Table of Contents
Advertisement
390
C
16: N
HAPTER
ETWORK
Transport Mechanism
Terminology
3Com
Implementation
M
ANAGEMENT
Terminology
■
3Com Implementation
■
Syslog Message Components
■
Syslog uses the User Datagram Protocol (UDP) as its underlying Transport
layer mechanism. UDP port 514 is the Syslog port.
3Com recommends that the source port also be 514 to indicate that the
message is from the Syslog process of the sender. If the sender uses a
source port other than 514, 3Com recommends that subsequent
messages are from a single consistent port.
Here are some Syslog terms which you must be familiar:
A machine that can generate a message is called a device.
■
A machine that can receive the message and forward it to another
■
machine is called a relay.
A machine that receives the message and does not relay it to any
■
other machines is called a collector. This has been commonly known
as a Syslog server.
Any device or relay is known as the sender when it sends a message.
■
Any relay or collector is known as the receiver when it receives the
■
message.
Senders send messages to relays or collectors with no knowledge of
■
whether it is a collector or relay.
Senders might be configured to send the same message to multiple
■
receivers.
Relays might send all or some of the messages that they receive to a
■
subsequent relay or collector. In the case where they do not forward
all of their messages, they are acting as both a collector and a relay. In
the following diagram, these devices will be designated as relays.
Relays might also generate their own messages and send them on to
■
subsequent relays or collectors. In that case, a relay is acting as a
device.
The IP address of the Syslog server, ports, and the status of the Syslog
servers are persistent across reboots.
- Quick Links:
- Initial System Configuration
- Ip Settings
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
