Syslog

The System Logging Protocol is a standard developed in the 1980s for transmitting log messages in an IP computer network. In this process, the syslog client sends a text message to the syslog receiver. The receiver is often called a sylog server. It can also forward the messages to other servers.

By default, the messages are transmitted using TLS (Transport Layer Security).

Syslog has three different levels:

  1. Syslog content: the information contained
  2. Syslog application: generate, route, interpret and store the message
  3. Syslog transport: transmit the message

Syslog thus allows messages to be sent and stored. These always have the same structure:

  • Selector: allows classification by origin and severity
  • Header: contains timestamp, name / IP address of the sender
  • Actual content

The advantages of Syslog are:

  • Provide information needed to restore the system to a previous state after a failure.
  • Provides details about individual applications so that trends can be identified and problem areas corrected
  • Monitor applications without impacting performance by writing the information to external devices or services

All terms in Expert Know-how