Syslog Server not sending information & warning events


Article ID: 159571


Updated On:


Data Loss Prevention Enforce


The user is not able to get the information and Warning events, the system only sends Severe events via Syslog.


It's working as per design. The user will not be able to get the information and warning events, the system only sends Severe events via Syslog Server. DLP (Data Loss Prevention) is integrated with IT Analytics which provides the same feature of reporting for DLP.

For ITA configuration, please contact the ITA team. Please find the link below for IT Analytics user guide:  



As of DLP 15.0 and later you have the ability to set the log level to include INFO and WARNING along with SEVERE.

For reference:

  • Log level 3 = logs SEVERE messages only (this is default)
  • Log level 4 = Logs SEVERE and WARNING
  • Log level 5 = logs INFO, WARNING, SEVERE

Steps to implement:

  1. Install/Upgrade to DLP 15.0 on your system.
  2. Open as indicated above.
  3. Find the following line:  systemevent.syslog.level = x​
  4. Change the value of x to either 3, 4, or 5 (the default value is 3)