Syslog Severity Values

Events can have security risks that can take many forms, for example:
  • Threat actors that try to gain unauthorized, and undetected, access to an IACS network with the intention to commit malicious acts.
  • Well-intentioned personnel with no malicious intention but who make mistakes that can result in unintended consequences.
The severity values are defined in The Syslog Protocol, RFC 5424, standard.
Syslog Event Security Risk Severity Values
Value
Severity Level
Description
emrg
0
Emergency
System is unusable
alrt
1
Alert
Should be corrected immediately
crit
2
Critical
Critical condition
err
3
Error
Error condition
warn
4
Warning
Error may occur if action is not taken
note
5
Notice
Events are unusual
info
6
Informational
Normal operations, no action required
audit
7
Audit
Information for the audit system
dbg
8
Debug
Information for developers
Provide Feedback
Have questions or feedback about this documentation? Please submit your feedback here.
Normal