17.2. Syslog Servers

The syslog Protocol was originally designed for the BSD operating system that has since been incorporated into other operating systems. The syslog specification is outlined in RFC 3164. The syslog protocol has two uses: to collect logging information from applications on a server and to collect logging information from other devices on the network.

A syslog server is an excellent tool for collecting information from routers and switches. Because these devices do not have a lot of storage space, sending logging information to another device gives network administrators a chance to maintain a historical perspective on network events, and can help track changes in the network.

A syslog server also helps to increase network ...

Get The Practice of Network Security: Deployment Strategies for Production Environments now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.