40.3. SYSLOG diagnostics and statistics

40.3. SYSLOG diagnostics and statistics
	Chapter 40. SYSLOG - The syslog protocol

40.3.1. SYSLOG diagnostics

This command reports the current situation of the HTTP resource:

[18:06:40] ABILIS_CPX:d d syslog

RES:SysLog --------------------------------------------------------------------
       System_Log_protocol                                                     
       STATE:READY          RELAY-STATE:INACTIVE
       ----------------------|--- CUR ---|-- PEAK ---|
       PENDING-REQUEST       |          1|         23|
       ----------------------|--- CUR ---|-- PEAK ---|--- MAX ---|
       PENDING-QUEUE (Kibyte)|          0|          1|         64|
       -----------------------------------------------------------

The meaning:

STATE

The SYSLOG driver state:

INACTIVE - configuration parameter ACT:NO.
READY - the driver is fully ready to work.

RELAY-STATE

The SYSLOG relay state:

INACTIVE - configuration parameter ACT:NO.
READY - the driver is fully ready to work.
DOWN - state set when registration to lower UDP ports fail, better said when the "use" of UDP service is not possible.

PENDING-REQUEST

CUR - current number of user queries. PEAK - maximum number of simultaneously pending user queries ever reached.

PENDING-QUEUE (Kibyte)

CUR - the memory size occupied by pending SYSLOG requests. PEAK - the peak memory size occupied by SYSLOG requests.

40.3.2. SYSLOG statistics

This command can help to understand what is happening, in case of troubles:

[11:49:14] ABILIS_CPX:d s syslog

RES:SysLog --------------------------------------------------------------------
       System_Log_protocol                                                     
       --- Cleared 1 days 07:11:05 ago, on 01/11/2017 at 09:09:21 -------------
       -----------|---INPUT---|--OUTPUT---|-----------|---INPUT---|--OUTPUT---|
       USER       |        291|           |RELAY      |          0|           |
       CHR        |          0|      89540|PCK        |          0|       1160|
       MODIFIED   |          0|           |LONG       |          0|           |
       NO-QUEUE   |          0|           |DENIED-IP  |          0|           |
       ------------------------------------------------------------------------

With reference to the shown interval of time («Cleared 1 days 07:11:05 ago») these counters show the number of:

`USER`	User requests.
`RELAY`	Relay requests.
`CHR`	IN - received bytes from SYSLOG clients (relay mode only). OUT - sent bytes to the SYSLOG server(s).
`PCK`	IN - received packets from SYSLOG clients (relay mode only). OUT - sent packets to the SYSLOG server(s).
`MODIFIED`	Total number of modified packets received from SYSLOG clients.
`LONG`	Lost SYSLOG packets: length is too long.
`NO-QUEUE`	Lost ready to send SYSLOG packets: queue is full.
`DENIED-IP`	SYSLOG requests received for relay from not allowed source IP address, because it does not satisfy `IPSRC`/`IPSRCLIST` configuration settings.


40.2. SYSLOG configuration		40.4. SYSLOG messages codes