TrasparentSyslogSender Problems

[jadzwing]

There are issues with TransparentSyslogSender class. First of all, when creating an output based on it, there is a "silent" exception thrown, and the output is changed to PlainSyslog, as defined in SyslogOutput class (see the stack trace below, please). Second, it is not going to work as transparent, as msg.getMessage() in TransparentSyslogSender does not return the complete original message, header is not returned, and you may loose e.g. app name https://tools.ietf.org/html/rfc5424#section-6.2.5. Instead, if you want to get full message, you need to use msg.getField("message"); and change config in SyslogOutput as in case of PlainSender (setSendLocalName(false) and setSendLocalTimestamp(false))). I verified it in version 2.4.5, did not want to use 2.5.1 because of the problems with TransparentSyslogSender which you see below. After changes I described above, it works properly as transparent.

Sorry for typos in the text at the bottom, it is a conversion from a screen capture): Caused by: java.lang.IllegalArgumentException: Unable to accept format: transparent Caused by: java.lang.IllegalArgumentException: Unknown format: transparent com.google.common.util.concurrent.UncheckedExecutionException: java.lang.IllegalArgumentException: Unable to accept format: transparent Caused by: java.lang.IllegalArgumentException: Unable to accept format: transparent Caused by: java.lang.IllegalargumentException: Unknown format: transparent com.google.common.util.concurrent .UncheckedExecutionException: java.lang.IllegalargumentException: Unable to accept format: transparent Caused by: java.lang.IllegalArgumentException: Unable to accept format: transparent Caused by: java.lang.IllegalArgumentException: Unknown format: transparent com.google.common.util.concurrent .UncheckedExecutionException: java.lang.IllegalArgumentException: Unable to accept format: transparent Caused by: java.lang.IllegalargumentException: Unable to accept format: transparent Caused by: java.lang.IllegalArgumentException: Unknown format: transparent 2019-11-19 15:34:56,174 INFO : com.wizecore.graylog2.plugin.SyslogOutput - Creating syslog output udp://x.x.x.x:514, format transparent com.google.common.util.concurrent .UncheckedExecutionException: java.lang.IllegalArgumentException: Unable to accept format: transparent Caused by: java.lang.ILlegalArgumentException: Unable to accept format: transparent Caused by: java.lang.IllegalArgumentException: Unknown format: transparent com.google.common.util.concurrent .UncheckedExecutionException: java.lang.IllegalArgumentException: Unable to accept format: transparent Caused by: java.lang.TllegalArgumentException: Unable to accept format: transparent Caused by: java. lang.IltegalargumentException: Unknown format: transparent com.google.common.util.concurrent .UncheckedExecutionException: java.lang.IllegalArgumentException: Unable to accept format: transparent Caused by: java.lang.IllegalArgumentException: Unable to accept format: transparent Caused by: java.lang.IliegalargumentException: Unknown format: transparent com.google.common.util concurrent .UncheckedExecutionException: java.lang.IllegalArgumentException: Unable to accept format: transparent Caused by: java.lang.IlltegalArgumentException: Unable to accept format: transparent Caused by: java.lang.IllegalargumentException: Unknown format: transparent com.google.common.util.concurrent.UncheckedExecutionException: java.lang.IllegalargumentException: Unable to accept format: transparent Caused by: java.lang.IllegalArgumentException: Unable to accept format: transparent Caused by: java.lang.IlltegalArgumentException: Unknown format: transparent 2019-11-20 11:50:25,253 INFO : com.wizecore.graylog2.plugin.SyslogOutput - Creating syslog output tcp://16.173.2.68:514, format transparent com.google.common.util.concurrent.UncheckedExecutionException: java.lang.IllegalArgumentException: Unable to accept format: transparent Caused by: java.lang.IllegalArgumentException: Unable to accept format: transparent Caused by: java.lang.IllegalargumentException: Unknown format: transparent com.google.common.util.concurrent .UncheckedExecutionException: java.lang.IllegalArgumentException: Unable to accept format: transparent Caused by: java.lang.IllegalArgumentException: Unable to accept format: transparent Caused by: java.lang.IllegalArgumentException: Unknown format: transparent com.google.common.util.concurrent.UncheckedExecutionException: java.lang.IllegalArgumentException: Unable to accept format: transparent Caused by: java.lang.IllegalArgumentException: Unable to accept format: transparent Caused by: java.lang.IllegalargumentException: Unknown format: transparent com.google.common.util.concurrent .UncheckedExecutionException: java.lang.IllegalArgumentException: Unable to accept format: transparent Caused by: java.lang.IllegalArgumentException: Unable to accept format: transparent Caused by: java.lang.IllegalArgumentException: Unknown format: transparent com. google. common .util.concurrent .UncheckedExecutionException: java.lang.IllegalargumentException: Unable to accept format: transparent Caused by: java.lang.IllegalargumentException: Unable to accept format: transparent Caused by: java.lang.TllegalArgumentException: Unknown format: transparent com.google.common.util.concurrent.UncheckedExecutionException: java.lang.IllegalArgumentException: Unable to accept format: transparent Caused by: java.lang.IllegalArgumentException: Unable to accept format: transparent Caused by: java.lang.IllegalArgumentException: Unknown format: transparent com. google. common.util.concurrent.UncheckedExecutionException: java.lang.IllegalargumentException: Unable to accept format: transparent Caused by: java.lang.TlltegalArgumentException: Unable to accept format: transparent Caused by: java. lang.IltegalArgumentException: Unknown format: transparent

[huksley]

Working as intended right now. transparent working and Syslog4j have certain limitations which can not be overcome without rewriting syslog core library.