3 Three daemons (forked):
5 -Secured (udp port 1514)
6 -Syslogd (udp port 514)
7 -Syslogd (tcp port 514)
14 -Main thread (remote receiver).
15 - Receives data from remote clients.
16 - If the data is a log, send to analysisd.
17 - If data is connection related, send to the manager thread
19 -AR_Forward (local receiver).
20 - Receives data (active responses) locally from analysisd.
21 - Forward them to the configured agent.
22 -Manager (sends data to remote clients).
23 - Waits for messages from the main thread (wait_for_msgs).