Syslog Insight Pack
The Syslog Insight Pack extends IBM® Operations Analytics - Log Analysis functionality so it can ingest and perform metadata searches against syslog data logging.
This document describes the version of the Syslog Insight Pack that is installed when you install IBM Operations Analytics - Log Analysis. An updated version of the Syslog Insight Pack may have been published after this version of IBM Operations Analytics - Log Analysis. To download the latest versions of this Insight Pack as well as updated documentation, see http://www.ibm.com/developerworks/servicemanagement/downloads.html.
The formatted log includes specific property values in a name/value pair format to aid data ingestion.
Syslog is a standard for recording events to track system activity and to diagnose problems. It separates the software that generates messages from the system that stores them and the software that reports and analyzes them. Implementations are available for many operating systems. Specific configuration permits the direction of messages to various devices (console), files (/var/log/) or remote syslog servers. rsyslog is an open source software utility used on UNIX and Unix-like computer systems for forwarding log messages in an IP network. It implements the basic syslog protocol.
Supported versions
The Syslog Insight Pack can be installed with IBM Operations Analytics - Log Analysis (SCALA) 1.1.0.0 and higher.
rsyslog version 3 is included as the default syslog tool for RHEL 5.2, and this is the minimum version supported by IBM Operations Analytics - Log Analysis. IBM Operations Analytics - Log Analysis supports rsyslog version 3, 5, 6 and 7. IBM Operations Analytics - Log Analysis supports the rsyslog list format, which is recommended by rsyslog, for version 7 and higher of rsyslog.