000011721 - What is Silvertail Syslog syntax

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 22, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000011721
IssueWhat is Silvertail Syslog syntax

We rely on the syslog facility to write the logs so the message are consistent to syslog.

The format is as follows.

Date Time hostname source(sts_component_name)[PID]:[severity level keyword] {component instance #} {component instance #-dup} message 
IE: Nov 1 01:01:15 silvertswddprc mitigator[8540]:[crit] 0 0 message

The numbers between severity level keyword and message represent the instanceID of the component.

Some components can have multiple instances running on the same server.

In such cases, the instanceID would tell the difference.

The PID would be different as well but the Instance would tie it back to the service name which also ends with the instanceID

Legacy Article IDa61770