Syslog: Difference between revisions
imported>Howard C. Berkowitz (New page: '''syslog''' is both the name of an computer-based event recording service, and the protocol that delivers the event information to the server. Syslog was introduce...) |
imported>Howard C. Berkowitz No edit summary |
||
| Line 1: | Line 1: | ||
'''syslog''' is both the name of an computer-based event recording service, and the [[protocol (computer)|protocol]] that delivers the event information to the server. Syslog was introduced in [[BSD UNIX]], but is deployed on virtually all computers. | {{subpages}} | ||
'''syslog''' is both the name of an computer-based event recording service, and the [[protocol (computer)|protocol]] that delivers the event information to the server.<ref name=RFC3164 >{{citation | |||
| id = RFC3164 | |||
| title = The BSD Syslog Protocol | |||
| author = C. Lonvick | |||
| date = August 2001 | url = http://www.ietf.org/rfc/rfc3164.txt | |||
}}</ref> Syslog was introduced in [[BSD UNIX]], but is deployed on virtually all computers. | |||
The syslog protocol runs over the [[User Datagram Protocol]], with the server at well-known port 514. The protocol definition recommends that the source port also be 514, but, if the sender uses a different source port, it is further recommended that all traffic from that source use the same terminology. | The syslog protocol runs over the [[User Datagram Protocol]], with the server at well-known port 514. The protocol definition recommends that the source port also be 514, but, if the sender uses a different source port, it is further recommended that all traffic from that source use the same terminology. | ||
Revision as of 16:07, 9 February 2009
syslog is both the name of an computer-based event recording service, and the protocol that delivers the event information to the server.[1] Syslog was introduced in BSD UNIX, but is deployed on virtually all computers.
The syslog protocol runs over the User Datagram Protocol, with the server at well-known port 514. The protocol definition recommends that the source port also be 514, but, if the sender uses a different source port, it is further recommended that all traffic from that source use the same terminology.
Terminology
For syslog, a computer that can generate a message is called a "device". A machine that can receive the message and forward it to another machine will be called a "relay".
What commonly is called a "syslog server" is formally a "collector". Any device or relay will be known as the "sender" when it sends a message.
References
- ↑ C. Lonvick (August 2001), The BSD Syslog Protocol, RFC3164