...
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
<appender name="IDP_SYSLOG" class="ch.qos.logback.classic.net.SyslogAppender"> <SyslogHost>syslog.example.org</SyslogHost> <Port>514</Port> <Facility>AUTH</Facility> <SuffixPattern>[%logger:%line] %msg</SuffixPattern> </appender> <!-- add syslog appender at root logger level --> <root> <appender-ref ref="IDP_SYSLOG" /> </root> root> |
This doesn't introduce a single point of failure because syslog is a send-and-forget protocol over UDP, so if a log message is never recorded on the central log server for some reason, the IdP will not be aware of this failure. For this reason, it can be wise to still log locally in addition to centrally with prudent rotation policies.
Logging Behind a Reverse Proxy
...