syslog_evm.conf - EVM syslog subscription configuration file
The syslog_evm.conf file is a text file that specifies what syslog messages
will be forwarded from the syslog daemon to the Event Manager, EVM,in the
form of EVM events. Those syslog messages are posted to the EVM daemon
evmd by syslogd if the syslogd forwarding function is turned on with the -e
flag. Events are posted with the EVM name of sys.unix.syslog.facility-
This configuration file is read every time syslogd starts, or is restarted
by a SIGHUP signal. If the file does not exist, or if it exists but con-
tains no subscription lines, no syslog messages will be posted to EVM.
Each line in the file controls the forwarding of one syslog event. Lines
beginning with the # character are considered comments and are ignored.
Only one subscription per line is permitted. Mixing a subscription and a
comment on the same line is not allowed.
Each line has the format facility.priority[+].
Specifies the part of the system that generated the message. Legal
values are the following:
* All messages.
Messages generated by the kernel.
Messages generated by user processes.
Messages generated by the mail system.
Messages generated by system daemons.
Messages generated by the authorization system.
Messages generated internal to the syslog system.
lpr Messages generated by the line printer spooling system.
Messages generated by the system news command.
Messages generated by the UNIX to UNIX copy system.
Messages generated by the system clock daemon.
rfs Messages generated by remote file systems.
local0 - local7
Available for local use.
Indicates the priority of the message. If the priority is followed by
a + character, events which are of the specified priority or higher are
forwarded; otherwise only events which exactly match the priority are
The priority level must be one of the following:
* Forward messages of any priority.
Forward messages of emergency priority.
Forward messages of alert priority.
Forward messages of critical priority.
err Forward messages of error priority.
Forward messages of warning priority.
Forward messages of notice priority.
Forward messages of information priority.
Forward messages of debug priority.
This example causes syslogd to forward events to EVM as follows:
1. All messages of emergency priority are forwarded.
2. All messages generated in the kernel which have a priority of info or
greater are forwarded.
3. All messages generated by users, by the mail subsystem or by the sys-
tem daemons which have a priority of info or greater are forwarded.
Location of the system logger configuration file.
Location of the EVM syslog subscription configuration file.
Location of the EVM logger configuration file.
Commands: evmd(8), evmlogger(8), syslog(1), syslogd(8)
Event Management: EVM(5)