BSD-syslog or legacy-syslog messages

This section describes the format of a syslog message, according to the legacy-syslog or BSD-syslog protocol. A syslog message consists of the following parts:

[PRI](/docs/axosyslog-core/chapter-concepts/concepts-message-structure/concepts-message-bsdsyslog/concepts-message-bsdsyslog-pri/)
[HEADER](/docs/axosyslog-core/chapter-concepts/concepts-message-structure/concepts-message-bsdsyslog/concepts-message-bsdsyslog-header/)
[MSG](/docs/axosyslog-core/chapter-concepts/concepts-message-structure/concepts-message-bsdsyslog/concepts-message-bsdsyslog-msg/)

The total message cannot be longer than 1024 bytes.

The following is a sample syslog message:

   <133>Feb 25 14:09:07 webserver syslogd: restart

The message corresponds to the following format:

   <priority>timestamp hostname application: message

The different parts of the message are explained in the following sections.

Note

The AxoSyslog application supports longer messages as well. For details, see the log-msg-size() option in Global options reference. However, it is not recommended to enable messages larger than the packet size when using UDP destinations.

The PRI message part

The HEADER message part

The MSG message part

Last modified December 4, 2023: Theme update (6377ea9)