RFC 3164 (rfc3164) - Page 1 of 29


The BSD Syslog Protocol



Alternative Format: Original Text Document

Next >


Network Working Group                                         C. Lonvick
Request for Comments: 3164                                 Cisco Systems
Category: Informational                                      August 2001


                        The BSD syslog Protocol

Status of this Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2001).  All Rights Reserved.

Abstract

   This document describes the observed behavior of the syslog protocol.
   This protocol has been used for the transmission of event
   notification messages across networks for many years.  While this
   protocol was originally developed on the University of California
   Berkeley Software Distribution (BSD) TCP/IP system implementations,
   its value to operations and management has led it to be ported to
   many other operating systems as well as being embedded into many
   other networked devices.

Table of Contents

   1. Introduction....................................................2
   1.1 Events and Generated Messages..................................3
   1.2 Operations of the Message Receivers............................5
   2. Transport Layer Protocol........................................5
   3. Definitions and Architecture....................................5
   4. Packet Format and Contents......................................7
   4.1 syslog Message Parts...........................................8
   4.1.1 PRI Part.....................................................8
   4.1.2 HEADER Part of a syslog Packet..............................10
   4.1.3 MSG Part of a syslog Packet.................................11
   4.2 Original syslog Packets Generated by a Device.................12
   4.3 Relayed syslog Packets........................................12
   4.3.1 Valid PRI and TIMESTAMP.....................................13
   4.3.2 Valid PRI but no TIMESTAMP or invalid TIMESTAMP.............13
   4.3.3 No PRI or Unidentifiable PRI................................14
   5. Conventions....................................................14
   5.1 Dates and Times...............................................15
   5.2 Domain Name and Address.......................................15



Lonvick                      Informational


Next >


Web Standards & Support:

Link to and support eLook.org Powered by LoadedWeb Web Hosting
Valid XHTML 1.0! Valid CSS! eLook.org FireFox Extensions