SYSLOG-table
The SYSLOG table can be used to specify which computers will receive which SYSLOG messages.
This table typically has the following structure:
Idx. IP-address Source Level SALR 10.0.0.170 01 01 ADMA 10.0.0.170 40 ff CNAL 10.0.0.180 31 0A An index four characters in length is specified in the 'Idx.' field to differentiate the entries. This is necessary as multiple combinations of source and level can be entered for an IP address, for example.
The 'IP address' field contains the addresses of the respective recipients.
The source of the messages to be sent to the address mentioned above is encoded in the 'Source' field. This is a bit field, in which exactly one bit is reserved for each source. The following table applies for the association of sources and bits:
Source Bit Value SYSTEM 0 0x01 CONN-LOGIN 1 0x02 CRON 2 0x04 ADMIN LOGIN 3 0x08 CONNECTION 4 0x10 ACCOUNTING 5 0x20 ADMIN 6 0x40 PACKET 7 0x80 The alarm level of the messages to be sent to the SYSLOG recipient is encoded in the 'Level' field. This is also a bit field in which exactly one bit is reserved for each level. The following table applies for the association of levels and bits:
Level Bit Value ALERT 0 0x01 ERROR 1 0x02 WARNING 2 0x04 INFO 3 0x08 DEBUG 4 0x10 A generated SYSLOG message is sent to the specified computer when both the appropriate source and level bits have been set.
Computer 10.0.0.170 would thus receive the following message on the basis of the sample SYSLOG table described above:
- SYSTEM_ALERT(Index SALR: Source 01 = SYSTEM, Level 01 = ALERT)
- ADMIN_xxx(Index ADMA: Source 40 = ADMIN, Level f f = all levels)On the other hand, computer 10.0.0.180 would receive this message:
- CONN-LOGIN_INFO
- CONN-LOGIN_ERROR
- CONNECTION_INFO
- CONNECTION_ERROR
- ACCOUNTING_INFO
- ACCOUNTING_ERROR
(Index CNAL: Source 31 = CONN-LOGIN + CONNECTION + ACCOUNTING, Level 0A = ERROR + INFO)
© Copyright 2001, ELSA AG http://www.elsa.de |