Syslog is the standard event logging subsystem for Unix, although syslog programs are also available for Windows implementations. Syslog consists of:
- a server daemon.
- a client function library.
- a client command line utility.
Entuity syslogger reads system events generated for syslog. When events are generated by managed devices, an event appears in the EMS. These messages are also forwarded to the syslog file, appearing as though they come from the localhost.
By default, Entuity syslogger listens on port 514, which is the default for the syslog daemon (syslogd). If you want to run syslogger and syslogd then they cannot both listen on the same port. You will need to configure syslogd to listen on another port. When these are listening on different ports, syslogger recognizes that syslogd is running and forwards syslog messages to the syslogd port.