Protocol
syslog-ng uses the standard BSD syslog protocol, specified in RFC 3164. As the text of RFC 3164 is an informational description and not a standard, some incompatible extensions of it emerged. Since version 3.0 syslog-ng also supports the syslog protocol specified in proposed-RFC 5424 which was published in 2009 but has not been ratified. syslog-ng interoperates with a variety of devices, and the format of relayed messages can be customized.
Extensions to the original syslog-ng protocol include:
- ISO 8601 timestamps with millisecond granularity and timezone information
- the addition of the name of relays in additional host fields, to make it possible to track the path of a given message
- reliable transport using TCP
- TLS encryption (Since 3.0.1 in OSE )
Read more about this topic: Syslog-ng