Linux log syslog related

Log system on Linux

Syslog

Syslog-ng

Open source

Business

Log level: The level of information verbosity.

SUBSYSTEM: facility, facilities.

Action:

Log scrolling (log cut):

#logrotate [OPTION] to scroll, compress, or mail system logs.

Configuration file:

/etc/logrotate.conf

To schedule a task file:

/etc/cron.daily/logrotate

Log scrolling mechanism for each subsystem:

/etc/logrotate.d/*

Syslog:

Syslog Service:

Syslog Service Script:

/etc/rc.d/init.d/syslog

Configuration file:

/etc/sysconfig/syslog

Syslog_options= "OPTION"

-R allows logging of remote hosts to be accepted and logged.

SYSLOGD: System, non-kernel system generated information.

/sbin/init

/var/log/messages:

System standard error log information.

Non-kernel-generated boot information,

The information generated by each subsystem.

/var/log/maillog

The log information generated by the mail system.

/var/log/secure

Security-related. The permission is 600.

Configuration file:

Modify the Reload Syslog service to have the configuration file take effect.

/etc/syslog.conf

The format is as follows:

Facility.priority Action

Facility: Log source or device

Auth Certification-related

Authpriv permissions, licensing-related

Cron Task Schedule Related

Daemon Daemon-related

Kern Kernel-related

IPR Printing related to

Mail Message-related

Mark tags related to

News Stories related to

Security-related, auth exhausted

Syslog syslog of its own

User-related

UUCP Unix to UNIX CP related

LOCAL0~LOCAL7 User Custom usage

* denotes all facility.

Priority: The log level, the lower the level, the more detailed the information is logged. From low to high below

Debug information for debug programs or systems

Info General Information

Notice does not affect the normal function, need to be aware of the message

Warning/warn may affect system functions, need to remind users of important things

Err/error Error message

Crit more serious.

Alert must be processed immediately.

Emerg/panic will cause the system to become unusable.

* indicates all log levels

None indicates null

Action: Actions. The location of the log record.

Absolute path plain file. If the file is preceded by-Indicates an asynchronous write (not written to the hard disk, it is saved in memory.) such as/var/log/file

| Piping. By piping to other commands

Terminal terminal. such as/dev/console

@HOST | IP remote host. such as @10.0.0.156

Users of the user system. such as Root

* Log on to all users on the system,

For example:

Mail.info/var/log/mail.log mail-related, level info and above logs into/var/log/mail.log

Auth.=info @10.0.0.156 stores mail-related, level-info logs to the remote host 10.0.0.156.

user.! =error records the user-related, except the error level

user.! Error is logged with user-related, below the error level.

*.info logs from all info levels and above are recorded from the source.

Mail.* all logs related to mail.

* * All records are recorded

to cron.info;mail;info multiple sources; separate.

Cron,mail.info different sources of the same level, separated by

mail.*;mail.! =info Mail related, except the info level is logged.

KLOGD: Kernel, specifically responsible for recording the log information generated by the kernel.

After kernel initialization is complete, the information displayed on the screen is displayed in the physical Terminal (/dev/console) and saved to/VAR/LOG/DMESG. You can use the cat or the DMESG command to view it.

#cat/VAR/LOG/DMESG

#dsemg

This article is from "Small Private blog" blog, please be sure to keep this source http://ggvylf.blog.51cto.com/784661/1615770

Linux log syslog related