### Install Serilog.Sinks.SyslogMessages NuGet Package Source: https://github.com/ionxsolutions/serilog-sinks-syslog/blob/master/README.md Use this command to install the necessary NuGet package for Serilog syslog integration. ```powershell Install-Package Serilog.Sinks.SyslogMessages ``` -------------------------------- ### Configure Secure TCP Syslog Sink with TLS and Client Authentication Source: https://github.com/ionxsolutions/serilog-sinks-syslog/blob/master/README.md This example demonstrates configuring a secure TCP Syslog sink using TLS. It specifies the host, port, formatter, framer, and enables TLS. Client authentication is configured using a CertificateFileProvider and a custom validation callback. ```csharp var tcpConfig = new SyslogTcpConfig { Host = "10.10.10.14", Port = 6514, Formatter = new Rfc5424Formatter(), Framer = new MessageFramer(FramingType.OCTET_COUNTING), UseTls = true, CertProvider = new CertificateFileProvider("MyClientCert.pfx"), CertValidationCallback = (sender, certificate, chain, sslPolicyErrors) => { // Check the server certificate here return true; } }; var log = new LoggerConfiguration() .WriteTo.TcpSyslog(tcpConfig) .CreateLogger(); ``` -------------------------------- ### Example RFC3164 Syslog Message Source: https://github.com/ionxsolutions/serilog-sinks-syslog/blob/master/README.md An example of a log message formatted according to the RFC3164 standard. ```text <12>Dec 19 04:01:02 MYHOST MyApp[1912]: [Source.Context] This is a test message ``` -------------------------------- ### Install rsyslog-gnutls package Source: https://github.com/ionxsolutions/serilog-sinks-syslog/blob/master/README.md Install the rsyslog-gnutls package to enable TLS support for Rsyslog. Adjust the command based on your system's package manager. ```bash # yum install rsyslog-gnutls ``` -------------------------------- ### Example RFC5424 Syslog Message Source: https://github.com/ionxsolutions/serilog-sinks-syslog/blob/master/README.md An example of a log message formatted according to the RFC5424 standard, including structured data. ```text <12>1 2013-12-19T04:01:02.357852+00:00 MYHOST MyApp 1912 Source.Context [meta Property1="A Value" AnotherProperty="Another Value" SourceContext="Source.Context"] This is a test message ``` -------------------------------- ### Load Client Certificate from File for Syslog TLS Source: https://context7.com/ionxsolutions/serilog-sinks-syslog/llms.txt Implements `ICertificateProvider` by loading a PFX/P12 certificate from disk. Throws if the file is missing or lacks a private key. Configure TCP Syslog with TLS. ```csharp using Serilog.Sinks.Syslog; // Certificate without password var certProvider = new CertificateFileProvider("client.pfx"); // Certificate with password var certProvider = new CertificateFileProvider("client.p12", "p@ssw0rd"); var tcpConfig = new SyslogTcpConfig { Host = "syslog.example.com", Port = 6514, UseTls = true, CertProvider = certProvider, Formatter = new Rfc5424Formatter(), Framer = new MessageFramer(FramingType.OCTET_COUNTING) }; var log = new LoggerConfiguration() .WriteTo.TcpSyslog(tcpConfig) .CreateLogger(); ``` -------------------------------- ### Wire up JSON Configuration in Program.cs Source: https://context7.com/ionxsolutions/serilog-sinks-syslog/llms.txt Load Serilog configuration from appsettings.json in a .NET generic host application. ```csharp using Microsoft.Extensions.Configuration; using Serilog; var configuration = new ConfigurationBuilder() .AddJsonFile("appsettings.json") .Build(); Log.Logger = new LoggerConfiguration() .ReadFrom.Configuration(configuration) .CreateLogger(); ``` -------------------------------- ### Load Client Certificate from Windows Store for Syslog TLS Source: https://context7.com/ionxsolutions/serilog-sinks-syslog/llms.txt Implements `ICertificateProvider` by searching the Windows Certificate Store by thumbprint. Throws if the certificate is not found or has no private key. Configure TCP Syslog with TLS. ```csharp using System.Security.Cryptography.X509Certificates; using Serilog.Sinks.Syslog; var certProvider = new CertificateStoreProvider( storeName: StoreName.My, storeLocation: StoreLocation.LocalMachine, thumbprint: "6C8EA2C439BF560E72A021F2D28264CA4AD0488B" ); var tcpConfig = new SyslogTcpConfig { Host = "syslog.example.com", Port = 6514, UseTls = true, CertProvider = certProvider, Formatter = new Rfc5424Formatter(), Framer = new MessageFramer(FramingType.OCTET_COUNTING) }; var log = new LoggerConfiguration() .WriteTo.TcpSyslog(tcpConfig) .CreateLogger(); ``` -------------------------------- ### Wire up App.config Configuration in Code Source: https://context7.com/ionxsolutions/serilog-sinks-syslog/llms.txt Load Serilog configuration from App.config in a .NET Framework application. ```csharp Log.Logger = new LoggerConfiguration() .ReadFrom.AppSettings() .CreateLogger(); ``` -------------------------------- ### CertificateFileProvider Source: https://context7.com/ionxsolutions/serilog-sinks-syslog/llms.txt Implements ICertificateProvider by loading an X.509 certificate (PFX/P12) from the filesystem for TLS connections. ```APIDOC ## `CertificateFileProvider` — Load a client certificate from disk Implements `ICertificateProvider` by loading an X.509 certificate (PFX/P12) from the filesystem. Throws if the file is missing or contains no private key. ```csharp using Serilog.Sinks.Syslog; // Certificate without password var certProvider = new CertificateFileProvider("client.pfx"); // Certificate with password var certProvider = new CertificateFileProvider("client.p12", "p@ssw0rd"); var tcpConfig = new SyslogTcpConfig { Host = "syslog.example.com", Port = 6514, UseTls = true, CertProvider = certProvider, Formatter = new Rfc5424Formatter(), Framer = new MessageFramer(FramingType.OCTET_COUNTING) }; var log = new LoggerConfiguration() .WriteTo.TcpSyslog(tcpConfig) .CreateLogger(); ``` ``` -------------------------------- ### Supply Client Certificate from X509Certificate2 Instance for Syslog TLS Source: https://context7.com/ionxsolutions/serilog-sinks-syslog/llms.txt Implements `ICertificateProvider` by wrapping a pre-loaded `X509Certificate2` object. Useful for dynamically loaded certificates. Configure TCP Syslog with TLS. ```csharp using System.Security.Cryptography.X509Certificates; using Serilog.Sinks.Syslog; var rawCert = new X509Certificate2(certBytes, "password"); var certProvider = new CertificateProvider(rawCert); var tcpConfig = new SyslogTcpConfig { Host = "syslog.example.com", Port = 6514, UseTls = true, CertProvider = certProvider, Formatter = new Rfc5424Formatter(), Framer = new MessageFramer(FramingType.OCTET_COUNTING) }; var log = new LoggerConfiguration() .WriteTo.TcpSyslog(tcpConfig) .CreateLogger(); ``` -------------------------------- ### CertificateStoreProvider Source: https://context7.com/ionxsolutions/serilog-sinks-syslog/llms.txt Implements ICertificateProvider by loading a client certificate from the Windows Certificate Store using its thumbprint. ```APIDOC ## `CertificateStoreProvider` — Load a client certificate from the Windows Certificate Store Implements `ICertificateProvider` by searching the Windows Certificate Store by thumbprint. Throws if the certificate is not found or has no private key. ```csharp using System.Security.Cryptography.X509Certificates; using Serilog.Sinks.Syslog; var certProvider = new CertificateStoreProvider( storeName: StoreName.My, storeLocation: StoreLocation.LocalMachine, thumbprint: "6C8EA2C439BF560E72A021F2D28264CA4AD0488B" ); var tcpConfig = new SyslogTcpConfig { Host = "syslog.example.com", Port = 6514, UseTls = true, CertProvider = certProvider, Formatter = new Rfc5424Formatter(), Framer = new MessageFramer(FramingType.OCTET_COUNTING) }; var log = new LoggerConfiguration() .WriteTo.TcpSyslog(tcpConfig) .CreateLogger(); ``` ``` -------------------------------- ### Configure Local Syslog Sink on Linux Source: https://context7.com/ionxsolutions/serilog-sinks-syslog/llms.txt Write logs to the local syslog service on Linux using POSIX P/Invoke calls. This sink is a no-op on other platforms. ```csharp using Serilog; using Serilog.Sinks.Syslog; var log = new LoggerConfiguration() .WriteTo.LocalSyslog( appName: "my-daemon", facility: Facility.Daemons, outputTemplate: "{Message:lj}{NewLine}{Exception}", restrictedToMinimumLevel: Serilog.Events.LogEventLevel.Debug ) .CreateLogger(); log.Information("Service started on port {Port}", 8080); // Writes via libc syslog() — visible in /var/log/syslog or journalctl ``` -------------------------------- ### CertificateProvider Source: https://context7.com/ionxsolutions/serilog-sinks-syslog/llms.txt Implements ICertificateProvider by wrapping an existing X509Certificate2 instance, useful for dynamically loaded certificates. ```APIDOC ## `CertificateProvider` — Supply a client certificate from an existing `X509Certificate2` instance Implements `ICertificateProvider` by wrapping a pre-loaded `X509Certificate2` object. Useful when certificates are loaded dynamically (e.g., from Azure Key Vault or a secrets manager). ```csharp using System.Security.Cryptography.X509Certificates; using Serilog.Sinks.Syslog; var rawCert = new X509Certificate2(certBytes, "password"); var certProvider = new CertificateProvider(rawCert); var tcpConfig = new SyslogTcpConfig { Host = "syslog.example.com", Port = 6514, UseTls = true, CertProvider = certProvider, Formatter = new Rfc5424Formatter(), Framer = new MessageFramer(FramingType.OCTET_COUNTING) }; var log = new LoggerConfiguration() .WriteTo.TcpSyslog(tcpConfig) .CreateLogger(); ``` ``` -------------------------------- ### Using ValueBasedLogLevelToSeverityMap for Syslog Source: https://context7.com/ionxsolutions/serilog-sinks-syslog/llms.txt Utilizes a static helper method for a numerically ordered Serilog to syslog severity mapping. Pass this to the `severityMapping` parameter. ```csharp using Serilog; using Serilog.Sinks.Syslog; // Mapping: Verbose→Debug, Debug→Informational, Information→Notice, // Warning→Warning, Error→Error, Fatal→Emergency var log = new LoggerConfiguration() .WriteTo.TcpSyslog( host: "10.10.10.14", severityMapping: SyslogLoggerConfigurationExtensions.ValueBasedLogLevelToSeverityMap ) .CreateLogger(); log.Verbose("Trace path entered"); // → Severity.Debug log.Debug("Cache miss for key {K}", 1); // → Severity.Informational log.Information("Request received"); // → Severity.Notice log.Fatal("Process crash"); // → Severity.Emergency ``` -------------------------------- ### Configure Syslog Sink via App.config Source: https://context7.com/ionxsolutions/serilog-sinks-syslog/llms.txt Configure the Syslog sink via App.config for legacy .NET Framework applications using Serilog's AppSettings reader. ```xml ``` -------------------------------- ### Configure UDP Syslog Sink with Optional Parameters Source: https://github.com/ionxsolutions/serilog-sinks-syslog/blob/master/README.md Configure the UDP Syslog sink with various optional parameters including host, port, application name, message format (RFC5424), facility, and output template. The appName defaults to the process name if not provided. ```csharp var log = new LoggerConfiguration() .WriteTo.UdpSyslog(host: "10.10.10.14", port: 514, appName: "my-app", format: SyslogFormat.RFC5424, facility: SyslogFacility.Local1, outputTemplate: "{Message}") .CreateLogger(); ``` -------------------------------- ### Configure UDP Syslog Sink (Minimal) Source: https://context7.com/ionxsolutions/serilog-sinks-syslog/llms.txt Configures Serilog to send RFC3164 formatted messages to a remote syslog server over UDP using default settings. ```csharp using Serilog; using Serilog.Sinks.Syslog; // Minimal: RFC3164 format, port 514, facility Local0 var log = new LoggerConfiguration() .WriteTo.UdpSyslog("10.10.10.14") .CreateLogger(); ``` -------------------------------- ### Default and Custom Severity Mapping for Syslog Source: https://context7.com/ionxsolutions/serilog-sinks-syslog/llms.txt Demonstrates default, value-based, and custom severity mappings when configuring the Syslog sink. Use custom mappings for specific requirements. ```csharp // Severity values (0=most severe, 7=least severe): // Emergency=0, Alert=1, Critical=2, Error=3, // Warning=4, Notice=5, Informational=6, Debug=7 // Default mapping (name-based): // LogEventLevel.Debug → Severity.Debug // LogEventLevel.Information → Severity.Informational // LogEventLevel.Warning → Severity.Warning // LogEventLevel.Error → Severity.Error // LogEventLevel.Fatal → Severity.Emergency // LogEventLevel.Verbose → Severity.Notice // Alternative value-based mapping (skips Alert and Critical): var log = new LoggerConfiguration() .WriteTo.UdpSyslog( host: "10.10.10.14", severityMapping: SyslogLoggerConfigurationExtensions.ValueBasedLogLevelToSeverityMap ) .CreateLogger(); // Custom mapping: var log = new LoggerConfiguration() .WriteTo.TcpSyslog( host: "10.10.10.14", severityMapping: level => level == Serilog.Events.LogEventLevel.Fatal ? Severity.Emergency : Severity.Informational ) .CreateLogger(); ``` -------------------------------- ### Configure Local Syslog Logging on Linux Source: https://github.com/ionxsolutions/serilog-sinks-syslog/blob/master/README.md Configure Serilog to send log messages to the local syslog service on Linux systems. No parameters are required for basic configuration. ```csharp var log = new LoggerConfiguration() .WriteTo.LocalSyslog() .CreateLogger(); ``` -------------------------------- ### Configure UDP Syslog Sink (Full) Source: https://context7.com/ionxsolutions/serilog-sinks-syslog/llms.txt Provides a comprehensive configuration for the UDP syslog sink, allowing customization of host, port, app name, message format, facility, output template, minimum log level, message ID property, source host, and structured data ID. ```csharp using Serilog; using Serilog.Sinks.Syslog; // Full configuration var log = new LoggerConfiguration() .WriteTo.UdpSyslog( host: "syslog.example.com", port: 514, appName: "my-service", format: SyslogFormat.RFC5424, facility: Facility.Local1, outputTemplate: "{Message:lj}{NewLine}{Exception}", restrictedToMinimumLevel: Serilog.Events.LogEventLevel.Warning, messageIdPropertyName: "SourceContext", // RFC5424 MSGID field source sourceHost: "app-server-01", // Override HOSTNAME in packet structuredDataId: "myapp" // RFC5424 SD-ID, default "meta" ) .CreateLogger(); log.Information("Order {OrderId} placed by {User}", 42, "alice"); // RFC3164 output: <133>Dec 19 04:01:02 app-server-01 my-service[1912]: Order 42 placed by alice // RFC5424 output: <133>1 2024-06-01T04:01:02.357852+00:00 app-server-01 my-service 1912 - [myapp OrderId="42" User="alice"] Order 42 placed by alice ``` -------------------------------- ### Configure Syslog Sink via JSON Source: https://context7.com/ionxsolutions/serilog-sinks-syslog/llms.txt Configure the Syslog sink entirely through Serilog's JSON settings provider, commonly used with the .NET generic host. ```json { "Serilog": { "MinimumLevel": { "Default": "Debug" }, "WriteTo": [ { "Name": "UdpSyslog", "Args": { "host": "syslog.example.com", "port": 514, "sourceHost": "my-app-server", "appName": "my-service", "format": "RFC5424", "facility": "Local1" } } ], "Enrich": [ "FromLogContext" ] } } ``` -------------------------------- ### Configure TCP Syslog Sink with SyslogTcpConfig Source: https://context7.com/ionxsolutions/serilog-sinks-syslog/llms.txt Use SyslogTcpConfig for full control over TCP syslog connections, including TLS, keep-alive, and timeouts. Requires Serilog.Sinks.Syslog and Serilog.Sinks.PeriodicBatching. ```csharp using Serilog; using Serilog.Sinks.Syslog; using Serilog.Sinks.PeriodicBatching; var tcpConfig = new SyslogTcpConfig { Host = "syslog.example.com", Port = 6514, Formatter = new Rfc5424Formatter( facility: Facility.Local0, applicationName: "my-service", messageIdPropertyName: "SourceContext", structuredDataId: "myapp" ), Framer = new MessageFramer(FramingType.OCTET_COUNTING), UseTls = true, KeepAlive = true, CheckCertificateRevocation = false, TlsAuthenticationTimeout = TimeSpan.FromSeconds(30), CertProvider = new CertificateFileProvider("client.pfx", "p@ssw0rd"), CertValidationCallback = (sender, certificate, chain, sslPolicyErrors) => { // Accept only if no errors; in production, validate thoroughly return sslPolicyErrors == System.Net.Security.SslPolicyErrors.None; } }; var batchOptions = new PeriodicBatchingSinkOptions { BatchSizeLimit = 500, Period = TimeSpan.FromSeconds(5), QueueLimit = 50_000 }; var log = new LoggerConfiguration() .WriteTo.TcpSyslog(tcpConfig, batchConfig: batchOptions) .CreateLogger(); log.Warning("Payment {TxId} failed: {Reason}", "TX-9912", "Insufficient funds"); ``` -------------------------------- ### Instantiate RFC3164 Formatter for Syslog Source: https://context7.com/ionxsolutions/serilog-sinks-syslog/llms.txt Use Rfc3164Formatter to construct syslog messages conforming to RFC3164. The SourceContext Serilog property is included in the message body in square brackets. ```csharp using Serilog.Sinks.Syslog; var formatter = new Rfc3164Formatter( facility: Facility.Local0, applicationName: "web-api", sourceHost: "web-01" ); // Produces: <133>Jun 1 10:00:00 web-01 web-api[1234]: [MyApp.Controllers.OrderController] Order placed ``` -------------------------------- ### SyslogLoggerConfigurationExtensions.ValueBasedLogLevelToSeverityMap() Source: https://context7.com/ionxsolutions/serilog-sinks-syslog/llms.txt Provides a static helper method for a numerically-ordered Serilog to syslog severity mapping, skipping Alert and Critical levels. ```APIDOC ## `SyslogLoggerConfigurationExtensions.ValueBasedLogLevelToSeverityMap()` — Alternative severity mapping A static helper method providing a numerically-ordered Serilog → syslog severity mapping (skipping `Alert` and `Critical`). Pass it to any sink's `severityMapping` parameter. ```csharp using Serilog; using Serilog.Sinks.Syslog; // Mapping: Verbose→Debug, Debug→Informational, Information→Notice, // Warning→Warning, Error→Error, Fatal→Emergency var log = new LoggerConfiguration() .WriteTo.TcpSyslog( host: "10.10.10.14", severityMapping: SyslogLoggerConfigurationExtensions.ValueBasedLogLevelToSeverityMap ) .CreateLogger(); log.Verbose("Trace path entered"); // → Severity.Debug log.Debug("Cache miss for key {K}", 1); // → Severity.Informational log.Information("Request received"); // → Severity.Notice log.Fatal("Process crash"); // → Severity.Emergency ``` ``` -------------------------------- ### Choose Syslog Message Format (RFC3164, RFC5424, Local) Source: https://context7.com/ionxsolutions/serilog-sinks-syslog/llms.txt Select the message encoding format for syslog messages. RFC3164 is the default for UDP, RFC5424 for TCP, and Local is used with LocalSyslog. ```csharp // RFC3164 (BSD syslog) - default for UDP // Example: <12>Dec 19 04:01:02 MYHOST MyApp[1912]: [Source.Context] This is a test message var log = new LoggerConfiguration() .WriteTo.UdpSyslog("10.10.10.14", format: SyslogFormat.RFC3164) .CreateLogger(); ``` ```csharp // RFC5424 (IETF syslog) - default for TCP, supports structured data and full timestamps // Example: <12>1 2013-12-19T04:01:02.357852+00:00 MYHOST MyApp 1912 Source.Context [meta Prop="Val"] message var log = new LoggerConfiguration() .WriteTo.UdpSyslog("10.10.10.14", format: SyslogFormat.RFC5424) .CreateLogger(); ``` ```csharp // Local - used only with LocalSyslog; body-only format (libc handles priority/timestamp) var log = new LoggerConfiguration() .WriteTo.LocalSyslog() // implicitly uses SyslogFormat.Local .CreateLogger(); ``` -------------------------------- ### WriteTo.UdpSyslog() Source: https://context7.com/ionxsolutions/serilog-sinks-syslog/llms.txt Configures Serilog to send RFC3164 (default) or RFC5424 formatted messages to a remote syslog server over UDP. The sink batches events and resolves the host to an IPv4/IPv6 address at startup. ```APIDOC ## WriteTo.UdpSyslog() ### Description Configures Serilog to send RFC3164 (default) or RFC5424 formatted messages to a remote syslog server over UDP. The sink batches events and resolves the host to an IPv4/IPv6 address at startup. ### Method `WriteTo.UdpSyslog` ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body None ### Request Example ```csharp // Minimal: RFC3164 format, port 514, facility Local0 var log = new LoggerConfiguration() .WriteTo.UdpSyslog("10.10.10.14") .CreateLogger(); // Full configuration var log = new LoggerConfiguration() .WriteTo.UdpSyslog( host: "syslog.example.com", port: 514, appName: "my-service", format: SyslogFormat.RFC5424, facility: Facility.Local1, outputTemplate: "{Message:lj}{NewLine}{Exception}", restrictedToMinimumLevel: Serilog.Events.LogEventLevel.Warning, messageIdPropertyName: "SourceContext", // RFC5424 MSGID field source sourceHost: "app-server-01", // Override HOSTNAME in packet structuredDataId: "myapp" // RFC5424 SD-ID, default "meta" ) .CreateLogger(); ``` ### Response #### Success Response None (This is a configuration method) #### Response Example None ``` -------------------------------- ### Configure UDP Syslog Logging Source: https://github.com/ionxsolutions/serilog-sinks-syslog/blob/master/README.md Configure Serilog to send log messages to a remote syslog server over UDP. Specify the server's IP address. ```csharp var log = new LoggerConfiguration() .WriteTo.UdpSyslog("10.10.10.14") .CreateLogger(); ``` -------------------------------- ### Generate Self-Signed Certificate for Rsyslog Testing Source: https://github.com/ionxsolutions/serilog-sinks-syslog/blob/master/README.md Generate a self-signed certificate and key for testing TLS with Rsyslog. These commands create a private key and a corresponding self-signed certificate valid for 10 years. ```bash # openssl genrsa -out /etc/pki/tls/private/rsyslog-key.pem 2048 # openssl req -x509 -new -key /etc/pki/tls/private/rsyslog-key.pem -out /etc/pki/tls/certs/rsyslog.pem -days 3650 ``` -------------------------------- ### Instantiate RFC5424 Formatter for TCP Syslog Source: https://context7.com/ionxsolutions/serilog-sinks-syslog/llms.txt Use Rfc5424Formatter to construct syslog messages conforming to RFC5424. Serilog properties are written into the STRUCTURED-DATA field. This is useful when constructing a SyslogTcpConfig. ```csharp using Serilog.Sinks.Syslog; using Serilog.Formatting.Display; // Use a custom output template for the message body var bodyFormatter = new MessageTemplateTextFormatter("TCP: {Message:lj}", null); var formatter = new Rfc5424Formatter( facility: Facility.Local2, applicationName: "payment-svc", templateFormatter: bodyFormatter, messageIdPropertyName: "SourceContext", // maps to RFC5424 MSGID field sourceHost: "prod-server-01", structuredDataId: "payapp" ); var tcpConfig = new SyslogTcpConfig { Host = "syslog.example.com", Port = 6514, Formatter = formatter, Framer = new MessageFramer(FramingType.OCTET_COUNTING), UseTls = true }; var log = new LoggerConfiguration() .WriteTo.TcpSyslog(tcpConfig) .CreateLogger(); // Produces: <133>1 2024-06-01T10:00:00.000000+00:00 prod-server-01 payment-svc 99 - [payapp ...] TCP: message body ``` -------------------------------- ### Configure Plain TCP Syslog Sink Source: https://context7.com/ionxsolutions/serilog-sinks-syslog/llms.txt Configures Serilog to send logs over plain TCP to a remote syslog server using RFC5424 format and default octet-counting framing. ```csharp using Serilog; using Serilog.Sinks.Syslog; // Plain TCP, RFC5424, octet-counting framing (defaults) var log = new LoggerConfiguration() .WriteTo.TcpSyslog("10.10.10.14") .CreateLogger(); ``` -------------------------------- ### Syslog Severity Enum and Mapping Source: https://context7.com/ionxsolutions/serilog-sinks-syslog/llms.txt Explains the Severity enum for syslog and demonstrates default, value-based, and custom severity mappings from Serilog's LogEventLevel. ```APIDOC ## `Severity` Enum — Syslog severity levels Represents standard syslog severity values. These are derived automatically from Serilog's `LogEventLevel` using the default or a custom mapping function. ```csharp // Severity values (0=most severe, 7=least severe): // Emergency=0, Alert=1, Critical=2, Error=3, // Warning=4, Notice=5, Informational=6, Debug=7 // Default mapping (name-based): // LogEventLevel.Debug → Severity.Debug // LogEventLevel.Information → Severity.Informational // LogEventLevel.Warning → Severity.Warning // LogEventLevel.Error → Severity.Error // LogEventLevel.Fatal → Severity.Emergency // LogEventLevel.Verbose → Severity.Notice // Alternative value-based mapping (skips Alert and Critical): var log = new LoggerConfiguration() .WriteTo.UdpSyslog( host: "10.10.10.14", severityMapping: SyslogLoggerConfigurationExtensions.ValueBasedLogLevelToSeverityMap ) .CreateLogger(); // Custom mapping: var log = new LoggerConfiguration() .WriteTo.TcpSyslog( host: "10.10.10.14", severityMapping: level => level == Serilog.Events.LogEventLevel.Fatal ? Severity.Emergency : Severity.Informational ) .CreateLogger(); ``` ``` -------------------------------- ### Configure Rsyslog TCP Listener Source: https://github.com/ionxsolutions/serilog-sinks-syslog/blob/master/README.md Use this configuration to set up rsyslog to listen for incoming TCP connections on a specific port. Ensure the port is not already in use. ```rsyslog $ModLoad imtcp $InputTCPServerRun 6514 ``` -------------------------------- ### Configure TCP Syslog Logging Source: https://github.com/ionxsolutions/serilog-sinks-syslog/blob/master/README.md Configure Serilog to send log messages to a remote syslog server over TCP. Specify the server's IP address. ```csharp var log = new LoggerConfiguration() .WriteTo.TcpSyslog("10.10.10.14") .CreateLogger(); ``` -------------------------------- ### Configure TLS TCP Syslog Sink with Custom Validation Source: https://context7.com/ionxsolutions/serilog-sinks-syslog/llms.txt Configures Serilog to send logs over TLS-secured TCP to a remote syslog server, supporting custom server certificate validation and other advanced options. ```csharp using Serilog; using Serilog.Sinks.Syslog; // TCP with TLS, custom framing, RFC5424 var log = new LoggerConfiguration() .WriteTo.TcpSyslog( host: "syslog.example.com", port: 6514, appName: "my-service", framingType: FramingType.OCTET_COUNTING, format: SyslogFormat.RFC5424, facility: Facility.Local0, useTls: true, certValidationCallback: (sender, cert, chain, errors) => { // Custom server certificate validation; return false to reject return errors == System.Net.Security.SslPolicyErrors.None; }, outputTemplate: "{Message:lj}", restrictedToMinimumLevel: Serilog.Events.LogEventLevel.Information ) .CreateLogger(); log.Error(new Exception("DB timeout"), "Failed to connect to {Database}", "orders-db"); // <131>1 2024-06-01T10:23:00.123456+00:00 MYHOST my-service 4567 - [meta Database="orders-db"] Failed to connect to orders-db ``` -------------------------------- ### WriteTo.TcpSyslog() Source: https://context7.com/ionxsolutions/serilog-sinks-syslog/llms.txt Connects to a remote syslog server over TCP. Defaults to RFC5424 format, octet-counting framing, and port 1468. Set `useTls: true` for encrypted transport. ```APIDOC ## WriteTo.TcpSyslog() ### Description Connects to a remote syslog server over TCP. Defaults to RFC5424 format, octet-counting framing, and port 1468. Set `useTls: true` for encrypted transport. ### Method `WriteTo.TcpSyslog` ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body None ### Request Example ```csharp // Plain TCP, RFC5424, octet-counting framing (defaults) var log = new LoggerConfiguration() .WriteTo.TcpSyslog("10.10.10.14") .CreateLogger(); // TCP with TLS, custom framing, RFC5424 var log = new LoggerConfiguration() .WriteTo.TcpSyslog( host: "syslog.example.com", port: 6514, appName: "my-service", framingType: FramingType.OCTET_COUNTING, format: SyslogFormat.RFC5424, facility: Facility.Local0, useTls: true, certValidationCallback: (sender, cert, chain, errors) => { // Custom server certificate validation; return false to reject return errors == System.Net.Security.SslPolicyErrors.None; }, outputTemplate: "{Message:lj}", restrictedToMinimumLevel: Serilog.Events.LogEventLevel.Information ) .CreateLogger(); ``` ### Response #### Success Response None (This is a configuration method) #### Response Example None ``` -------------------------------- ### Select Syslog Facility Classification Source: https://context7.com/ionxsolutions/serilog-sinks-syslog/llms.txt Categorize the source of syslog messages using the Facility enum. The default is Facility.Local0. ```csharp // Common facility values: // Facility.Kernel, Facility.User, Facility.Mail, Facility.Daemons, // Facility.Auth, Facility.Syslog, Facility.Cron, // Facility.Local0 (default) through Facility.Local7 var log = new LoggerConfiguration() .WriteTo.UdpSyslog("10.10.10.14", facility: Facility.Local3) .CreateLogger(); // Priority = (Facility * 8) + Severity // e.g. Local3 (19) + Error (3) = priority 155 → <155> ``` -------------------------------- ### Configure TCP Syslog Sink with Octet Counting Framing Source: https://github.com/ionxsolutions/serilog-sinks-syslog/blob/master/README.md Use this to configure the TCP Syslog sink to use the OCTET_COUNTING framing method as described in RFC5425 and RFC6587. Ensure your Syslog server supports this framing type. ```csharp var log = new LoggerConfiguration() .WriteTo.TcpSyslog("10.10.10.14", framingType: FramingType.OCTET_COUNTING) .CreateLogger(); ``` -------------------------------- ### Configure Rsyslog TLS Authentication (Anonymous) Source: https://github.com/ionxsolutions/serilog-sinks-syslog/blob/master/README.md Set up anonymous authentication for TLS connections, allowing clients to connect without presenting certificates. This is suitable for environments where authentication is handled by other means. ```rsyslog # Don't authenticate clients. $InputTCPServerStreamDriverAuthMode anon ``` -------------------------------- ### Configure Rsyslog TLS Authentication (X509 Fingerprint) Source: https://github.com/ionxsolutions/serilog-sinks-syslog/blob/master/README.md Configure rsyslog to validate client certificates based on their SHA1 fingerprint. This method requires explicitly listing the thumbprint of each permitted client certificate. ```rsyslog # 2) Set $InputTCPServerStreamDriverAuthMod to x509/fingerprint and configure valid client cert SHA1 # thumbprints by including a $InputTCPServerStreamDriverPermittedPeer for each client cert - this will # additionally check the fingerprint of client certs matches one of the provided values. Example: $InputTCPServerStreamDriverAuthMod x509/fingerprint $InputTCPServerStreamDriverPermittedPeer SHA1:6C:8E:A2:C4:39:BF:56:0E:72:A0:21:F2:D2:82:64:CA:4A:D0:48:8B ``` -------------------------------- ### Configure Rsyslog TLS Authentication (X509 Name) Source: https://github.com/ionxsolutions/serilog-sinks-syslog/blob/master/README.md Configure rsyslog to validate client certificates based on their Common Name (CN). This allows for wildcard matching and simplifies management for multiple clients with similar naming conventions. ```rsyslog # 3) Set $InputTCPServerStreamDriverAuthMod to x509/name and configure valid client cert CN (common # name) values by including a $InputTCPServerStreamDriverPermittedPeer for each name - this will # additionally check the CN of client certs matches one of the provided values (wilcards can be used). # Example: $InputTCPServerStreamDriverAuthMod x509/name $InputTCPServerStreamDriverPermittedPeer *.example.com $InputTCPServerStreamDriverPermittedPeer host.domain.com ``` -------------------------------- ### Configure TCP Message Framing (Octet-Counting, Newline) Source: https://context7.com/ionxsolutions/serilog-sinks-syslog/llms.txt Control how messages are delimited in TCP syslog streams using FramingType. Octet-counting is recommended for modern servers. ```csharp // Octet-counting (RFC5425/RFC6587) — recommended for modern syslog servers var framer = new MessageFramer(FramingType.OCTET_COUNTING); ``` ```csharp // Newline-delimited — for legacy servers var framerLF = new MessageFramer(FramingType.LF); var framerCRLF = new MessageFramer(FramingType.CRLF); var framerCR = new MessageFramer(FramingType.CR); var framerNUL = new MessageFramer(FramingType.NUL); ``` ```csharp // Use in TcpSyslog configuration var log = new LoggerConfiguration() .WriteTo.TcpSyslog("10.10.10.14", framingType: FramingType.OCTET_COUNTING) .CreateLogger(); ``` -------------------------------- ### Configure Rsyslog for TLS Source: https://github.com/ionxsolutions/serilog-sinks-syslog/blob/master/README.md Update the Rsyslog configuration file to use TLS for secure communication. This involves setting the default network driver to gtls and specifying the paths to the CA file, certificate file, and private key file. ```rsyslog # Set certificate locations $DefaultNetstreamDriver gtls $DefaultNetstreamDriverCAFile /etc/pki/tls/certs/rsyslog.pem $DefaultNetstreamDriverCertFile /etc/pki/tls/certs/rsyslog.pem $DefaultNetstreamDriverKeyFile /etc/pki/tls/private/rsyslog-key.pem ``` -------------------------------- ### Enable TLS for Rsyslog TCP Listener Source: https://github.com/ionxsolutions/serilog-sinks-syslog/blob/master/README.md Configure the rsyslog TCP listener to use TLS for encrypted communication. This enhances security by encrypting log data in transit. ```rsyslog # Enable TLS $InputTCPServerStreamDriverMode 1 ``` -------------------------------- ### Set AppContext Switch for TLS Versions Source: https://github.com/ionxsolutions/serilog-sinks-syslog/blob/master/README.md For .NET Framework 4.6.2, set the AppContext switch 'Switch.System.Net.DontEnableSystemDefaultTlsVersions' to false to manage TLS versions. This is recommended for security best practices. ```csharp AppContext.SetSwitch("Switch.System.Net.DontEnableSystemDefaultTlsVersions", false); ``` -------------------------------- ### Configure Syslog Message Format to RFC5424 Source: https://github.com/ionxsolutions/serilog-sinks-syslog/blob/master/README.md Customize the syslog message format to RFC5424 for UDP logging. This format supports more features like full timestamps and structured data. ```csharp var log = new LoggerConfiguration() .WriteTo.UdpSyslog("10.10.10.14", format: SyslogFormat.RFC5424) .CreateLogger(); ``` -------------------------------- ### Configure Rsyslog TLS Authentication (X509 Cert Validation) Source: https://github.com/ionxsolutions/serilog-sinks-syslog/blob/master/README.md Configure rsyslog to validate client certificates signed by the same Certificate Authority (CA) that signed the rsyslog server's certificate. This ensures clients are trusted. ```rsyslog # If you *do* want clients to authenticate with a client certificate, then either: # # 1) Set $InputTCPServerStreamDriverAuthMod to x509/certvalid, which will validate the the client # has presented a certificate signed by the same CA as the one that signed rsyslog's certificate $InputTCPServerStreamDriverAuthMod x509/certvalid ``` -------------------------------- ### Configure MessageFramer for TCP Transport Source: https://context7.com/ionxsolutions/serilog-sinks-syslog/llms.txt MessageFramer wraps a syslog message string with appropriate delimiter bytes for TCP transport. It can be configured with different FramingTypes and encodings. ```csharp using Serilog.Sinks.Syslog; using System.Text; // Octet-counting: prefixes each message with its byte length and a space var framer = new MessageFramer(FramingType.OCTET_COUNTING); // Custom encoding (default is UTF-8) var framerUtf16 = new MessageFramer(FramingType.LF, Encoding.Unicode); // Used in SyslogTcpConfig var tcpConfig = new SyslogTcpConfig { Host = "10.10.10.14", Port = 1468, Formatter = new Rfc5424Formatter(), Framer = new MessageFramer(FramingType.OCTET_COUNTING) }; ``` -------------------------------- ### Enable RFC5424 Message Format in Rsyslog Source: https://github.com/ionxsolutions/serilog-sinks-syslog/blob/master/README.md Modify the default rsyslog template to ensure log messages are formatted according to the RFC5424 standard. This is crucial for structured logging and compatibility with modern syslog receivers. ```rsyslog $ActionFileDefaultTemplate RSYSLOG_SyslogProtocol23Format ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.