A Syslog message is a small event message transmitted from the ZFSSA to one or more remote systems. Syslog provides two ZFSSA functions:
Alerts can be configured to send Syslog messages to one or more remote systems
Services on the ZFSSA that are Syslog capable can have their Syslog messages forwarded to remote systems
The Syslog can be configured to use the classic output format described by RFC 3164, or the newer, versioned output format described by RFC 5424. Syslog messages are transmitted as UDP datagrams. Therefore they are subject to being dropped by the network, or may not be sent at all if the sending system is low on memory or the network is sufficiently congested. Administrators should therefore assume that in complex failure scenarios in a network some messages may be missing and were dropped.
The message contains the following elements:
A facility describing the type of system component that emitted the message
A severity describing the severity of the condition associated with the message
A timestamp describing the time of the associated event in UTC
A hostname describing the canonical name of the ZFSSA
A tag describing the name of the system component that emitted the message
A message describing the event itself