VMR – Syslog Profiles

Introduction to Syslog

Syslog is a way for network devices to send event messages to a logging server – usually known as a Syslog server. The Syslog protocol is supported by a wide range of devices and can be used to log different types of events. For example, a router might send messages about users logging on to console sessions, while a web-server might log access-denied events.

Setting up Outbound Syslog Profiles

Below is the screenshot to setup syslog profiles for outbound message.

Form Details

Syslog Configurations

Settings

IP Address/Host

Please enter IP address or the hostname of the syslog server.

Port

Please enter Port Number from 0 to 65535.

Network

Please select either a TCP or a UDP protocol of the syslog server.

SysLog Format

Two popular syslog format RFC3164 and RFC5424.

App Name

Field to denote the application that sends the syslog.

Message ID

Field to identify the message.

Severity

The priority is a value from 0 to 191 and is not space or leading zero padded.

For more information on the Syslog message format, please read the RFC.

The priority value is calculated using the following formula:

Priority = Facility * 8 + Level

The list of severity Levels:

0       Emergency: system is unusable
1       Alert: action must be taken immediately
2       Critical: critical conditions
3       Error: error conditions
4       Warning: warning conditions
5       Notice: normal but significant condition
6       Informational: informational messages
7       Debug: debug-level messages

Facility

The Facility value is a way of determining which process of the machine created the message. Since the Syslog protocol was originally written on BSD Unix, the Facilities reflect the names of Unix processes and Daemons.
The priority value is calculated using the following formula:
Priority = Facility * 8 + Level

The list of Facilities available:

0             kernel messages
1             user-level messages
2             mail system
3             system daemons
4             security/authorization messages
5             messages generated internally by syslogd
6             line printer subsystem
7             network news subsystem
8             UUCP subsystem
9             clock daemon
10            security/authorization messages
11            FTP daemon
12            NTP subsystem
13            log audit
14            log alert
15            clock daemon
16            local use 0  (local0)
17            local use 1  (local1)
18            local use 2  (local2)
19            local use 3  (local3)
20            local use 4  (local4)
21            local use 5  (local5)
22            local use 6  (local6)
23            local use 7  (local7)