syslog

The syslog settings are configured under Logs → Configuration:

images/download/attachments/340067/syslog.png

Setting

Description

Default Value

Address

Where the syslog messages are sent

 

Port

The open port for accepting syslog messages

514

Protocol

Select between using UDP or TCP

UDP

Enabled

Enables usage of the syslog server

Enabled

Facility Level

How Kiosk appears in syslog messages

User-level

Log Level

Determines which messages get sent to the syslog server, it filters out any message less important than that selected

All

Event Monitoring

Determines which types of events are logged

Application
File
Session

Output Format

Select the format of the message between standard "syslog" or "CEF"

syslog

images/download/attachments/340067/server_setting_buttons.png

Select new server to add a new syslog server to the list; remove to delete a server.
Select reset to revert the settings back to how Kiosk is currently configured.
Select apply to set Kiosk settings to how they appear on this page.

syslog Message Format

Example: MDM[12752] eventCode='000000', logType='databaseLog', Configuration reloaded

Component

Description

Value(s)

Product ID

Short product ID

MDM

Kiosk Process ID

The process ID of Kiosk

[#]

eventCode

6 digit code to indicate the type of event

000000 - Unclassified
100000 - Allowed file found
100001 - Blocked file found
100002 - User successful login event
100003 - Configuration changed
100004 - UI event
100005 - Service event
100006 - Authentication event (error or failure)
100007 - Database event
100008 - Device event
100009 - HTTP event
100010 - Session event
100011 - File event
100012 - Low disk space event
100013 - CimTrak deny event
200000 - Session ended

logType

Event monitoring log type

databaseLog - Application Events
fileLog - File Events
sessionLog - Session Events
windowsEventLog - Windows Events
serviceLog - Debugging Info

Message

The content of the message

Text or JSON formatted content

CEF Message Format

Base Format: CEF:<Version>|<Vendor>|<Product>|<Version>|<EventCode>|<Message>|<Severity>|<Extension>
Example: CEF:0|OPSWAT|MDM|4.2.6.1111|000000|Configuration reloaded|16|