 |
 |
|
| Introduction, Message Format, Message Segmentation: Remote desktop control appliance syslog reference | Free Trial | Support Virtualization Blog | Webcasts |
|
||||
 |
Bomgar 10.1.5 Syslog Message ReferenceIntroduction
This document is intended to provide a reference for the syslog messages that are generated by the Bomgar Box. It is assumed that the reader is familiar with the syslog concept and functionality. This document lists the different events that are logged by the syslog service that resides on the appliance and describes what the events mean as well as what triggers them. Message FormatAll syslog messages follow a specific format. Below is an example of a message as well as an explanation of its parts. Oct 12 14:58:35 example_host BG: 1234:01:01:site=support.example.com;who=John Smith(jsmith);who_ip=192.168.1.1;event=login;target=web/login;status=success The example above represents one message on one line. Messages can be broken down into two parts: a header followed by a payload of fields and values. The header is made up of the date, time, hostname, and the characters BG:, which designate that this message is a Bomgar-specific syslog message. The remaining header information is made up of a unique 4-digit site ID, a segment number, and the total number of segments. If your appliance has only one site installed, all messages will have the same site ID. All three of these data are followed by colons. So from the example above, the entire header is simply:
Following the header is the payload. The format of the payload is essentially field1=value1;field2=value2;... This format is better suited to provide an order-independent set of data than a comma-separated format would provide, since some of the messages may contain upwards of 70 fields of data. Finally, note also the escaping of "=", ";", and "\" characters. If any payload values include any of these characters, those characters will be prefixed with a backslash character ("\") to indicate that the next character is part of the value data, not a delimiter. For example, if a username were changed to user;s=name\id in the web interface, then the payload field/value pair in the syslog message would read ...new_username=user\;s\=name\\id;. Message SegmentationAs mentioned above, certain syslog messages can be much larger than others. As a result, the syslog service will segment any messages that are larger than 1KB in to multiple messages. In this guide, these messages will be referred to as segments. Since the message example above is less than 1024 bytes, the header shows a value of 01:01:, indicating that this is the first segment and that there is only one segment in this message. A larger example message which does show segmentation is used in the Old/New Nomenclature section on page 4 of this guide.
The Adobe® logo is a registered trademark of Adobe Systems Incorporated in the United States and/or other countries. |
||||||||||||
|
Index > Introduction Payload Format Integrated Login Old/New Nomenclature > Events Events cont. Events cont. Events cont. Events cont. Events cont. > Fields Login/Change Network Network Address/Route Appliance Interface Survey Question Question Option/File Store Group Policy Jumpoint/Kerberos Event Recipient Event Trigger/Rep Console Report Security Provider Provider Setting Provider Setting cont. Provider Setting cont. Site Alias/Message/Team Team Member/Issue User Permission Permission cont. Permission cont. Login Setting Login Setting cont. Login Setting cont. Login Setting cont. Login Setting cont. Login Setting cont. Login Setting cont. |
| © 2003-2008 Bomgar Corporation | All Rights Reserved | Remote Desktop Access & Control | Remote Support | Remote Access Software for Unattended Systems |
| Remote Desktop Control by BOMGAR | Privacy | Remote PC Access | Mac Remote Access | Linux Remote Access | Remote Control for Windows Mobile |
PDF Version (0.7MB)
Email This Item