Hello Community,
we have to implement transactional logging from Multi-Protocol Gateway processing rule to a remote syslog sevrer using syslog-tcp protocol.
Transactional data is XML, <AuditMessage>...more XML.. </AuditMessage>
We did use ResultsAction, Destination ist set to syslog-tcp:///server:port
We have to create syslog message format as described in https://datatracker.ietf.org/doc/html/rfc5424 ..
The data, send to remote syslog sever is: <AuditMessage>...more XML.. </AuditMessage>
The syslog HEADER is: 1851 <110>1 2021-09-21T16:00:00Z HOSTNAME,open,10688 1
The remote syslog server requires the following:
xxxxxxxxxxxxxxxxx schnipp xxxxxxxxxxxxxxxxxx
1851 <110>1 2021-09-21T16:00:00Z HOSTNAME,open,10688 1 <AuditMessage>...more XML.. </AuditMessage>
xxxxxxxxxxxxxxxxx schnapp xxxxxxxxxxxxxxxxxx
So we have to implement transactional logging "xml over syslog-tcp".
It seems, datapower does not care about creating the syslog HEADER as specified in RFC5424
Is there anybody out there, who can report on how to realize it?
Thanks to all, Eckehard
------------------------------
Eckehard Schulze
------------------------------