RSYSLOG Overview

Syslog Definition

Syslog is a standard protocol that defines log information and collection with 'The BSD syslog protocol' defined in RFC 3164.

Transport Protocol

Syslog transmits log information using the User Datagram Protocol (UDP) and is transmitted using port number 514.

Since UDP is used, the reliability of the transfer cannot be guaranteed and is unilaterally transferred to the server and ended.

Packet Format

Syslog Message is divided into PRI Part, Header, and MSG.

PRI Part

It consists of Facility and Severity.

The Facility is defined as follows:

Numerical Code	Facility
0	Kernel messages
1	User-level messages
2	Mail system
3	System daemons
4	Security/authentication messages
5	Messages generated internally by syslogd
6	Line printer subsystem
7	Network news subsystem
8	UUCP subsystem
9	Clock daemon
10	Security/authentication messages
11	FTP daemon
12	NTP subsystem
13	Log audit
14	Log alert
15	Scheduling daemon
16–23	Locally used facilities

Severity

Numerical Code	Severity
0	Emergency: system is unusable
1	Alert: action must be taken immediately
2	Critical: critical conditions
3	Error: error conditions
4	Warning: warning conditions
5	Notice: normal but significant condition
6	Informational: informational messages
7	Debug: debug-level messages

The PRI value consists of 8 times the facility value and the severity value added.

For example, a facility of 20 and severity of 5 would be 20 x 8 +5 = 165.

HEADER Part

The header consists of timestamp and hostname( or IP address).

MSG Part

This is a text message indicating additional information, separated by TAG Field and CONTENT Field.

TAG means process name, and the content contains detailed messages.

Packet Format

PRI		HEADER		MSG
FACILITY	SEVERITY	TIMESTAMP	HOSTNAME	TAG CONTENT

Comments

What is NMS and EMS

First of all, NMS is an abbreviation for Network Management System, and EMS is an abbreviation for Element Management System. TMN, a very old standard document, describes the two as concepts such as NM, EM, and NE. We will look at the relevant standard documents when there is an opportunity in the future, and first, let's look at a schematic concept. In order to efficiently operate and manage network equipment, NMS and EMS suitable for the service area are required. In general, in the case of wired networks, NMS is often operated alone, and in the case of mobile communication networks, EMS is required in addition to NMS. In this article, we will examine the concept of the overall management system and explain the differences between NMS and EMS. Management System refers to a GUI system that performs network management functions, usually represented by FCAPS. Here, FCAPS means the following five functions. l Fault Management l Configuration Management l Accou...

FCAPS: Major Functions of Management System(NMS, EMS)

When defining the functions of NMS and EMS, it is often referred to as FCAPS. FCAPS stands for Fault, Configuration, Account, Performance, and Security. The functions of a normal management system are all included in this category. Let's take a look at each function. Fault Management Fault means unavailable status. When talking about a fault, it is usually referred to as an alarm. Fault and alarm are not specifically distinguished, but to be strict, fault can be considered to mean a phenomenon in which a fault occurred in the system, and faults are classified into hardware and software. Alarm defines in detail about a fault that has occurred and informs the operator when a fault occurs. According to the definition of the standard document, Alarm usually has Severity, Probable Cause, Category, and additionally includes location information. A brief look at each definition is as follows. Severity: Severity is defined as Critical Major, Minor, Warn...

Install VirtualBox Ubuntu 20.04

Let's install Ubuntu on VirtualBox. The installed version is based on 20.04, it is the latest LTS version at the time of writing. If you want to download another version, you can go to releases.ubuntu.com and download the version you want. 1. Ubuntu Download Go to the site below and download Ubuntu 20.04 Version. ubuntu.com/download/desktop 2. Installation 2.2 Input Name, and click Next(N). 2.3 For the memory size, set the recommended memory size of 1024 MB. 2.4 Set up the hard disk. Use the recommended 10.00 GB. 2.5 Select the hard disk file type as VDI. 2.6 Storing on a physical hard drive selects dynamic allocation. 2.7 Confirm file location and size. 2.8 Once you've done that, you'll see your virtual machine as shown below. 2.9 From now on, it is the process of installing Ubuntu on the virtual machine. Run setup and select storage as shown below 2.10 Controller: Select IDE's Empty and choose the optical drive. Just select the Ubuntu file you d...

For Next Stage

Search This Blog