syslog protocol

syslog protocol

(SYStem LOG protocol) A protocol for transmitting event messages and alerts across an IP network. Messages are sent by the operating system or application at the start or end of a process or to report the current status of a process. Initially developed for the Unix sendmail application, syslog became commonly used in all environments and was made an IETF standard in 2001.

Relays and Collectors
Using UDP or TCP as the transport and typically 514 as the port number, the sending device may transmit to a "relay," which forwards the message to a "collector," which stores it. The collector is also known as a "syslog server" or "syslog daemon." The plain text message may be sent to more than one relay or collector at the same time. See ULP.
Mentioned in ?
References in periodicals archive ?
BalaBit played an active role in Common Log Transport Specification, to make moving event records between different systems easier using the syslog protocol.
The syslog protocol is not perfect--there are some limitations such as plain text log data on the network, and unauthenticated log devices.
The ability of Type80 to provide extensions to all mainframe console messages and write-to-operator messages using the standard TCP/IP Syslog protocol is particularly valuable in delivering easy integration with any centralized security activity, not to mention a cost effective way to monitor the IBM z/OS," said Jerry Harding, managing director, Type80.