Table of Contents
Syslog.pl
Overview
This daemon simply listens on port 514 and stores incoming syslog messages in NeDi's Messages table. You may need to prevent the original syslogd from hogging this very port. If your syslogd doesn't come with an appropriate option, it can be done by changing the syslog port in /etc/services.
Usage
Usually you'd simply start it with -D to put it in the background.Turn on verbose output with -v or even more verbose output with -V for debugging problems.
Gory Details
The daemon will periodically read NeDi's Devices table in order to distinguish whether a source is an actual device or not (you could have servers send syslog messages as well).
Incoming messages are translated as follows:
| Severity | Level | Comment |
|---|---|---|
| 0,1,2 | Alert (200) | Triggers notification |
| 3 | Warning (150) | - |
| 4 | Notice (100) | - |
| x | Info (50) | Default for devices |
| x | Unspecified (10) | Default, if source IP not found in Devices |
