syslog Parameters
2001-08-21
2016-04-26
The syslog protocol utilizes numerical facility and severity values.
syslog Message Facilities
IETF Review
0
kernel messages
1
user-level messages
2
mail system
3
system daemons
4
security/authorization messages
5
messages generated internally by syslogd
6
line printer subsystem
7
network news subsystem
8
UUCP subsystem
9
clock daemon
10
security/authorization messages
11
FTP daemon
12
NTP subsystem
13
log audit
14
log alert
15
clock daemon
16
local use 0 (local0)
17
local use 1 (local1)
18
local use 2 (local2)
19
local use 3 (local3)
20
local use 4 (local4)
21
local use 5 (local5)
22
local use 6 (local6)
23
local use 7 (local7)
Various operating systems have been found to utilize
Facilities 4, 10, 13 and 14 for security/authorization,
audit, and alert messages which seem to be similar.
Various operating systems have been found to utilize
both Facilities 9 and 15 for clock (cron/at) messages.
syslog Message Severities
IETF Review
REGISTRY FULL
0
Emergency: system is unusable
1
Alert: action must be taken immediately
2
Critical: critical conditions
3
Error: error conditions
4
Warning: warning conditions
5
Notice: normal but significant condition
6
Informational: informational messages
7
Debug: debug-level messages
syslog Version Values
Standards Action
1
Defined in
syslog Structured Data ID Values
IETF Review
The registration rules for this registry will be that
new Structured Data ID values and new Parameter Name
values must be registered via IETF Review. In addition,
once SD-IDs and SD-PARAMs are defined, the syntax and
semantics of these registrations must not be altered.
In the event that modifications of existing registry items
are required, a new SD-ID or SD-PARAM must be created,
leaving the older one unchanged. Finally, the IANA does
not register, and will not control SD-IDs or SD-PARAMs
\with an "@" sign (ABNF %d64) in them.
timeQuality
OPTIONAL
tzKnown
OPTIONAL
isSynced
OPTIONAL
syncAccuracy
OPTIONAL
origin
OPTIONAL
ip
OPTIONAL
enterpriseId
OPTIONAL
software
OPTIONAL
swVersion
OPTIONAL
meta
OPTIONAL
sequenceId
OPTIONAL
sysUpTime
OPTIONAL
language
OPTIONAL
snmp
OPTIONAL
ctxEngine
OPTIONAL
ctxName
OPTIONAL
v<N>
OPTIONAL
l<N>
OPTIONAL
o<N>
OPTIONAL
x<N>
OPTIONAL
c<N>
OPTIONAL
C<N>
OPTIONAL
u<N>
OPTIONAL
d<N>
OPTIONAL
i<N>
OPTIONAL
n<N>
OPTIONAL
p<N>
OPTIONAL
t<N>
OPTIONAL
a<N>
OPTIONAL
alarm
OPTIONAL
resource
MANDATORY
probableCause
MANDATORY
perceivedSeverity
MANDATORY
eventType
OPTIONAL
trendIndication
OPTIONAL
resourceURI
OPTIONAL
ssign
MANDATORY
VER
MANDATORY
RSID
MANDATORY
SG
MANDATORY
SPRI
MANDATORY
GBC
MANDATORY
FMN
MANDATORY
CNT
MANDATORY
HB
MANDATORY
SIGN
MANDATORY
ssign-cert
MANDATORY
VER
MANDATORY
RSID
MANDATORY
SG
MANDATORY
SPRI
MANDATORY
TPBL
MANDATORY
INDEX
MANDATORY
FLEN
MANDATORY
FRAG
MANDATORY
SIGN
MANDATORY
PCNNode
OPTIONAL
ID
MANDATORY
Rtyp
MANDATORY
PCNTerm
OPTIONAL
IngrID
MANDATORY
EgrID
MANDATORY
TermRate
MANDATORY
FCnt
MANDATORY
syslog-sign Protocol Version Values
IETF Review
00
Reserved
01
Defined in
02-50
Unassigned
51-99
Reserved for Private Use
syslog-sign Hash Algorithm Values
IETF Review
New values are assigned incrementally from 0-9, then from a-z, then from A-Z.
0
01
Reserved
1
01
SHA1
2
01
SHA256
syslog-sign Signature Scheme Values
IETF Review
The range for values is 0-9.
0
01
Reserved
1
01
OpenPGP DSA
syslog-sign SG Field Values
IETF Review
0
There is only one Signature Group.
1
Each PRI value is associated with its own
Signature Group.
2
Each Signature Group contains a range of PRI
Values.
3
Signature Groups are not assigned with any of
the above relationships to PRI values of the
syslog messages they sign.
4-7
Unassigned
8-9
Reserved for Private Use
syslog-sign Key Blob Type Values
IETF Review
Upper-case letters are assigned by IANA. Lower-case letters are vendor-specific.
C
a PKIX certificate
P
an OpenPGP certificate
K
the public key whose corresponding private key is
used to sign the messages
N
no key information sent, key is pre-distributed
U
installation-specific key exchange information