Syslog Technology

Syslog is a standardized and widely used event message logging technology. Syslog is used to generate, store, report, and analyze security-related events.

When Syslog operates over a network, it uses a client-server architecture in which a syslog server monitors for, and logs, messages that are coming from clients.

The following products support Syslog:

FactoryTalk® Linx

software, version 6.21 or later

ControlLogix®

5580 controllers, firmware revision 34.011 or later

ControlLogix®

5590 controllers, firmware revision 38.011 or later

GuardLogix®

5580 controllers, firmware revision 34.011 or later

1756-EN4TR

EtherNet/IP™

communication module, firmware revision 4.001 or later

1783-CSP

CIP Security™

Proxy, firmware revision 1.001 or later

PowerFlex®

755T drives, firmware revision 10.001 or later

PowerFlex®

6000T drives, firmware revision 10.001 or later

IMPORTANT:

CIP Security™

-capable devices are Syslog-capable. To enable and configure Syslog in certified security applications, you must implement

CIP Security™

However, Syslog is not exclusive to industrial automation control systems that use

CIP Security™

You can also use Syslog in applications that aren't certified security applications, and with

CIP Security™

-capable devices when

CIP Security™

is not enabled on the devices.

For more information on Syslog, see the following:

Syslog Status Messages Reference Data, publication SYSLOG-RD001

Syslog Collector

A Syslog collector stores event messages that are sent from the generating device to the collector.

When you choose a Syslog collector tool, it must support the following:

RFC-5424 Syslog protocol

Ability to receive messages from

CIP Security™

-enabled devices

Configure Syslog Routing in FactoryTalk Policy Manager

Syslog Routing Settings

Understanding Event Messages

Syslog Facility Values and Severity Values

Provide Feedback

Have questions or feedback about this documentation? Please submit your feedback here.