I seem to have rollover and messages being cut in my SYSLOG, how do I extend SYSLOG message/character limit?
By default, SYSLOG is not configured to accept more than 2048 characters. The Sumo Logic Collector by default supports UDP messages up to 2048 bytes.
Here are the two steps needing to be done for writing more than 2048 characters to SYSLOG:
1. On the Gateway, add com.l7tech.server.log.syslog.maxLength system property into /opt/SecureSpan/Gateway/node/default/etc/conf/system.properties file with the desired length (max length is 65536)
Restart the gateway
2. On the SYSLOG Server request the respective SYSLOG Admin to add or adjust the below line into collector.properties config file and then restart the collector.
collector.syslog.udp.readBufferSize = 65535
Now writing more than 2048 characters into SYSLOG from API Gateway should work. For TCP Syslog the Collector supports single-line TCP messages up to 65,535 bytes by default.
For more information, please see the following documentation from Sumo Logic Collector: