search cancel

Extending SYSLOG message/character limit for Sumo Logic Collector


Article ID: 16355


Updated On:


STARTER PACK-7 CA Rapid App Security CA API Gateway CA API Developer Portal


I seem to have rollover and messages being cut in my SYSLOG, how do I extend SYSLOG message/character limit? 


CA APIM Gateway: 9.X running on any form factors

CA APIM Gateway 10.x running on any form factors - confirmed to solve  


By default, SYSLOG is not configured to accept more than 2048 characters.  The Sumo Logic Collector by default supports UDP messages up to 2048 bytes. 


Here are the two steps needing to be done for writing more than 2048 characters to SYSLOG:


1. On the Gateway, add com.l7tech.server.log.syslog.maxLength system property into /opt/SecureSpan/Gateway/node/default/etc/conf/ file with the desired length (max length is 65536)

Restart the gateway


2. On the SYSLOG Server request the respective SYSLOG Admin to add or adjust the below line into config file and then restart the collector.


collector.syslog.udp.readBufferSize = 65535

 Now writing more than 2048 characters into SYSLOG from API Gateway should work.  For TCP Syslog the Collector supports single-line TCP messages up to 65,535 bytes by default.

For more information, please see the following documentation from Sumo Logic Collector: