Museum

Home

Lab Overview

Retrotechnology Articles

⇒ Online Manual

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

logger(1)

syslog(3C)

syslogd(1M)

NAME

syslogd − log systems messages

SYNOPSIS

/etc/syslogd [-f configfile] [-m markinterval] [-d]

DESCRIPTION

syslogd reads and logs messages into a set of files described by the configuration file /etc/syslog.conf. 

Only the super-user can run syslogd. 

Options

syslogd recognizes the following options:

−f configfile Use configfile instead of /etc/syslog.conf. 

−m markinterval Wait markinterval minutes between mark messages, instead of 20 minutes. 

−d Turn on debugging. 

syslogd creates the file /etc/syslog.pid, if possible, containing a single line with its process ID.  This can be used to kill or reconfigure syslogd. 

To kill syslogd, send it a terminate signal:

kill ‘cat /etc/syslog.pid‘

To make syslogd, re-read its configuration file, send it a HANGUP signal:

kill -HUP ‘cat /etc/syslog.pid‘

syslogd collects messages from the UNIX domain socket /dev/log.un, an Internet domain socket specified in /etc/services, and from the named pipe /dev/log.  By default, local programs calling syslog() send log messages to the UNIX domain socket (see syslog(3C)). If UNIX domain sockets are not configured on the system, they write to the named pipe instead.  If INET domain sockets are not configured, syslogd does not receive messages forwarded from other hosts, nor does it forward messages (see below). 

Each message is one line.  A message can contain a priority code, marked by a number in angle braces at the beginning of the line.  Priorities are defined in the header file <syslog.h>. 

syslogd configures itself when it starts up and whenever it receives a hangup signal.  Lines in the configuration file consist of a selector to determine the message priorities to which the line applies and an action. The action field is separated from the selector by one or more tabs. 

Selectors are semicolon separated lists of priority specifiers.  Each priority has a facility indicating the subsystem that generated the message, a dot, and a level indicating the severity of the message.  Symbolic names can be used.  An asterisk selects all facilities.  All messages of the specified level or higher (greater severity) are selected.  More than one facility can be selected, using commas to separate them.  For example:

∗.emerg;mail,daemon.crit

selects all facilities at the emerg level and the mail and daemon facilities at the crit level. 

Known facilities and levels recognized by syslogd are those listed in syslog(3C) converted to lowercase without the leading LOG_. The additional facility mark has a message at priority LOG_INFO sent to it every 20 minutes (this can be changed by using the −m flag).  The mark facility is not enabled by a facility field containing an asterisk.  The level none can be used to disable a particular facility.  For example,

∗.debug;mail.none

selects all messages except mail messages. 

The second part of each line describes where the message is to be logged if this line is selected.  There are four forms:

• A filename (beginning with a leading slash).  The file is opened in append mode.  If the file does not exist, it is not created. 

• A hostname preceded by an @ character.  Selected messages are forwarded to the syslogd on the named host. 

• A comma-separated list of users.  Selected messages are written to those users’ terminals if they are logged in. 

• An asterisk.  Selected messages are written to the terminals of all logged-in users. 

Blank lines and lines beginning with a # character are ignored. 

For example, the configuration file:

mark.debug              /dev/console
mail.debug              /usr/spool/mqueue/syslog
*.info;mail.none        /usr/adm/syslog
*.alert                 /dev/console
*.alert                 root,eric,kridle
*.emerg                 *
*.emerg                 @admin

logs 20 minute marks onto the system console, all mail system messages to /usr/spool/mqueue/syslog, and all messages at info and above, except mail messages, to the file /usr/adm/syslog.  Messages at alert and above are logged to the console and to the users root, eric, and kridle if they are logged in.  emerg messages are written to all logged-in users’ terminals, and forwarded to the host admin. 

WARNINGS

A configuration file selector selects all messages at the specified level or higher. The configuration lines:

user.debug     /tmp/logfile
user.info      /tmp/logfile

cause the logfile to get two copies of all user messages at level info and above. 

HP-UX does not support kernel logging through the special log device /dev/klog. 

AUTHOR

syslogd was developed by the University of California, Berkeley. 

FILES

/etc/syslog.conf configuration file

/etc/syslog.pid process ID

/dev/log.un the UNIX domain socket on which syslogd reads log messages

/dev/log the named pipe on which syslogd reads log messages

SEE ALSO

logger(1), syslog(3C). 

Hewlett-Packard Company  —  HP-UX Release 9.0: August 1992

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026