SysLog Alerts

Use the SysLog Alerts dialog box to configure the sending of alerts to a SysLog server.

In addition to recording events in the event log and providing audio and system tray alerts, KFSensor is able to send to an external SysLog server.

SysLog is the standard way of recording events on UNIX machines.
The syslog protocol uses the UDP protocol. This is not as reliable as TCP, but it is effective and efficient in most situations.

The Alerts section of the Concepts part of the manual describes the different alert options in more detail.

SysLog Server

• Enable
  If this option is checked the SysLog alert feature will be enabled and the rest of the settings must contain correct values for the alerts to work.
• Server
  The address of the machine running the SysLog server. This can be a DSN or an IP address.
• Port
  The port number of the SysLog server. The standard port for this is 514.

Alert Details

• From Host
  The domain name or IP address of the KFSensor server.
  This is used to identify the source of an event on the SysLog server. It does not have to be accurate for the event to be logged.
  The drop down list contains a variety of values to handle dynamic IP allocation.
• Application
  The name of the application generating the event. By default this should be 'kfsensor'.
• Facility
  The facility is a way of identifying the priority and type of an event in SysLog. There are 24 possible facilities to choose from. The default is '10 - security/authorization'.

Filter

• Interval
  If this value is greater than zero then KFSensor will not send another alert for the specified number of seconds.
  This may mean that some events will be missed.
• Severity
  This limits the sending of alerts based on the severity of the event.
  e.g. If set to Medium then only events with a Medium or High severity will generate alerts.

Related Topics

• Alerts
• Event Interpretation

KF Sensor On-Line Manual Contents