Document toolboxDocument toolbox

box.unix

The system logs from a Unix machine are assigned the box.unix tag.

The tag may be simply box.unix or may contain additional tag levels.  Devo does not analyze these additional elements, so there is complete freedom in content. For example, you might choose to append the syslog tag to the box.unix tag.

Events that arrive to Devo with the box.unix tag will be parsed according to the syslog format specified by RFC 3164. 

The MSG part of the packet is not parsed for display, but you can search within this field using the column filter in the query window.

You can use rsyslog to send the system logs securely to the Devo Cloud. There's an example in the article about Secure sending using rsyslog.