syslog protocol

syslog protocol

(SYStem LOG protocol) A protocol for transmitting event messages and alerts across an IP network. Messages are sent by the operating system or application at the start or end of a process or to report the current status of a process. Initially developed for the Unix sendmail application, syslog became commonly used in all environments and was made an IETF standard in 2001.

Relays and Collectors
Using UDP or TCP as the transport and typically 514 as the port number, the sending device may transmit to a "relay," which forwards the message to a "collector," which stores it. The collector is also known as a "syslog server" or "syslog daemon." The plain text message may be sent to more than one relay or collector at the same time. See ULP.