ELSA Documentation


SYSLOG-table

The SYSLOG table can be used to specify which computers will receive which SYSLOG messages.

This table typically has the following structure:

Idx. IP-address Source Level
SALR 10.0.0.170 01 01
ADMA 10.0.0.170 40 ff
CNAL 10.0.0.180 31 0A

An index four characters in length is specified in the 'Idx.' field to differentiate the entries. This is necessary as multiple combinations of source and level can be entered for an IP address, for example.

The 'IP address' field contains the addresses of the respective recipients.

The source of the messages to be sent to the address mentioned above is encoded in the 'Source' field. This is a bit field, in which exactly one bit is reserved for each source. The following table applies for the association of sources and bits:

Source Bit Value
SYSTEM 0 0x01
CONN-LOGIN 1 0x02
CRON 2 0x04
ADMIN LOGIN 3 0x08
CONNECTION 4 0x10
ACCOUNTING 5 0x20
ADMIN 6 0x40
PACKET 7 0x80

The alarm level of the messages to be sent to the SYSLOG recipient is encoded in the 'Level' field. This is also a bit field in which exactly one bit is reserved for each level. The following table applies for the association of levels and bits:

Level Bit Value
ALERT 0 0x01
ERROR 1 0x02
WARNING 2 0x04
INFO 3 0x08
DEBUG 4 0x10

A generated SYSLOG message is sent to the specified computer when both the appropriate source and level bits have been set.

Computer 10.0.0.170 would thus receive the following message on the basis of the sample SYSLOG table described above:

- SYSTEM_ALERT(Index SALR: Source 01 = SYSTEM, Level 01 = ALERT)
- ADMIN_xxx(Index ADMA: Source 40 = ADMIN, Level f f = all levels)

On the other hand, computer 10.0.0.180 would receive this message:

- CONN-LOGIN_INFO
- CONN-LOGIN_ERROR
- CONNECTION_INFO
- CONNECTION_ERROR
- ACCOUNTING_INFO
- ACCOUNTING_ERROR
(Index CNAL: Source 31 = CONN-LOGIN + CONNECTION + ACCOUNTING, Level 0A = ERROR + INFO)


© Copyright 2001, ELSA AG
http://www.elsa.de