Syslog data format

Security Event Manager accepts syslog data from devices running Syslog-ng and Rsyslog log forwarding utilities. Syslog-ng is the default log forwarding utility for most firewalls, routers, and switches.

Data logged by Rsyslog-enabled devices to Security Event Manager must be in one of the formats listed below.

Format option 1: YYYY-MM-DD HH:MM:SS ip/address message

Example: 2024-4-25 06:22:36 10.0.0.1 This is my message

Format option 2: 1694686500000 10.0.0.1 This is my message

Example: 1694686500000 10.0.0.1 This is my message

Supported format for Kiwi: DateTime (YYYY-MM-DD HH:MM:SS))[TAB] Priority (Facility.Level) [TAB] Hostname [TAB] Message

Example: 2024.04.25 10:15:00 Local7.info 10.0.0.1 This is my message

Search SolarWinds Support

Syslog data format