##! Events generated by the Syslog analyzer.

@if ( have_spicy_analyzers() ) # prototypes below must not be used with legacy analyzer

## Generated for monitored Syslog messages.
##
## See `Wikipedia <http://en.wikipedia.org/wiki/Syslog>`__ for more
## information about the Syslog protocol.
##
## c: The connection record for the underlying transport-layer session/flow.
##
## facility: The "facility" included in the message.
##
## severity: The "severity" included in the message.
##
## msg: The message logged.
##
## .. note:: Zeek currently parses only UDP syslog traffic.
global syslog_message: event(c: connection, facility: count, severity: count, msg: string);

@endif