NOTICE: Citizendium is still being set up on its newer server, treat as a beta for now; please see here for more.
Citizendium - a community developing a quality comprehensive compendium of knowledge, online and free. Click here to join and contribute—free
CZ thanks our previous donors. Donate here. Treasurer's Financial Report -- Thanks to our content contributors. --


From Citizendium, the Citizens' Compendium
Revision as of 20:12, 12 February 2009 by Howard C. Berkowitz (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
This article is developing and not approved.
Main Article
Definition [?]
Related Articles  [?]
Bibliography  [?]
External Links  [?]
Citable Version  [?]
This editable Main Article is under development and not meant to be cited; by editing it you can help to improve it towards a future approved, citable version. These unapproved articles are subject to a disclaimer.

syslog is both the name of an computer-based event recording service, and the protocol that delivers the event information to the server.[1] Syslog was introduced in BSD UNIX, but is deployed on virtually all computers.

The syslog protocol runs over the User Datagram Protocol, with the server at well-known port 514. The protocol definition recommends that the source port also be 514, but, if the sender uses a different source port, it is further recommended that all traffic from that source use the same terminology.


For syslog, a computer that can generate a message is called a "device". A machine that can receive the message and forward it to another machine will be called a "relay".

What commonly is called a "syslog server" is formally a "collector". Any device or relay will be known as the "sender" when it sends a message.


  1. C. Lonvick (August 2001), The BSD Syslog Protocol, RFC3164