ZyXEL Communications 480 manual Enhanced Syslog

Prestige 480 Dual BRI ISDN Router

Enhanced Syslog

The following are the message formats that Syslog sends to the server.

CDR

SdcmdSyslogSend( SYSLOG_CDR, SYSLOG_INFO, String ); String = board xx line xx channel xx, call xx, str

board = the hardware board ID line = the WAN ID in a board Channel = channel ID within the WAN

call = the call reference number which starts from 1 and increments by 1 for each new call str = C01 Outgoing Call dev xx ch xx (dev:device No. ch:channel No.)

C01 Incoming Call xxxxBps xxxxx (L2TP,xxxxx means Remote Call ID)

C01 Incoming Call xxxx (means connected speed) xxxxx (means Remote Call ID)

L02 Tunnel Connected(L2TP)

C02 OutCall Connected xxxx (means connected speed) xxxxx (means Remote Call ID)

C02 CLID call refused

L02 Call Terminated

C02 Call Terminated

Packet triggered

sdcmdSyslogSend( SYSLOG_PKTTRI, SYSLOG_NOTICE, String ); String = Packet trigger: Protocol=xx Data=xxxxxxxxxx…..x

Protocol: (1:IP 2:IPX 3:IPXHC 4:BPDU 5:ATALK 6:IPNG)

Data: We will send forty -eight Hex characters to the server

Filter log

SdcmdSyslogSend(SYSLOG_FILLOG, SYSLOG_NOTICE, String );

String = IP[Src=xx.xx.xx.xx Dst=xx.xx.xx.xx prot spo=xxxx dpo=xxxx] S04>R01mD

IP[…] is the packet header and S04>R01mD means filter set 4 (S) and rule 1 (R), match (m) drop (D). Src: Source Address

Dst: Destination Address

prot: Protocol (“TCP”,”UDP”,”ICMP”)

spo: Source port

dpo: Destination port

PPP Log

sdcmdSyslogSend( SYSLOG_PPPLOG, SYSLOG_NOTICE, String );

String = ppp:Proto Starting / ppp:Proto Opening / ppp:Proto Closing / ppp:Proto Shutdown Proto = LCP / ATCP / BACP / BCP / CBCP / CCP / CHAP/ PAP / IPCP /

IPXCP