Syslog message header facilities and priorities

• Message facilities and severities are numerically coded with integer decimal values. 
• Each facility and severity, in addition to being given a fixed number, is also associated with a formal name.
• The facility names originate from system-level UNIX processes, and are intended to identify the actual name of the process generating the syslog event. Later, this evolved to include identification of related functionality (such as mail, or kernel). 
• Many of the facility codes are deprecated, and good candidates for being overridden as discussed in the previous section. In particular the uucp facility has been almost entirely deprecated. (Herein it is replaced with the name network). The ftp and ntp facilities are well on their way to being deprecated, although are still in some use within organizations, especially those with Unix based operations.
• In a similar fashion, severity values are selected to indicate how messages are to be prioritized on the system. 
• These severity values are sometimes referred to as priorities (although the use of this term might be confusing, since the priority is also sometimes referring to the facility or severity combination). 
• Unlike facility numbers that have no ordinal value, severities have a definite rank, ranging from 0, the most important and pertinent severity to 7, that is the lowest and most easily discarded message.

Confusion regarding severities and priority names abound. The following topics describe the severity and priority values used by BMC Defender Server: