PRI

Encodes syslog message severity and syslog facility. Messages are sent to a single syslog facility (that is, RFC-3164 facilities local0 through local7). For more information, see RFC-3164.

SEQNUM

Number used to order messages in the time sequence order when multiple messages occur with the same time stamp by the same process. Sequence number begins at zero for the first message fired by a process since the last startup.

HOST

Fully qualified domain name (FQDN), hostname, or IP address of the originating system.

MONTH

Current month represented in MMM format (for example, "Jan" for January)

DAY

Current day represented in DD format. Range is 01 to 31.

YEAR

Current year represented in YYYY format.

HOUR

Hour of the timestamp as two digits in 24-hour format; range is 00 to 23.

MINUTE

Minute of the timestamp as two digits; range is 00 to 59.

SECOND

Second of the timestamp as two digits; range is 00 to 59.

MILLISECONDS

Milliseconds of the timestamp as three digits; range is 000 to 999.

TIMEZONE

Abbreviated time zone offset, set to +/-#### (+/- HHMM from GMT).

APPNAME

Name of the application that generated the event. APPNAME field values are:

PRODUCT_COMPONENT_SUBCOMPONENT

PRODUCT – such as ICM

COMPONENT – such as Router

SUBCOMPONENT – such as CallRouter

SEVERITY

Supported severity values are:

3 (Error)

4 (Warning)

6 (Informational)

7 (Debug)

MSGID

Hexadecimal message id that uniquely identifies the message, such as 10500FF.

TAGS

(Optional) Supported tags are:

[comp=%s] - component name including side, such as Router-A

[pname=%s] - process name, such as rtr

[iid=%s] - instance name, such as acme1

[mid=%d] - message id, such as 10500FF

[sev=%s] – severity, such as info

MESSAGE

A descriptive message about the event.