|WikiProject Computing||(Rated Start-class, Low-importance)|
I am strongly in doubt if all the product/vendor links in the "implementation" section are really helpful. Anyhow, I've tried to complete it for now and brush it up, but I'd recommend to remove it altogether. Rgerhards 14:00, 26 January 2006 (UTC)
what happened in 2005
The article currently says "A formal specification and standardiziation of message content and transport layer mechanisms is scheduled for 2005." What was the outcome of the scheduled 2005 discussion?
See http://www.ietf.org/html.charters/syslog-charter.html for the latest news on syslog standardization
What about local syslog?
Is there a reason this article is entirely about the network protocol? syslog is on every unix machine and most of them neither send nor accept log messages over the network. The typical syslog configuration just writes everything to a few local files. If asked to summarize syslog, I'd say it's a service for collecting log messages from many sources and routing them in a configurable manner to various destinations. The sources and destinations can be remote hosts but usually aren't. --Tcsetattr 06:34, 31 January 2007 (UTC)
A liitle more detail, please.
How about mentioning such concepts as Facility and Level, perhaps listing the standard levels (Debug, Information, Notice, Notice, Warning, Error, Critical, Alert, Emergency).
- Just edited the article to change the word "level" into "severity". It's not called level. Check RFC 5424. It predominantly talks about severity, and not level. Granted, the old RFC did mention level a few more times, calling it "security levels" on occassion. But not anymore. Manadar (talk) 09:32, 29 December 2011 (UTC)
- Manadar's edit is good: the term "severity" should be used. But the terms "severity", "facility", and "priority" are field names; the terms "level" and "value" refer to the value of a field. This is true both in the UNIX standard and in RFC 5424. Contrary to Manadar's statement, RFC 5424 refers to the "severity level" at least once. The UNIX standard refers to the "severity", the "severity level", and the "severity-level". So yes, the word "severity" should be used, but no, avoiding the word "level" is not necessary (and may even create confusion). — Preceding unsigned comment added by Metaed (talk • contribs) 16:55, 29 December 2011 (UTC)
Products are creeping in here that are related to syslog but do not actually implement it. Perhaps a separate section is more appropriate for these, or elimination of the non-syslog products. —Preceding unsigned comment added by 18.104.22.168 (talk) 16:26, 21 August 2008 (UTC)
It has been some years ago that the patent claims were raised. What has happend since? Were they settled or abandoned? --22.214.171.124 (talk) 11:42, 10 March 2010 (UTC) The wording of the references to patent claims (plural), seem a bit misleading actually: "At different points in time, various companies have attempted patent claims on syslog.". All three of those references are to the same, apparently bogus patent claim and that only had to do with sending syslog over TLS as far as I can tell. I haven't done enough research to confirm that they were indeed the only patent claim made and the status thereof, but I would sure like to see the wording of this clarified. —Preceding unsigned comment added by Josdon (talk • contribs) 16:06, 22 April 2010 (UTC)
The Small Syslog Server link has been added & removed repeatedly. Should it stay or should it go? Any comments?
- This promotional link which advertises a nonfree server that isn't the subject of this article has recently been spammed across multiple Wikipedias by a very determined spammer. If it continues I will probably request that the link be blacklisted. See WikiProject Spam link report. ThemFromSpace 19:46, 12 July 2010 (UTC)
The link Syslog server installation on Debian leads to something that installs some sort of pretty syslog thing on Debian and is NOT about installing a normal syslog server which is part of all modern unixen. Being so misleading I propose this link be removed.
The SANS paper mentioned in the external link explicitly states:
Reposting is not permitted without express written permission.— SANS Institute, The Ins and Outs of System Logging Using Syslog, p. 1
Severity levels: description
The general description in the Severity level needs revision. syslog does not define that CRIT indicates a " failure in a secondary system", nor "within a given time" nor who should be notified.
- Well, the Wikipedia policy is "be bold". So I guess you can just do it, and if someone disagrees, they will correct. Thanks for your participation!
#!/bin/DokReggar -talk07:09, 2 September 2013 (UTC)
Syslog or syslog?
- It's only written Syslog in the start of sentences, not in the middle of them. RFC5424 uses the same format, capitalization following english standard. TuxyQ (talk|contrib) 19:02, 15 May 2014 (UTC)
The "Limitations" part seems not to be accurate and considers a specific usage of the protocol, without clearly stating it and without considering the others. For instance, syslog is not based on the UDP transport protocol but on the TLS protocol. UDP is just supported but not advised by RFC5424. The others limitations are more based on the configuration of tools using syslog rather than on the definition of the protocol itself. Moreover, this section is not written in an encyclopaedic way.
I would therefore advise this section to be corrected as soon as possible or otherwise deleted. — Preceding unsigned comment added by Silmilia (talk • contribs) 11:16, 16 May 2014 (UTC)
This article has become seriously convoluted, missing important concepts and including excessive detail.
I will attempt to rework it. Unfortunately I will need to do this piecemeal.
I welcome you comments, but please wait several days in case I (or someone else) makes intermediate changes.