Syslog settings

The syslog settings are configured under Logs → Configuration:

SettingDescriptionDefault Value
AddressWhere the syslog messages are sent
PortThe open port for accepting syslog messages514
ProtocolSelect between using UDP or TCPUDP
EnabledEnables usage of the syslog serverEnabled
RsyslogEnables usage of syslog over TLSDisabled
  • CA Certificate
Path to CA certificate. Used to sign all of the other certificates. The CA cert must be trusted by all clients and servers.<empty>
  • Peer Certificate
Path to the certificate that conveys the Kiosk client identity<empty>
  • Private Key File
Path to the private key file, used to properly decrypt the traffic<empty>
Facility LevelHow Kiosk appears in syslog messagesUser-level
Log LevelDetermines which messages get sent to the syslog server, it filters out any message less important than that selectedAll
Event MonitoringDetermines which types of events are loggedApplication
File
Session
Output FormatSelect the format of the message between standard "syslog" or "CEF"syslog

Select new server to add a new syslog server to the list; remove to delete a server. Select reset to revert the settings back to how Kiosk is currently configured. Select apply to set Kiosk settings to how they appear on this page.

syslog Message Format

Example: MDM[12752] eventCode='000000', logType='databaseLog', Configuration reloaded

ComponentDescriptionValue(s)
Product IDShort product IDMDM
Kiosk Process IDThe process ID of Kiosk[#]
eventCode6 digit code to indicate the type of event000000 - Unclassified
100000 - Allowed file found
100001 - Blocked file found
100002 - User successful login event
100003 - Configuration changed
100004 - UI event
100005 - Service event
100006 - Authentication event (error or failure)
100007 - Database event
100008 - Device event
100009 - HTTP event
100010 - Session event
100011 - File event
100012 - Low disk space event
100013 - CimTrak deny event
200000 - Session ended
logTypeEvent monitoring log typedatabaseLog - Application Events
fileLog - File Events
sessionLog - Session Events
windowsEventLog - Windows Events
serviceLog - Debugging Info
MessageThe content of the messageText or JSON formatted content

CEF Message Format

Base Format: CEF:<Version>|<Vendor>|<Product>|<Version>|<EventCode>|<Message>|<Severity>|<Extension> Example: CEF:0|OPSWAT|MDM|4.2.6.1111|000000|Configuration reloaded|16|

Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard