syslog protocol

'', 'clear' => '', 'margin_top' => '', 'margin_bottom' => '', 'padding_top' => '', 'padding_bottom' => ''), array(), array()) -->

syslog is a protocol for tracking and logging all manner of system messages. Linux applications use syslog to export all their error and status messages to files located in the /var/log directory.

syslog uses the client-server model; a client transmits a text message to the server (receiver). The server is commonly called syslogd, syslog daemon or syslog server. syslog uses the User Datagram Protocol (UDP) port 514 for communication. The messages are sent in cleartext, although an SSL wrapper can be used to provide encryption.

Each message sent to the syslog server has two labels associated with it that makes the message easier to handle. The first label describes the function (facility) of the application that generated it. For example, mail servers typically log using the mail facility. The second label specifies the severity level. After these two labels, the action in specified. The action is usually a filename in the /var/log directory tree, in which the messages will be stored:

facility.priority  action

Here is a list of facilities available:

NumberKeywordFacility description0kernkernel messages1useruser-level messages2mailmail system3daemonsystem daemons4authsecurity/authorization messages5syslogmessages generated internally by syslogd6lprline printer subsystem7newsnetwork news subsystem8uucpUUCP subsystem9-clock daemon10authprivsecurity/authorization messages11ftpFTP daemon12-NTP subsystem13-log audit14-log alert15cronclock daemon16local0local use 0 (local0)17local1local use 1 (local1)18local2local use 2 (local2)19local3local use 3 (local3)20local4local use 4 (local4)21local5local use 5 (local5)22local6local use 6 (local6)23local7local use 7 (local7)

Here is a list of severity levels:

 

CodeSeverityKeywordDescription0Emergencyemerg (panic)System is unusable.1AlertalertAction must be taken immediately.2CriticalcritCritical conditions.3Errorerr (error)Error conditions.4Warningwarning (warn)Warning conditions.5NoticenoticeNormal but significant condition.6InformationalinfoInformational messages.7DebugdebugDebug-level messages.

NOTE – when you specify a priority, you are actually specifying everything at that priority or higher. For example, mail.info would mean all messages coming from the mail facility with the info, notice, warning, err, crit, alert or emerg priority.
.

'', 'clear' => '', 'margin_top' => '', 'margin_bottom' => '', 'padding_top' => '', 'padding_bottom' => ''), array(), array()) -->syslog labels example

Read more

Network Time Protocol (NTP)

'', 'clear' => '', 'margin_top' => '', 'margin_bottom' => '', 'padding_top' => '', 'padding_bottom' => ''), array(), array()) -->

NTP (stands for Network Time Protocol) is a networking protocol used to synchronize computer clock times in a network of computers. Accurate time across a network is important for many reasons and even small fractions of a second can create problems. For example, time stamps on files may become confused if a file server and its clients have different times. Security mechanisms (such as Kerberos) depend on coordinated times across the network.

NOTE – NTP uses User Datagram Protocol (UDP) port 123.

NTP uses a hierarchical system of time sources. At the top of the structure are highly accurate time sources – typically atomic or GPS clocks, referred to as stratum 0 time servers. Stratum 1 servers are directly linked to atomic or GPS clocks. These stratum 1 computers run NTP servers that deliver the time to stratum 2 servers, and so on (Photo credit: Wikipedia):

NOTE – the term NTP also applies to the client/server programs that run on computers.

'', 'clear' => '', 'margin_top' => '', 'margin_bottom' => '', 'padding_top' => '', 'padding_bottom' => ''), array(), array()) -->

Read more