{"draft":"draft-ietf-syslog-protocol-23","doc_id":"RFC5424","title":"The Syslog Protocol","authors":["R. Gerhards"],"format":["ASCII","HTML"],"page_count":"38","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"Security Issues in Network Event Logging","abstract":"This document describes the syslog protocol, which is used to convey\r\nevent notification messages.  This protocol utilizes a layered\r\narchitecture, which allows the use of any number of transport\r\nprotocols for transmission of syslog messages.  It also provides a\r\nmessage format that allows vendor-specific extensions to be provided\r\nin a structured way.\r\n\r\nThis document has been written with the original design goals for\r\ntraditional syslog in mind.  The need for a new layered specification\r\nhas arisen because standardization efforts for reliable and secure\r\nsyslog extensions suffer from the lack of a Standards-Track and\r\ntransport-independent RFC.  Without this document, each other\r\nstandard needs to define its own syslog packet format and transport\r\nmechanism, which over time will introduce subtle compatibility\r\nissues.  This document tries to provide a foundation that syslog\r\nextensions can build on.  This layered architecture approach also\r\nprovides a solid basis that allows code to be written once for each\r\nsyslog feature rather than once for each transport.  [STANDARDS-TRACK]","pub_date":"March 2009","keywords":["[--------]","event notification message","syslog message","berkeley","software","distribution","transmission","messages"],"obsoletes":["RFC3164"],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC5424","errata_url":"https:\/\/www.rfc-editor.org\/errata\/rfc5424"}