When you create a syslog notification rule, the system sends log messages to your syslog server for each applicable system event.
Syslog settings
- Enable: Turns on syslog notifications
- Host: The hostname or IP address of the syslog server
- Port: The port on which the syslog server listens for log messages
- Facility: Category for the messages sent by this notification rule
Message settings
You use the syslog notification message settings to configure a template for formatting all syslog notifications sent by this notification rule.
- Message: The message to send. You can use these variables as part of the message:
Variable Description $severity Event severity: INFO, WARNING, or SEVERITY $subject A short description of the event $message Event message text $time Time at which the event occurred $userName Name of the user responsible for the event $subsystem Category for the component affected by the event $objectId Unique identifier for component affected by the event $objectType The type of the component affected by the event. $objectSourceId Unique identifier of the internal system component or process that was the source of the event. Value is [unknown] for most events. $objectSourceType Type of the internal system component or process that was the source of the event. Value is [unknown] for most events. - Sender Identity: Identity of the sender for the event. Sent with every syslog message.
Severity filter
The event severity level to use when triggering syslog notifications. Can be one or more of the following: INFO, WARNING, or SEVERITY.