Sends Syslog messages to a given host and port over TCP or UDP. Messages are constructed from the "Message ___" properties of the processor which can use expression language to generate messages from incoming FlowFiles. The properties are used to construct messages of the form: (<PRIORITY>)(VERSION )(TIMESTAMP) (HOSTNAME) (BODY) where version is optional. The constructed messages are checked against regular expressions for RFC5424 and RFC3164 formatted messages. The timestamp can be an RFC5424 timestamp with a format of "yyyy-MM-dd'T'HH:mm:ss.SZ" or "yyyy-MM-dd'T'HH:mm:ss.S+hh:mm", or it can be an RFC3164 timestamp with a format of "MMM d HH:mm:ss". If a message is constructed that does not form a valid Syslog message according to the above description, then it is routed to the invalid relationship. Valid messages are sent to the Syslog server and successes are routed to the success relationship, failures routed to the failure relationship.
syslog, put, udp, tcp, logs
In the list below, the names of required properties appear in bold. Any other properties (not in bold) are considered optional. The table also indicates any default values, and whether a property supports the NiFi Expression Language.
Name | Default Value | Allowable Values | Description |
---|---|---|---|
Hostname | localhost | The ip address or hostname of the Syslog server. | |
Protocol | UDP |
| The protocol for Syslog communication, either TCP or UDP. |
Port | The port for Syslog communication. | ||
SSL Context Service | Controller Service API: SSLContextService Implementation: StandardSSLContextService | The Controller Service to use in order to obtain an SSL Context. If this property is set, syslog messages will be sent over a secure connection. | |
Idle Connection Expiration | 5 seconds | The amount of time a connection should be held open without being used before closing the connection. | |
Send Buffer Size | 2048 B | The size of each buffer used to send a Syslog message. Adjust this value appropriately based on the expected size of the Syslog messages being produced. Messages larger than this buffer size will still be sent, but will not make use of the buffer pool. | |
Batch Size | 25 | The number of incoming FlowFiles to process in a single execution of this processor. | |
Character Set | UTF-8 | Specifies which character set of the Syslog messages | |
Message Priority | The priority for the Syslog messages, excluding < >. Supports Expression Language: true | ||
Message Version | The version for the Syslog messages. Supports Expression Language: true | ||
Message Timestamp | ${now():format('MMM d HH:mm:ss')} | The timestamp for the Syslog messages. The timestamp can be an RFC5424 timestamp with a format of "yyyy-MM-dd'T'HH:mm:ss.SZ" or "yyyy-MM-dd'T'HH:mm:ss.S+hh:mm", " or it can be an RFC3164 timestamp with a format of "MMM d HH:mm:ss". Supports Expression Language: true | |
Message Hostname | ${hostname(true)} | The hostname for the Syslog messages. Supports Expression Language: true | |
Message Body | The body for the Syslog messages. Supports Expression Language: true |
Name | Description |
---|---|
failure | FlowFiles that failed to send to Syslog are sent out this relationship. |
invalid | FlowFiles that do not form a valid Syslog message are sent out this relationship. |
success | FlowFiles that are sent successfully to Syslog are sent out this relationship. |