Further detail regarding Defender syslog output formatting. (4303676)

Chat now with support

Return

Feedback Submitted

Did this article solve an issue for you?

Select Rating

Title

Further detail regarding Defender syslog output formatting.
Description

Is there further detail regarding the Defender syslog output / formatting?
Resolution

Further detail regarding the Defender syslog message format:
The message format is :
[Facility + Severity][Timestamp][Hostname][Message]
Example :
<173>Jul 11 02:16:35 DEFDSS DEFDSS:Service Stopping
Following are the components of the syslog message
• Facility
• Severity
• Timestamp
• Hostname
• Message
The different facility values used are:
16 = LocalUse0,
17 = LocalUse1,
18 = LocalUse2,
19 = LocalUse3,
20 = LocalUse4,
21 = LocalUse5,
22 = LocalUse6,
23 = LocalUse7,
The different severity values used are:
0 = Emergency, // : system is unusable
1 = Alert, // : action must be taken immediately
2 = Critical, // : critical conditions
3 = Error, // : error conditions
4 = Warning, // : warning conditions
5 = Notice, // : normal but significant condition
6 = Informational, // : informational messages
7 = Debug, // : debug-level messages
Timestamp : The timestamp is the local time (in MMM DD HH:MM:SS format) of the server when the message was generated.
Hostname : Hostname of the server from which the message was generated.
Message : This is the text of the syslog message, along with DEFDSS: in it to uniquely identify the messages of Defender.

Feedback Submitted

Did this article solve an issue for you?

Select Rating

Title