Syslog Technology

Syslog is a standardized and widely used event message logging technology. Syslog is used to generate, store, report, and analyze security-related events.
When Syslog operates over a network, it uses a client-server architecture in which a syslog server monitors for, and logs, messages that are coming from clients.
The following products support Syslog:
  • FactoryTalk® Linx
    software, version 6.21 or later
  • ControlLogix®
    5580 controllers, firmware revision 34.011 or later
  • ControlLogix®
    5590 controllers, firmware revision 38.011 or later
  • GuardLogix®
    5580 controllers, firmware revision 34.011 or later
  • 1756-EN4TR
    EtherNet/IP
    communication module, firmware revision 4.001 or later
  • 1783-CSP
    CIP Security
    Proxy, firmware revision 1.001 or later
  • PowerFlex®
    755T drives, firmware revision 10.001 or later
  • PowerFlex®
    6000T drives, firmware revision 10.001 or later
IMPORTANT:
CIP Security
-capable devices are Syslog-capable. To enable and configure Syslog in certified security applications, you must implement
CIP Security
.
However, Syslog is not exclusive to industrial automation control systems that use
CIP Security
.
You can also use Syslog in applications that aren't certified security applications, and with
CIP Security
-capable devices when
CIP Security
is not enabled on the devices.
For more information on Syslog, see the following:
  • Syslog Status Messages Reference Data, publication SYSLOG-RD001

Syslog Collector

A Syslog collector stores event messages that are sent from the generating device to the collector.
When you choose a Syslog collector tool, it must support the following:
  • RFC-5424 Syslog protocol
  • Ability to receive messages from
    CIP Security
    -enabled devices
Provide Feedback
Have questions or feedback about this documentation? Please submit your feedback here.
Normal