The Syslog protocol is a protocol used for the transmission of event notification messages. It is used widely in different kinds of systems to collect status and event information from both internal and external components. This test suite can be used to test Syslog server implementations for security flaws and robustness problems. Although Syslog was developed in the 1980s and it has since then been widely used, official documentation for it did not exist before 2001 when best practices were defined in RFC3164. Official specification for Syslog was approved as late as 2009 (RFC5424). Because of this there are several different implementations of Syslog and it is practically impossible to create a test suite that would work with all these different versions of Syslog. This test suite follows the official specification (RFC5424) and may or may not be suitable for testing Syslog implementation that doesn't follow this specification. Because Syslog is unidirectional protocol there is no way to implement valid case instrumentation. However external instrumentation is possible requiring a script in Syslog server end that checks syslog file for new messages and informs suite of their arrival.
The Syslog Protocol
Transport Layer Security (TLS) Transport Mapping for Syslog
Transmission of Syslog Messages over UDP
Alarms in Syslog
Mapping Simple Network Management Protocol (SNMP) Notifications to SYSLOG Messages