syslog protocol

syslog protocol

(SYStem LOG protocol) A protocol for transmitting event messages and alerts across an IP network. Messages are sent by the operating system or application at the start or end of a process or to report the current status of a process. Initially developed for the Unix sendmail application, syslog became commonly used in all environments and was made an IETF standard in 2001.

Relays and Collectors
Using UDP or TCP as the transport and typically 514 as the port number, the sending device may transmit to a "relay," which forwards the message to a "collector," which stores it. The collector is also known as a "syslog server" or "syslog daemon." The plain text message may be sent to more than one relay or collector at the same time. See ULP.
Copyright © 1981-2019 by The Computer Language Company Inc. All Rights reserved. THIS DEFINITION IS FOR PERSONAL USE ONLY. All other reproduction is strictly prohibited without permission from the publisher.
Mentioned in ?
References in periodicals archive ?
BalaBit played an active role in Common Log Transport Specification, to make moving event records between different systems easier using the syslog protocol. BalaBit also participates in Dictionary and Taxonomy related discussions, which defines standard fields and tags to be used in event records.
The syslog protocol is not perfect--there are some limitations such as plain text log data on the network, and unauthenticated log devices.