Saturday, August 14, 2010

syslogd daemon in Linux

syslogd  daemon Handles logging in Linux
Some Features of syslogd :

  1. Unix Domain Sockets (/dev/log)
  2. Internet Sockets (UDP:514)
  3. Ability to log to local and remote targets
Implemented as 'sysklogd' package
Primary configuration file: /etc/syslog.conf
Standard syslog.conf file contains:
1. Rules (Types of Log and Applications)
a.facilities  -> applications/daemons/network device/etc.
b. levels  -> Importance of message
Range: 0-7
  • 7 = emergency (less information)
  • 6 = alert
  • 5 = critical
  • 4 = error
  • 3 = warning
  • 2 = notice
  • 1 = info

  • 0 = debug (more information)
2. Targets (Destination of Logs)
a. file - /var/log/messages
b. tty - /dev/console
c. remote hosts - @IP_ADDR_of_REMOTE_HOST  (for remote logging)
'*' = catchall/wildcard to mean any facility or level
'.none' = exclusion rule
'man syslog.conf' to learn about the support facilities and Levels