syslog is a de facto standard for forwarding LogMessage in an Internet Protocol Computer network. The term syslog is often used for both the actual syslog network protocol, as well as the application or library sending syslog messages.

The syslog protocol is a very simplistic protocol: the syslog sender sends a small textual message (less than 1024 bytes) to the syslog receiver. The receiver is commonly called syslogd , syslog daemon or syslog server . Syslog messages are sent via User Datagram Protocol and contain the message in cleartext.

Syslog is typically used for computer system management and security auditing. While it has a number of shortcomings, its big plus is that syslog is supported by a wide variety of devices and receivers. Because of this, syslog can be used to integrate log data from many different types of systems into a central repository.

=History=

Syslog was developed by Eric Allman as part of the Sendmail project. Initially (in the early 1980s), it was used and designed for Sendmail only. However, it proved to be so valuable that other applications began to utilize syslog too. Today (2005), syslog is the standard logging solution on Unix and Linux systems. There also exist a variety of syslog implementations on other operating systems like Microsoft Microsoft Windows.

Interestingly, syslog was not standardized until recently. In an effort to improve its security, the Internet Engineering Task Force implemented a working group. In 2001, the status quo was documented in RFC 3164. Since then, new additions to syslog are being worked on. A formal specification and standardiziation of message content and transport layer mechanisms is scheduled for 2005.

=Outlook=

There is growing interest and new applications for syslog. Recently, syslog is being standardized and/or recommended for a number of auditing applications, for example in the health care environment (IHE) as well as for formalized network management.

= Implementations =

=Related RFCs =

= External links =