SYSLOG Output Format

The SYSLOG output format can be used to send messages to a Syslog server, to create text files containing Syslog messages, and to send Syslog messages to users.

The SYSLOG output format generates messages formatted according to the Syslog specifications described in RFC 3164.
Syslog messages consist of six parts, and the SYSLOG output format provides parameters that allow users to assign constants or output record fields to the different parts of a message.

The following example shows Syslog messages containing information gathered from the System event log:

<46>Apr 18 18:48:04 MYSERVER-M LogParser:EventLog: The Event log service was started. 
<30>Apr 18 18:48:27 MYSERVER-M LogParser:Service Control Manager: The Telephony service entered the running state. 
<46>Apr 18 18:51:37 MYSERVER-M LogParser:EventLog: The Event log service was stopped. 
<134>Apr 18 19:20:23 MYSERVER-M LogParser:Ati HotKey Poller: The service was started. 
<46>Apr 18 19:20:07 MYSERVER-M LogParser:EventLog: The Event log service was started. 
<30>Apr 18 19:20:47 MYSERVER-M LogParser:Service Control Manager: The Telephony service entered the running state. 
<46>Apr 18 19:33:17 MYSERVER-M LogParser:EventLog: The Event log service was stopped. 
<134>Apr 19 07:01:57 MYSERVER-M LogParser:Ati HotKey Poller: The service was started. 
<46>Apr 19 07:01:41 MYSERVER-M LogParser:EventLog: The Event log service was started. 
<30>Apr 19 07:02:07 MYSERVER-M LogParser:Service Control Manager: The Telephony service entered the running state. 

The SYSLOG output format can be optionally configured with a Syslog server configuration file, which describes the rules used to forward messages to files, Syslog servers, or users.


Message Structure
Configuration Files
Into-Entity Syntax
Parameters
Examples


© 2004 Microsoft Corporation. All rights reserved.