FAQ: What is the difference between syslog and rsyslog?

The term syslog refers to a standard method for message language and became part of the standard message logging solution for Unix-based operating systems. The term syslog simultaneously refers to:

A generic term for system logging
The name of the original tool implementation tool (more specificially managed by a system daemon called syslogd)
The name of the client/server protocol (RFC3164/RFC5424) that allows for message logging across multiple hosts.
The name of the physical logging format of the file content for the system log

There many implementations of the original syslog service, all are often referred to as a syslog, even though the actual command tool supporting that functionality may have a different name.

Some examples include:

syslogd is the original service that supported the syslog service in Unix-derived operating systems.
sysklogd is a Unix service that receives (and forwards) logs
syslog-ng
rsyslog

Although syslog is a standard within Unix, not all systems or services use the syslog format or system logging. When processing logs with LogScale, make use of Parsing Data to process content from logs including syslog.

Knowledge Base

FAQ: What is the difference between syslog and rsyslog?

Enter search term