This provides the common fields of the APP_EVENTS object that would be sent over the Syslog channel.
| Field | SD-ID (Structured Data ID) | Example | Description |
|---|---|---|---|
| <###> | N/A |
190 =(23 * 8) + 6
|
Priority Value: (Syslog Classifier * 8) + Syslog Informational message
Syslog Classifier: 23 Local7
Syslog Severity: 6 Informational: informational messages |
| Version | N/A | 1 | Version of syslog message |
| Timestamp | N/A | 2003-10-11T22:14:15.003Z | Timestamp of syslog message |
| Hostname | N/A | efa.machine.com | Hostname of EFA |
| App Name | N/A |
EFA-fabric |
Application generating syslog alerts. Possible values
|
| Proc ID | N/A | - | Process ID |
| Msg ID | N/A | - | |
| IP | origin | 10.20.30.40 | IP address (of EFA host) |
| Enterprise ID | origin | 1916 | Extreme Networks Enterprise ID |
| Software | origin | EFA | Software Name (of EFA host) |
| SW Version | origin | 3.1.0 | Software Version (of EFA host) |
| Taskname | log@1916 | EFA-000001 |
Task name ranges are defined as follows: Fabric – EFA-000001 to EFA-001000 Tenant – EFA-001001 to EFA-002000 Inventory – EFA-002001 to EFA-003000 Policy – EFA-003001 to EFA-003059 |
| Scope | log@1916 | user | Scope of the task “user” or “system”. Currently only user level scope is supported. |
| Status | log@1916 | succeeded | Status of the task “started”, “succeeded” or “failed” |
| DeviceIP | log@1916 | “” | Device IP involved in the user task |
| Username | log@1916 | admin | User name |
| Severity | log@1916 | Info | Severity is always “info” |
| BOMText | N/A | (Byte Order Mask) Textual description of the Alert |
Map APP_EVENTS to RELP/Syslog fields (RFC-5424)
<190>1 2022-10-10T21:29:45-07:00 pasu-dev-server EFA-ts - -
[origin ip="10.20.241.27" enterpriseId="1916" software="EFA" swVersion="3.1.0 "]
[log@1916 taskname="EFA-001002" scope="user" status="succeeded" deviceip="" username="root" severity="info"]
BOM Tenant create request success :request={"name":"ts"}