Syslog Log Forwarding
Please consider the following when creating and managing syslog profiles.
Log Format and Delimiters
outputDelimiter must correspond to the outputFormat:
outputFormat | outputDelimiter |
|---|---|
"CSV" | "," , "\t", "|","^"," " |
"LEEF" | "\t" |
"CEF" | " " |
Any other combination will throw a mapping error.
Facility Field Values
facility must have one of the following values:
- USER
- LOCAL0
- LOCAL1
- LOCAL2
- LOCAL3
- LOCAL4
- LOCAL5
- LOCAL6
- LOCAL7
For more information about the facility field, see RFC 5424.
For definitions of the fields mentioned, please see the API Reference.
For more information about syslog log forwarding, please see the user documentation.