The following figure shows a sample syslog file.
Either item 29 or item 30 is output in one syslog information.
No. |
Item |
Description |
---|---|---|
1 |
Priority |
The priority of an item in the syslog file is determined according to the following formula, enclosed by brackets (< >): Priority = 8 × Facility + Severity Facility is 1 (fixed). Severity depends on the type of log information:
For example, if Severity is 4 (Error), <12> is output as the priority value. |
2 |
Date, time* |
The date and time in the format of "MMM DD HH:MM:SS" (MMM: month such as Jan or Dec, DD: day, HH: hour, MM: minute, and SS: second). If DD is a single digit (for example, 1), it is displayed as " 1" (with a blank space before "1") and not as "01". |
3 |
Detected location |
The host name (SVP) |
4 |
Program name |
The detection entity identifier (Storage) |
5 |
Unified specification identification |
The Unified specification identifier (CELFSS) |
6 |
The revision number of the Unified specification document (1.1) |
|
7 |
Message identification |
The serial number of the syslog header information |
8 |
No output |
|
9 |
Date, time#2* |
The date, time and the time difference between UTC and the local time in the format of "YYYY-MM-DDThh:mm:ss.s±hh:mm"
|
10 |
Detection entity |
The detection entity identifier (Storage) |
11 |
Detected location |
The host name (SVP) |
12 |
Type of audit event |
The category name of the event
|
13 |
Result of audit event |
"xxxx-yyyyy" indicates error codes and it is output only for Device Manager - Storage Navigator operations. |
14 |
Subject identification |
The user name in the format of "uid=user name"
|
15 |
Hardware identification |
The ID (R900) to identify the model name of the product and the serial number (five-digit number: 00001 to 99999) divided by a colon (for example, "R900:312334") |
16 |
Generated location |
No output |
17 |
Related information |
The location identification name set by the user in the Syslog tab on the Edit Audit Log Settings window |
18 |
No output |
|
19 |
No output |
|
20 |
Agent information |
No output |
21 |
Detailed information |
Identification of the host sending the request This information is output when a command is received from the host unless it is FC-SP authentication. |
22 |
No output |
|
23 |
No output |
|
24 |
No output |
|
25 |
Collective operation identifier. This is a serial number that identifies those multiple lines displayed by one operation are the same operation. This information is output only if the log type information is "BasicLog" and the category name is other than "AnomalyEvent". |
|
26 |
Log type information:
No output when the category name is "AnomalyEvent". |
|
27 |
Identification of the application. This information is output when commands are sent from the host. |
|
28 |
No output |
|
29 |
The same information contained in the basic information of the audit log file
Task name is output only when a task is registered using Device Manager - Storage Navigator. No parameter is output if the operation has no parameters. No serial number is output when the category name is "AnomalyEvent". |
|
30 |
The same information contained in the detailed information of the audit log file |
|
*A date and time being set on SVP are output as log data. If a failure, such as a SVP failure and a LAN failure, occurs in the storage system, the date and time may be output of the accumulated date and time since January 01, 1970. |