Log4net
  1. Log4net
  2. LOG4NET-370

RemoteSyslogAppender doesn't properly handle newline in log message

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.2.12
    • Component/s: Appenders
    • Labels:
      None
    • Environment:
      All

      Description

      RemoteSyslogAppender sends log messages containing newline characters to syslog, however the syslog RFC 3164 states that the message portion of the syslog packet can only contain visible ASCII characters and spaces. This causes multiline log messages to render on a single line in at least some instances.

      The solution appears to be sending each line of the log message as a separate syslog packet. I have modified RemoteSyslogAppender to support this behavior and will provide a patch file.

      Here is the relevant portion of the RFC:

      4.1.3 MSG Part of a syslog Packet

      The MSG part will fill the remainder of the syslog packet. This will
      usually contain some additional information of the process that
      generated the message, and then the text of the message. There is no
      ending delimiter to this part. The MSG part of the syslog packet
      MUST contain visible (printing) characters. The code set
      traditionally and most often used has also been seven-bit ASCII in an
      eight-bit field like that used in the PRI and HEADER parts. In this
      code set, the only allowable characters are the ABNF VCHAR values
      (%d33-126) and spaces (SP value %d32). However, no indication of the
      code set used within the MSG is required, nor is it expected. Other
      code sets MAY be used as long as the characters used in the MSG are
      exclusively visible characters and spaces similar to those described
      above. The selection of a code set used in the MSG part SHOULD be
      made with thoughts of the intended receiver. A message containing
      characters in a code set that cannot be viewed or understood by a
      recipient will yield no information of value to an operator or
      administrator looking at it.

      http://www.ietf.org/rfc/rfc3164.txt

      1. RemoteSyslogAppender.cs.revised4.patch
        5 kB
        Jarrod Alexander
      2. RemoteSyslogAppender.cs.revised3.patch
        6 kB
        Jarrod Alexander
      3. RemoteSyslogAppender.cs.revised2.patch
        5 kB
        Jarrod Alexander
      4. RemoteSyslogAppender.cs.revised.patch
        6 kB
        Dominik Psenner
      5. RemoteSyslogAppender.cs.patch
        3 kB
        Jarrod Alexander

        Activity

        Jarrod Alexander created issue -
        Jarrod Alexander made changes -
        Field Original Value New Value
        Attachment RemoteSyslogAppender.cs.patch [ 12575362 ]
        Jarrod Alexander made changes -
        Environment All
        Dominik Psenner made changes -
        Assignee Dominik Psenner [ nachbarslumpi ]
        Dominik Psenner made changes -
        Status Open [ 1 ] In Progress [ 3 ]
        Dominik Psenner made changes -
        Attachment RemoteSyslogAppender.cs.revised.patch [ 12575525 ]
        Jarrod Alexander made changes -
        Attachment RemoteSyslogAppender.cs.revised2.patch [ 12575533 ]
        Dominik Psenner made changes -
        Fix Version/s 1.2.12 [ 12318546 ]
        Jarrod Alexander made changes -
        Attachment RemoteSyslogAppender.cs.revised3.patch [ 12575716 ]
        Jarrod Alexander made changes -
        Attachment RemoteSyslogAppender.cs.revised4.patch [ 12576710 ]
        Dominik Psenner made changes -
        Status In Progress [ 3 ] Resolved [ 5 ]
        Resolution Fixed [ 1 ]

          People

          • Assignee:
            Dominik Psenner
            Reporter:
            Jarrod Alexander
          • Votes:
            1 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development