Mahlon Greene

Syslog Timestamps and RFC's

Recommended Posts

Syslog issues:

1. Being bound to only the two RFC for syslog is near sighted:   syslog / timestamp / formatting should be more flexible.

2.  the biggest concern I have is that Syslog should reflect the time stamp of the COLLECTOR'S NIC at the time the syslog packet ARRIVES at the collector....not the syslog / timestamp of the system sending the message :  this is especially important with systems where clock settings or NTP are currently failing......alerting is based on the time stamp :  if the time stamp says Jan 1st 2001 12:01am  becasue the CMOS battery on the unit failed......than we NEVER see those syslog messages due to alerting range.

 

 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.