Submit a ticketCall us

Quickly Address Software Vulnerabilities
Patch Manager is an intuitive patch management software which extends the capabilities of WSUS and SCCM to not only patch Windows® servers and workstations, and Microsoft® applications, but also other 3rd-party applications which are commonly exploited by hackers. Learn more about our patch management solution.

 

Home > Success Center > User Device Tracker (UDT) > UDT Administrator Guide > Monitor syslog messages > Syslog Facilities

Syslog Facilities

Table of contents
No headers
Created by Steven Bansil, last modified by Steven Bansil on Feb 01, 2017

Views: 9 Votes: 0 Revisions: 3

The facility value indicates which machine process created the message. The Syslog protocol was originally written on BSD Unix, so Facilities reflect the names of UNIX processes and daemons, as shown in the following table.

If you are receiving messages from a UNIX system, consider using the User Facility as your first choice. Local0 through Local7 are not used by UNIX and are traditionally used by networking equipment. Cisco routers, for example, use Local6 or Local7.

Number

Source

Number

Source

0

kernel messages

12

NTP subsystem

1

user-level messages

13

log audit

2

mail system

14

log alert

3

system daemons

15

clock daemon

4

security/authorization messages

16

local use 0 (local0)

5

messages generated internally by Syslog

17

local use 1 (local1)

6

line printer subsystem

18

local use 2 (local2)

7

network news subsystem

19

local use 2 (local3)

8

UUCP subsystem

20

local use 2 (local4)

9

clock daemon

21

local use 2 (local5)

10

security/authorization messages

22

local use 2 (local6)

11

FTP daemon

23

local use 2 (local7)

 
Last modified
20:28, 31 Jan 2017

Tags

Classifications

Public