Submit a ticketCall us

AnnouncementsFace your biggest database issues head-on

Our new eCourse helps you navigate SQL Server performance blocks by teaching you how to recognize and deal with the three DBA Disruptors: Performance Hog, Blame Shifter, and Query Blocker. Register today to learn how to defend your environment and fend off menacing disruptions.

Register for your free eCourse.

Home > Success Center > Network Configuration Manager (NCM) > NCM Documentation > NCM 7.8 Administrator Guide > Syslog messages monitoring > Syslog message priorities

Syslog message priorities

Created by Caroline Juszczak, last modified by Anthony.Rinaldi_ret on Oct 03, 2016

Views: 363 Votes: 0 Revisions: 4

This Orion Platform topic applies to the highlighted products:

DPAIMEOCETSIPAMLMNCMNPMNTASAMSRMUDTVMANVNQMWPM

At the beginning of each Syslog message, there is a priority value. The priority value is calculated using the following formula:

Priority = Facility * 8 + Severity

Syslog facilities

The facility value indicates which machine process created the message. The Syslog protocol was originally written on BSD Unix, so Facilities reflect the names of UNIX processes and daemons.

If you are receiving messages from a UNIX system, consider using the User Facility as your first choice. Local0 through Local7 are not used by UNIX and are traditionally used by networking equipment. Cisco routers, for example, use Local6 or Local7.

Number

Source

Number

Source

0

kernel messages

12

NTP subsystem

1

user-level messages

13

log audit

2

mail system

14

log alert

3

system daemons

15

clock daemon

4

security/authorization messages

16

local use 0 (local0)

5

messages generated internally by Syslog

17

local use 1 (local1)

6

line printer subsystem

18

local use 2 (local2)

7

network news subsystem

19

local use 2 (local3)

8

UUCP subsystem

20

local use 2 (local4)

9

clock daemon

21

local use 2 (local5)

10

security/authorization messages

22

local use 2 (local6)

11

FTP daemon

23

local use 2 (local7)

Syslog severities

The following table provides a list of Syslog severity levels with descriptions and suggested actions for each.

Number

Severity

Suggested Actions

0

Emergency

A "panic" condition affecting multiple applications, servers, or sites. System is unusable. Notify all technical staff on call.

1

Alert

A condition requiring immediate correction, for example, the loss of a backup ISP connection. Notify staff who can fix the problem.

2

Critical

A condition requiring immediate correction or indicating a failure in a primary system, for example, a loss of a primary ISP connection. Fix CRITICAL issues before ALERT-level problems.

3

Error

Non-urgent failures. Notify developers or administrators as errors must be resolved within a given time.

4

Warning

Warning messages are not errors, but they indicate that an error will occur if required action is not taken. An example is a file system that is 85% full. Each item must be resolved within a given time.

5

Notice

Events that are unusual but are not error conditions. These items might be summarized in an email to developers or administrators to spot potential problems. No immediate action is required.

6

Informational

Normal operational messages. These may be harvested for network maintenance functions like reporting and throughput measurement. No action is required.

7

Debug

Information useful to developers for debugging an application. This information is not useful during operations.

 

Last modified

Tags

Classifications

Public
/*]]>*/