Custom fields are for use by the 'Run Script' Action.

By writing a parsing script, the syslog message text can be broken down into various sub fields. The values can then be assigned to the 16 custom fields and then logged to a database or flat file.

Because each device manufacturer creates syslog messages in a different format, it is not possible to create a generic parser that will break up the message text into separate fields. A specific customized message parsing script must be written to parse the message text, and then place it in the custom fields.

A tutorial on creating parsing scripts, can be found at: http://www.kiwisyslog.com/help/syslog/tutorial_creating_script.htm

Some example parsing scripts are included with the Kiwi Syslog Server install. These can be found in the Scripts sub folder, which is usually C:\Program files\Syslogd\Scripts.