Syslog Output Object (Send-Syslog Cmdlet)
Created whenever a system log packet is sent.
Syntax
Object Syslog {string Server;
string Facility;
string Severity;
string Message;
}
Remarks
System log packets are composed of three main sections, each of which can be broken down into two smaller pieces.
The first section is the PRI, which contains the originating FacilityCode and SeverityCode of the Message. FacilityCode is a value from 0 to 23, with each value being a different part of the system. Facility is a string representation of FacilityCode based on the following convention:
| 0 | Kernel messages |
| 1 | User-level messages |
| 2 | Mail system |
| 3 | System daemons |
| 4 | Security/authorization messages |
| 5 | Messages generated internally by syslogd |
| 6 | Line printer subsystem |
| 7 | Network news subsystem |
| 8 | UUCP subsystem |
| 9 | Clock daemon |
| 10 | Security/authorization messages |
| 11 | FTP daemon |
| 12 | NTP subsystem |
| 13 | Log audit |
| 14 | Log alert |
| 15 | Clock daemon |
| 16 | Local use |
| 17 | Local use |
| 18 | Local use |
| 19 | Local use |
| 20 | Local use |
| 21 | Local use |
| 22 | Local use |
| 23 | Local use |
SeverityCode is a value from 0 to 7. Severity is a string representation of SeverityCode using the following convention:
| 0 | Emergency - the system is unusable. |
| 1 | Alert - action must be taken immediately. |
| 2 | Critical - critical conditions exist. |
| 3 | Error - error conditions exist. |
| 4 | Warning - warning conditions exist. |
| 5 | Notice - normal but significant condition. |
| 6 | Informational - informative message. |
| 7 | Debug - debug-level messages. |
The second section contains the Timestamp and Server. Timestamp is ignored, but Server indicates the host which generated this syslog packet.