rawsyslogmsg
|
The message as it was received from the wire (unparsed).
|
syslogfacility
|
The facility of a syslog message. For non-syslog messages, the value is provided based on configuration. In essence, this is simply an integer value that can be used for quick filtering inside your rules.
|
syslogpriority
|
The severity of a syslog message. For non-syslog messages, this should be a close approximation to what a syslog severity code means.
|
syslogtag
|
The syslog tag value, a short string. For non-syslog messages, this is provided based on configuration. In most cases, this is used for filtering.
|
syslogver
|
Contains the syslog version number which will be one or higher if a RFC 5424 valid message has been received, or 0 otherwise
|
syslogappname
|
Contains the appname header field, only available if the Syslog message was in RFC 5424 format. Otherwise, this field will be emulated by the %syslogtag% property
|
syslogprocid
|
Contains the procid header field, only set if the Syslog message was in RFC 5424 format.
|
syslogmsgid
|
Contains the msgid header field, only set if the Syslog message was in RFC 5424 format.
|
syslogstructdata
|
Contains the structdata header field (in raw format), only set if the Syslog message was in RFC 5424 format.
|
syslogprifac
|
Contains combined syslog facility and priority useful to build your own custom syslog headers
|