for connected embedded systems
![[Previous]](../prev.gif) |
![[Contents]](../contents.gif) |
![[Index]](../keyword_index.gif) |
![[Next]](../next.gif) |
/etc/syslog.conf
Configuration file for syslogd
Name:
/etc/syslog.conf
Description:
The /etc/syslog.conf file is the configuration file for the syslogd daemon. It consists of lines with two fields:
- Selector field
- The types of messages and priorities to which the line applies.
- Action field
- The action to take if a message received by syslogd matches the selection criteria.
 |
Use one or more tab characters to separate the selector and action fields. |
The selectors are encoded as a facility, a dot (.), and a level, with no intervening whitespace. Both the facility and the level are case-insensitive.
The facility describes the part of the system generating the message, and is one of the following keywords:
- auth
- authpriv
- cron
- daemon
- kern
- lpr
- mark
- news
- syslog
- user
- uucp
- local0 through local7.
These keywords (with the exception of mark) correspond to the similar "LOG_" values specified to the openlog() and syslog() routines.
The level describes the severity of the message, and is a keyword from the following ordered (higher to lower) list:
- emerg
- alert
- crit
- err
- warning
- notice
- info
- debug
These keywords also correspond to the similar "LOG_" values specified to the syslog() routine.
For further descriptions of both the facility and level keywords and their significance, see syslog() in the Library Reference.
If a received message matches the specified facility and is of the specified (or higher) level, then the action specified in the action field is taken.
You can specify multiple selectors for a single action by separating them with semicolon (;) characters.
|
Note that each selector can modify the ones preceding it. |
You can specify multiple facilities for a single level by separating them with comma (,) characters.
You can use an asterisk (*) to specify all facilities or all levels.
The special facility mark receives a message at priority info every 20 minutes (see syslogd).
The special level none disables a particular facility.
The action field of each line specifies the action to be taken when the selector field selects a message. The action field can take these forms:
- a pathname (beginning with a leading slash) -- the selected messages are appended to the file
- a hostname (preceded by @) -- the selected messages are forwarded to the syslogd program on the named host
Blank lines and lines whose first nonblank character is a hash (#) character are ignored.
Examples:
A configuration file might appear as follows:
# Log all kernel messages, authentication messages of # level notice or higher and anything of level err or # higher to the console. # Don't log private authentication messages! *.err;kern.*;auth.notice;authpriv.none /dev/console # Log anything (except mail) of level info or higher. # Don't log private authentication messages! *.info;mail.none;authpriv.none /var/log/messages # The authpriv file has restricted access. authpriv.* /var/log/secure # Log all the mail messages in one place. mail.* /var/log/maillog # Everybody gets emergency messages, plus log them on # another machine. *.emerg * *.emerg @arpa.berkeley.edu # Root and Eric get alert and higher messages. *.alert root,eric # Save mail and news errors of level err and higher in a # special file. uucp,news.crit /var/log/spoolerr
Caveats:
The effects of multiple selectors aren't always intuitive. For example, mail.crit,*.err selects mail facility messages at the level of err or higher, not at the level of crit or higher.
Logging messages to users isn't currently implemented.
See also:
openlog(), syslog() in the Library Reference
|
|
|
|