Please can anyone explain to me what does mean “facility” ( user-level, local 0 ) , " level 6 " in the message of Logs ( Graylog 2.5).
I want a clear answer to this question
Where are you sending those logs in from?
I receive message of firewall Logs
OK, I assume that this is going to be some form of syslog given the fields.
I would recommend reading any documentation for the firewall as that should give you some more information about what each individual part of the log entries mean.
The facility field of syslog messages is generally the service/module that log entry was written by E.g. sshd, dhcp, etc.
Not too sure on the “level 6” part of your message, are you saying that you have a field named “level 6” or?
@Labidi You are going to want to read the documentation for the firewall you are sending logs from.
Additionally, you could read RFC5424: https://tools.ietf.org/html/rfc5424
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.