Which protocol is used to collect and send logs from network devices to a centralized location?

Syslog is a standard protocol used specifically for the transmission of log and event messages from various network devices, such as routers, switches, and firewalls, to a centralized log server. This protocol is essential for network management and monitoring as it allows for the consolidation of logs in one place, making it easier to analyze and respond to events.

Syslog supports both hardware and software messages, providing a standardized way for devices to communicate status and errors. This centralized logging mechanism is invaluable for security analysis, troubleshooting, and maintaining overall network health. By using Syslog, organizations can effectively track performance metrics and security incidents across their infrastructure.

On the other hand, while SNMP (Simple Network Management Protocol) is used broadly for network device management and can collect monitoring information, it is not primarily intended for logging purposes. FTP (File Transfer Protocol) and HTTP (Hypertext Transfer Protocol) serve different roles related to file transfer and web communication, respectively, and are not designed specifically to collect and transmit logs in the fashion that Syslog does.