Format of Syslog Messages

Each Syslog message is of the format:

SYSLOG_HEADER LogLogic_ID Common_Alert_Message_Attributes Alert_Specific_Message_Attributes
  

The common and specific message attributes are a set of name/value pairs (Name="Value") that conform to the following rules:

• The order of the name/value pairs is NOT significant.
• Syslog messages sent/received by LogLogic LMI are limited to 65535 characters.
• One or more spaces are allowed between each name/value pair.
• The number of spaces in a value is always significant.
• New lines (\n) and binary characters are not possible in Syslog alert messages. Binary characters are converted to \xNN, where NN is the hex value of the binary character. If there is a new line value, then it becomes \x0A in the final Syslog alert message.
• All values appear between quotation marks ("Value").
• Double quotation marks ("") are escaped by a backslash (\") if found in the attribute value.
• To specify names not part of the LogLogic specifications, you must specify them as follows: name (starts with a character), followed by numbers, characters, and underscores.

TIBCO LogLogic® reserves the right to change the message format in future revisions to suit the need of our customers and development partners. The format has been designed to support some types of future extensions while maintaining backward compatibility. Possible types of changes include:

• The addition of name/value pairs to be inserted at any location in the message
• The text of the Summary attribute may change for readability or to provide additional information

Copyright © 2020. Cloud Software Group, Inc. All Rights Reserved.