![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to syslog.8 CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 42BSD / usr.lib / sendmail / aux|
Return to syslog.8 CVS log | Up to [CSRG BSD Unix] / 42BSD / usr.lib / sendmail / aux |
1.1 root 1: .TH SYSLOG 8
2: .SH NAME
3: syslog \- log systems messages
4: .SH SYNOPSIS
5: /etc/syslog [
6: .BI \-m N
7: ] [
8: .BI \-f name
9: ]
10: .SH DESCRIPTION
11: .I Syslog
12: reads datagrams from an IPC port
13: (currently port 2222, for no good reason)
14: and logs each line it reads into a set of files
15: described by the configuration file
16: /etc/syslog.conf.
17: .I Syslog
18: configures when it starts up
19: and whenever it receives a hangup signal.
20: .PP
21: Each message is one line.
22: A message can contain a priority code,
23: marked by a digit in angle braces
24: at the beginning of the line.
25: Priorities are defined in <syslog.h>, as follows:
26: .IP LOG_ALERT \w'LOG_WARNING'u+2n
27: this priority should essentially never
28: be used. It applies only to messages that
29: are so important that every user should be
30: aware of them, e.g., a serious hardware failure.
31: .IP LOG_SALERT
32: messages of this priority should be
33: issued only when immediate attention is needed
34: by a qualified system person, e.g., when some
35: valuable system resource dissappears. They get
36: sent to a list of system people.
37: .IP LOG_EMERG
38: Emergency messages are not sent to users,
39: but represent major conditions. An example
40: might be hard disk failures. These could be
41: logged in a separate file so that critical
42: conditions could be easily scanned.
43: .IP LOG_ERR
44: these represent error conditions, such as soft
45: disk failures, etc.
46: .IP LOG_CRIT
47: such messages contain critical information,
48: but which can not be classed as errors, for example,
49: 'su' attempts.
50: Messages of this priority and higher
51: are typically logged on the system console.
52: .IP LOG_WARNING
53: issued when an abnormal condition has been
54: detected, but recovery can take place.
55: .IP LOG_NOTICE
56: something that falls in the class of
57: "important information"; this class is informational
58: but important enough that you don't want to throw
59: it away casually.
60: Messages without any priority assigned to them
61: are typically mapped into this priority.
62: .IP LOG_INFO
63: information level messages. These messages
64: could be thrown away without problems, but should
65: be included if you want to keep a close watch on
66: your system.
67: .IP LOG_DEBUG
68: it may be useful to log certain debugging
69: information. Normally this will be thrown away.
70: .PP
71: It is expected that the kernel will not log anything below
72: LOG_ERR priority.
73: (Note: kernel logging is not implemented at this time.)
74: .PP
75: The configuration file is in two sections
76: seperated by a blank line.
77: The first section defines files that
78: .I syslog
79: will log into.
80: Each line contains
81: a single digit which defines the lowest priority
82: (highest numbered priority)
83: that this file will receive,
84: an optional asterisk
85: which guarantees that something gets output
86: at least every 20 minutes,
87: and a pathname.
88: The second part of the file
89: contains a list of users that will be
90: informed on SALERT level messages.
91: For example, the configuration file:
92: .nf
93:
94: 5*/dev/console
95: 8/usr/spool/adm/syslog
96: 3/usr/adm/critical
97:
98: eric
99: kridle
100: kalash
101:
102: .fi
103: logs all messages of priority 5 or higher
104: onto the system console,
105: including timing marks every 20 minutes;
106: all messages of priority 8 or higher
107: into the file /usr/spool/adm/syslog;
108: and all messages of priority 3 or higher
109: into /usr/adm/critical.
110: The users ``eric'', ``kridle'', and ``kalash''
111: will be informed on any subalert messages.
112: .PP
113: The flags are:
114: .IP \-m 0.5i
115: Set the mark interval to
116: .I N
117: (default 20 minutes).
118: .IP \-f
119: Specify an alternate configuration file.
120: .IP \-d
121: Turn on debugging (if compiled in).
122: .PP
123: To bring
124: .I syslog
125: down,
126: it should be sent a terminate signal.
127: It logs that it is going down
128: and then waits approximately 30 seconds
129: for any additional messages to come in.
130: .PP
131: There are some special messages that cause control functions.
132: ``<*>N'' sets the default message priority to
133: .I N.
134: ``<$>'' causes
135: .I syslog
136: to reconfigure
137: (equivalent to a hangup signal).
138: This can be used in a shell file run automatically
139: early in the morning to truncate the log.
140: .SH FILES
141: /etc/syslog.conf \- the configuration file
142: .SH BUGS
143: LOG_ALERT and LOG_SUBALERT messages
144: should only be allowed to privileged programs.
145: .PP
146: Actually,
147: .I syslog
148: is not clever enough to deal with kernel error messages.
149: .SH SEE\ ALSO
150: syslog(3)
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.