Syslog is a protocol for message logging to generate and store log messages locally in a network device, and then forward them for collection, filtering, organization, and analysis. Network administrators may track and monitor such log messages to identify issues or problems in a network. Other types of message logging include streaming telemetry, Simple Network Management Protocol (SNMP), Command Line Interface (CLI) data collection, and network event traps.
As is apparent, message logging is a powerful tool that makes it easier for administrators to manage networks. One of the biggest challenges, however, is how to better analyze the large number of log messages received from numerous network devices in a network.
Accordingly, there is a need for advancing and improving analysis techniques in the above-described environment, as well as advancing and improving analysis techniques associated with other similar or even unrelated environments.
In accordance with common practice the various features illustrated in the drawings may not be drawn to scale. Accordingly, the dimensions of the various features may be arbitrarily expanded or reduced for clarity. In addition, some of the drawings may not depict all of the components of a given system, method or device. Finally, like reference numerals may be used to denote like features throughout the specification and figures.