📚 Syslog

Created: 18.11.2020

Not sure yet wether it belongs to this section. It makes the most sense to put it here until I am sure.

Standard for message logging. Originated from BSD.

Router, switch, server etc generates a syslog message (originator). Puts the facility code and severity level, originator process ID, timestamp and IP/hostname. Facility codes are rudiments left from BSD and reflect the process that initiated this message. CISCO useses Local6/Local7.

Severity: 0 Emergency 1 Alert 2 Critical 3 Error 4 Warning 5 Notice 6 Informational 7 Debug

A collector grabs this message and analyses it, Syslog Server. A relay forwards these messages (Syslog Forwarder) between originators and collectors or originators and originators. A transport sender passes syslog msg to the transport layer (UDP usually). A transport receiver takes a syslog msg from the transport layer.