d [%t] %c: %m%n
log4j.appender.syslog.SyslogHost=[syslog-ip-address-or-logical-name] 
log4j.appender.syslog.facility=
The output of the log file of your server is now routed to the syslog server. 
You can now access the log via Splunk with following query eg. 
host="my-server-ip"