Syslog - System Logging Protocol
=================================

.. panels::
    :container: container pb-4
    :column: col-lg-12 p-2
    :card: shadow

    .. panels::
        :container: container pb-4
        :column: col-lg-12 p-2
        :card: shadow

        **What is Syslog?**

        Syslog is a standard protocol used for message logging. It allows network devices and systems to send log or event messages to a centralized server for monitoring and storage.

    .. panels::
        :container: container pb-4
        :column: col-lg-12 p-2
        :card: shadow

        **Why is Syslog useful?**

        Syslog is useful because it centralizes logging from various systems and devices, enabling administrators to monitor events, detect issues, audit activity, and troubleshoot problems efficiently from one location.

    .. panels::
        :container: container pb-4
        :column: col-lg-12 p-2
        :card: shadow

        **How it works?**

        Devices and applications generate log messages and send them to a Syslog server (also called a Syslog collector) over the network. The server receives, stores, and possibly filters or analyzes the logs. Messages are typically classified by severity and facility codes.

    .. panels::
        :container: container pb-4
        :column: col-lg-12 p-2
        :card: shadow

        **Where is Syslog used?**

        Syslog is used across IT infrastructure, including routers, switches, firewalls, Linux/Unix servers, applications, and some Windows systems, especially in enterprise and service provider environments for centralized log management.

    .. panels::
        :container: container pb-4
        :column: col-lg-12 p-2
        :card: shadow

        **Which OSI layer does this protocol belong to?**

        Syslog operates at the **Application Layer (Layer 7)** of the OSI model.

    .. panels::
        :container: container pb-4
        :column: col-lg-12 p-2
        :card: shadow

        **Is Syslog Windows specific?**

        No, Syslog is not Windows specific. While not native to Windows, Syslog support can be added via third-party tools or services to forward Windows Event Logs.

    .. panels::
        :container: container pb-4
        :column: col-lg-12 p-2
        :card: shadow

        **Is Syslog Linux specific?**

        No, Syslog is not Linux specific, but it is natively supported and widely used in Linux and Unix-based systems through services like `rsyslog`, `syslog-ng`, and `journald`.

    .. panels::
        :container: container pb-4
        :column: col-lg-12 p-2
        :card: shadow

        **Which Transport Protocol is used by Syslog?**

        Syslog can use **UDP** (default), **TCP**, or even **TLS** for secure transport, depending on the implementation and configuration.

    .. panels::
        :container: container pb-4
        :column: col-lg-12 p-2
        :card: shadow

        **Which Port is used by Syslog?**

        - **UDP port 514** is the default for Syslog messages.
        - **TCP port 514** is sometimes used for reliable transmission.
        - **TCP port 6514** is used when Syslog messages are sent securely over TLS (RFC 5425).

    .. panels::
        :container: container pb-4
        :column: col-lg-12 p-2
        :card: shadow

        **Is Syslog using client-server model?**

        Yes, Syslog uses a **client-server model** where **Syslog clients** (devices or applications) send log messages to a **Syslog server** (collector), which stores or processes the messages.

.. panels::
        :container: container pb-4
        :column: col-lg-12 p-2
        :card: shadow

        Topics in this section,

                * :ref:`Learnings in this section <Syslog_step1>`

                * :ref:`Terminology <Syslog_step2>`

                * :ref:`Version Info <Syslog_step3>`

                * :ref:`Syslog Version&IEEE Details <Syslog_step5>`

                * :ref:`Syslog Basic Setup on Ubuntu using IPv4 <Syslog_step18>`

                * :ref:`Syslog Basic Setup on Ubuntu using IPv6 <Syslog_step19>`

                * :ref:`Syslog Protocol Packet Details <Syslog_step6>`

                * :ref:`Syslog Usecases <Syslog_step7>`

                * :ref:`Syslog Basic Features <Syslog_step8>`
                    
                * :ref:`Reference links <Syslog_step17>`


.. _Syslog_step1:

.. tab-set::

    .. tab-item:: Learnings in this section

        * In this section, you are going to learn

.. _Syslog_step2:

.. tab-set::

    .. tab-item:: Terminology
        
       * Terminology


.. _Syslog_step3:

.. tab-set::

    .. tab-item:: Version Info
    
         * Version Info


.. _Syslog_step5:

.. tab-set::

    .. tab-item:: Syslog Version&RFC Details

        * rfc details

.. _Syslog_step18:

.. tab-set::

    .. tab-item:: Syslog Basic Setup on Ubuntu using IPv4

       * setup

.. _Syslog_step19:

.. tab-set::
  
   .. tab-item:: Syslog Basic Setup on Ubuntu using IPv6

     * setup
       
.. _Syslog_step6:

.. tab-set::

    .. tab-item:: Syslog Protocol Packet Details

        * packet details
       


.. _Syslog_step7:

.. tab-set::

    .. tab-item:: Syslog Usecases

       * usecases
        
        

.. _Syslog_step8:

.. tab-set::

    .. tab-item:: Syslog Basic Features
    
        * features 



.. _Syslog_step17:

.. tab-set::

    .. tab-item:: Reference links
     
       * Reference links