Skip to main content

Syslog Log Forwarding

Please consider the following when creating and managing syslog profiles.

Log Format and Delimiters

outputDelimiter must correspond to the outputFormat:

outputFormatoutputDelimiter
"CSV""," , "\t", "|","^"," "
"LEEF""\t"
"CEF"" "

Any other combination will throw a mapping error.

Facility Field Values

facility must have one of the following values:

  • USER
  • LOCAL0
  • LOCAL1
  • LOCAL2
  • LOCAL3
  • LOCAL4
  • LOCAL5
  • LOCAL6
  • LOCAL7

For more information about the facility field, see RFC 5424.

For definitions of the fields mentioned, please see the API Reference.

For more information about syslog log forwarding, please see the user documentation.