Uploaded image for project: 'Log4net'
  1. Log4net
  2. LOG4NET-370

RemoteSyslogAppender doesn't properly handle newline in log message



    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.2.12
    • Component/s: Appenders
    • Labels:
    • Environment:


      RemoteSyslogAppender sends log messages containing newline characters to syslog, however the syslog RFC 3164 states that the message portion of the syslog packet can only contain visible ASCII characters and spaces. This causes multiline log messages to render on a single line in at least some instances.

      The solution appears to be sending each line of the log message as a separate syslog packet. I have modified RemoteSyslogAppender to support this behavior and will provide a patch file.

      Here is the relevant portion of the RFC:

      4.1.3 MSG Part of a syslog Packet

      The MSG part will fill the remainder of the syslog packet. This will
      usually contain some additional information of the process that
      generated the message, and then the text of the message. There is no
      ending delimiter to this part. The MSG part of the syslog packet
      MUST contain visible (printing) characters. The code set
      traditionally and most often used has also been seven-bit ASCII in an
      eight-bit field like that used in the PRI and HEADER parts. In this
      code set, the only allowable characters are the ABNF VCHAR values
      (%d33-126) and spaces (SP value %d32). However, no indication of the
      code set used within the MSG is required, nor is it expected. Other
      code sets MAY be used as long as the characters used in the MSG are
      exclusively visible characters and spaces similar to those described
      above. The selection of a code set used in the MSG part SHOULD be
      made with thoughts of the intended receiver. A message containing
      characters in a code set that cannot be viewed or understood by a
      recipient will yield no information of value to an operator or
      administrator looking at it.



        1. RemoteSyslogAppender.cs.patch
          3 kB
          Jarrod Alexander
        2. RemoteSyslogAppender.cs.revised.patch
          6 kB
          Dominik Psenner
        3. RemoteSyslogAppender.cs.revised2.patch
          5 kB
          Jarrod Alexander
        4. RemoteSyslogAppender.cs.revised3.patch
          6 kB
          Jarrod Alexander
        5. RemoteSyslogAppender.cs.revised4.patch
          5 kB
          Jarrod Alexander

          Issue Links



              • Assignee:
                nachbarslumpi Dominik Psenner
                jarroda Jarrod Alexander
              • Votes:
                1 Vote for this issue
                2 Start watching this issue


                • Created: