Poor compliance with RFC syslog

In the Graylog documentation, reference is made to certain types of hardware (router, firewall…) that do not respect syslog RDC well.

Is there a list of these devices?

Thank you in advance for your responses.

@cdarsac to my knowledge we don’t maintain a database of hardware/applications that don’t adhere to the syslog RFCs. If you search through the forums, you’ll find some folks that have mentioned certain vendors, but there’s nothing that we maintain as a complete list.

1 Like

I agree that it shouldn’t fall on you guys to keep track of what vendors follow or don’t follow the RFC. We realized this early on that almost every vendor has their own way of sending data. This is why we always just use the RAW udp ingest and parse the syslog headers myself. This way vmware/cisco/dellemc can all just get parse how I want it.

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.