Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (4.2BSD)
Apropos / Subsearch:
optional field

SYSLOG(8)                   System Manager's Manual                  SYSLOG(8)

       syslog - log systems messages

       /etc/syslog [ -mN ] [ -fname ] [ -d ]

       Syslog  reads  a datagram socket and logs each line it reads into a set
       of files described by the configuration file /etc/syslog.conf.   Syslog
       configures when it starts up and whenever it receives a hangup signal.

       Each  message  is  one  line.   A  message can contain a priority code,
       marked by a digit in angle braces at the beginning of the line.  Prior-
       ities are defined in <syslog.h>, as follows:

       LOG_ALERT    this  priority  should  essentially  never  be  used.   It
                    applies only to messages that are so important that  every
                    user  should  be  aware  of them, e.g., a serious hardware

       LOG_SALERT   messages of this priority should be issued only when imme-
                    diate  attention  is  needed by a qualified system person,
                    e.g., when  some  valuable  system  resource  dissappears.
                    They get sent to a list of system people.

       LOG_EMERG    Emergency  messages  are  not sent to users, but represent
                    major conditions.  An example might be hard disk failures.
                    These  could be logged in a separate file so that critical
                    conditions could be easily scanned.

       LOG_ERR      these represent error conditions, such as soft disk  fail-
                    ures, etc.

       LOG_CRIT     such  messages contain critical information, but which can
                    not be classed as  errors,  for  example,  `su'  attempts.
                    Messages  of this priority and higher are typically logged
                    on the system console.

       LOG_WARNING  issued when an abnormal condition has been  detected,  but
                    recovery can take place.

       LOG_NOTICE   something  that falls in the class of ``important informa-
                    tion''; this class is informational but  important  enough
                    that  you  don't want to throw it away casually.  Messages
                    without any priority assigned to them are typically mapped
                    into this priority.

       LOG_INFO     information  level  messages.   These  messages  could  be
                    thrown away without problems, but should  be  included  if
                    you want to keep a close watch on your system.

       LOG_DEBUG    it  may  be  useful  to log certain debugging information.
                    Normally this will be thrown away.

       It is expected that the kernel will not log anything below LOG_ERR pri-

       The  configuration  file  is in two sections separated by a blank line.
       The first section defines files that syslog will log into.   Each  line
       contains a single digit which defines the lowest priority (highest num-
       bered priority) that this file will receive, an optional asterisk which
       guarantees  that something gets output at least every 20 minutes, and a
       pathname.  The second part of the file contains a list  of  users  that
       will be informed on SALERT level messages.  For example, the configura-
       tion file:



       logs all messages of priority 5 or  higher  onto  the  system  console,
       including  timing marks every 20 minutes; all messages of priority 8 or
       higher into the file /usr/spool/adm/syslog; and all messages of  prior-
       ity  3  or  higher  into /usr/adm/critical.  The users ``eric'', ``kri-
       dle'', and ``kalash'' will be informed on any subalert messages.

       The flags are:

       -m   Set the mark interval to N (default 20 minutes).

       -f   Specify an alternate configuration file.

       -d   Turn on debugging (if compiled in).

       To bring syslog down, it should be sent a terminate  signal.   It  logs
       that  it  is going down and then waits approximately 30 seconds for any
       additional messages to come in.

       There are some special messages that cause control functions.  ``<*>N''
       sets  the  default  message  priority  to  N.  ``<$>'' causes syslog to
       reconfigure (equivalent to a hangup signal).  This can  be  used  in  a
       shell file run automatically early in the morning to truncate the log.

       Syslog creates the file /etc/syslog.pid if possible containing a single
       line with its process id.  This can be used to kill or reconfigure sys-

       /etc/syslog.conf - the configuration file
       /etc/syslog.pid - the process id

       LOG_ALERT  and  LOG_SUBALERT  messages should only be allowed to privi-
       leged programs.

       Actually, syslog is not clever enough to deal with  kernel  error  mes-
       sages in the current implementation.


4th Berkeley Distribution                                            SYSLOG(8)