base/protocols/syslog/spicy-events.zeek

Events generated by the Syslog analyzer.

Summary

Events

syslog_message: event

Generated for monitored Syslog messages.

Detailed Interface

Events

syslog_message 

Type: event (c: connection, facility: count, severity: count, msg: string)

Generated for monitored Syslog messages.

See Wikipedia for more information about the Syslog protocol.

Parameters

c – The connection record for the underlying transport-layer session/flow.
facility – The “facility” included in the message.
severity – The “severity” included in the message.
msg – The message logged.

Note

Zeek currently parses only UDP syslog traffic.

Read the Docs v: current (v6.1.0)

Versions: master; v6.1.0; v6.0.2; v6.0.1; v6.0.0; v5.2.2; v5.2.0; v5.1.3; v5.1.2; v5.1.1; v5.1.0; v5.0.10; v5.0.9; v5.0.8; v5.0.7; v5.0.6; v5.0.5; v5.0.4; v5.0.3; v5.0.2; v5.0.1; v5.0.0; v4.2.2; v4.1.1; v4.0.9; v3.2.3; v3.1.4; v3.0.14; lts; current

Downloads: html

On Read the Docs: Project Home; Builds