Syslog Events Monitoring and Consolidation
Providing Syslog events monitoring, Syslog plugin implements a Syslog receiver that listens to Syslog messages, collects them and converts into Iotellect events. The Syslog events can be processed, stored, traced, displayed and filtered like any other conventional Iotellect events. For detailed Syslog protocol definition refer to RFC 5424.
Syslog monitoring is set up by Syslog plugin configuration parameters. When a Syslog message is received it is parsed and a corresponding Iotellect event is generated. The structure and data conversion rules are presented in the following table:
Event Field | Event Field Name | Type | Description |
Source Host | source | String | An address the Syslog message was received from in the form
For example: |
Severity | level | Integer | Original severity level specified in the Syslog message. Refer to RFC 5424 for a list of severity values. |
Facility | facility | Integer | Original facility specified in the Syslog message. |
IP Address or Host Name | host | String | Host specified in the Syslog message (usually the originator of the message). |
Message | message | String | Syslog message text providing information about the event. |
Timestamp | timestamp | Date | Timestamp specified in the Syslog message. |
The Iotellect event is generated with severity level that is converted from original Syslog severity using conversion table specified in the Syslog plugin configuration parameters.
Was this page helpful?