1、導包：

<dependency><groupId>org.graylog2</groupId><artifactId>syslog4j</artifactId><version>0.9.60</version></dependency>

2、重寫接收處理器：

import org.graylog2.syslog4j.server.SyslogServerEventIF; import org.graylog2.syslog4j.server.SyslogServerIF; import org.graylog2.syslog4j.server.SyslogServerSessionEventHandlerIF; import org.graylog2.syslog4j.util.SyslogUtility;import java.io.UnsupportedEncodingException; import java.net.SocketAddress; import java.nio.charset.StandardCharsets; import java.util.Date; import java.util.regex.Matcher; import java.util.regex.Pattern;public class SyslogServerEventHandlerTest implements SyslogServerSessionEventHandlerIF {//extends PrintStreamSyslogServerEventHandler {private String syslog;//重寫event方法public void event(Object session, SyslogServerIF syslogServer, SocketAddress socketAddress, SyslogServerEventIF event) {//判斷傳輸時間是否存在，不存在將現在的時間設置為傳輸時間String date = (event.getDate() == null ? new Date() : event.getDate()).toString();//將解析日志的生成端,<<3是要該數左移動三位計算String facility = SyslogUtility.getFacilityString(event.getFacility() << 3);//講解析日志的級別，級別越大越低String level = SyslogUtility.getLevelString(event.getLevel());//獲取當前的源設備IPString sourceIP = getIPAddress(socketAddress.toString());//獲取到信息主體String msg = event.getMessage();//放入信息setSyslog("{" + facility + "} " + date + " " + level + " " + msg + " " + sourceIP);try {msg = new String(event.getMessage().getBytes(), StandardCharsets.UTF_8);//打印信息 // System.out.println(getSyslog());System.out.println(msg);} catch (Exception e) {System.err.println("UnsupportedEncodingException");}}public String getSyslog() throws UnsupportedEncodingException {return new String(syslog.getBytes(), "UTF-8");}public void setSyslog(String syslog) {this.syslog = syslog;}//獲取到該字符串里的ip地址private String getIPAddress(String bString) {String regEx = "((2[0-4]\\d|25[0-5]|[01]?\\d\\d?)\\.){3}(2[0-4]\\d|25[0-5]|[01]?\\d\\d?)";Pattern p = Pattern.compile(regEx);Matcher m = p.matcher(bString);String result = "";while (m.find()) {result = m.group();break;}return result;}@Overridepublic void initialize(SyslogServerIF syslogServer) {}@Overridepublic void destroy(SyslogServerIF syslogServer) {}@Overridepublic Object sessionOpened(SyslogServerIF syslogServer, SocketAddress socketAddress) {return null;}@Overridepublic void exception(Object session, SyslogServerIF syslogServer, SocketAddress socketAddress, Exception exception) {}@Overridepublic void sessionClosed(Object session, SyslogServerIF syslogServer, SocketAddress socketAddress, boolean timeout) {} }

3、多線程調用接收處理器：

import org.graylog2.syslog4j.server.SyslogServer; import org.graylog2.syslog4j.server.SyslogServerConfigIF; import org.graylog2.syslog4j.server.SyslogServerEventHandlerIF; import org.graylog2.syslog4j.server.SyslogServerIF;public class UDPSyslogServerFinalTest implements Runnable {private static UDPSyslogServerFinalTest UDPSyslogServerFinal = null;//syslog服務器配置文件用于服務器關閉private SyslogServerIF serverIf = null;public SyslogServerIF getServerIF() {return serverIf;}private void setServerIF(SyslogServerIF serverIF) {this.serverIf = serverIF;}private UDPSyslogServerFinalTest() {}//用單例模式去書寫public static synchronized UDPSyslogServerFinalTest getUDPSyslogServer() {if (UDPSyslogServerFinal == null) {UDPSyslogServerFinal = new UDPSyslogServerFinalTest();}return UDPSyslogServerFinal;}@Overridepublic void run() {//實例化接收處理方法SyslogServerEventHandlerIF eventHandler = new SyslogServerEventHandlerTest();//傳入UDP協議參數實例化具體服務器 就是這個位置不同，如果你閑麻煩可以用自己優化一下算法然后將兩個合為一個SyslogServerIF serverIF = SyslogServer.getInstance("udp");//從服務器里獲取配置信息變量SyslogServerConfigIF config = serverIF.getConfig();//設置監聽地址0.0.0.0為監聽網絡內全部地址config.setHost("0.0.0.0");//設置監聽地址為514,514為syslog默認地址config.setPort(514);//放入接收方法config.addEventHandler(eventHandler);//初始化服務器serverIF.initialize("udp", config);System.out.println("server start udp");//設置服務器變量，用來外部調用關閉setServerIF(serverIF);//服務器啟動serverIF.run();} }

4、開啟監聽：
?

UDPSyslogServerFinalTest udpSyslogServerFinalTest = UDPSyslogServerFinalTest.getUDPSyslogServer();Thread s = new Thread(udpSyslogServerFinalTest);s.start();

5、模擬發送syslog數據

@SneakyThrows@Testpublic void syslogClientSend() {SyslogIF syslog = Syslog.getInstance("udp");syslog.getConfig().setSendLocalName(false);//根據方法名就可看出是發送名稱 // syslog.getConfig().setSendLocalTimestamp(false);//發送時間syslog.getConfig().setHost("192.168.0.104");syslog.getConfig().setPort(514);StringBuffer eventCvs = new StringBuffer();String str = "666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666";TimeInterval timer = DateUtil.timer();for (int m = 0; m < 100000; m++) {syslog.log(SyslogConstants.LEVEL_DEBUG, URLDecoder.decode(str, String.valueOf(StandardCharsets.UTF_8)));eventCvs.delete(0,eventCvs.length());}Thread.sleep(3000);System.out.println("cast time:" +timer.interval());}

?

總結

以上是生活随笔為你收集整理的syslog数据接收并处理的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。