Syslog Settings

Syslog is a standard protocol used for message logging. It allows devices and applications to generate logs, which are messages about events that have occurred. These logs can contain information about system errors, warnings, informational messages, and more.

Settings

Server Address

The address of the syslog server. IP address, server name, FQDN etc. formats can be entered. It is mandatory to fill in this field.

TLS / Port Number / Protocol

TLS is used to determine whether the secure channel will be used in syslog transactions. Although it is a port-independent setting but port information may change depending on the selection made here. The port that the syslog server listens to in order to send messages. By default, most syslog servers use UDP port 514. Secure channel and TCP port information may need to be obtained from the syslog server administrator.

RFC 3164

This document defines the classic Unix syslog protocol and message format. It describes the traditional syslog format used primarily in BSD systems. While still in use in many systems, it lacks structured data and some security aspects.

RFC 5424

This RFC introduces a more modern approach and defines the extended syslog protocol. RFC 5424 aims to overcome the limitations of the traditional syslog format by adding structured data and supporting a more extensive message format. In this way, it enables the transfer of more complex and detailed information and includes security-related features.