Rsyslog Log Format Introduction

Rsyslog

LOG: History log

Syslog (Service): Syslogd (System log), KLOGD (kernel log)

c/S architecture, service, can listen to a socket, to help other hosts log information

Log Format/etc/rsyslog.conf

Facitlity.prioritytargetmail.info/var/log/maillogmail.=info *mail.*-/var/log/maillog-: Indicates an asynchronous write mail.! Info *.infomail,news.infomail.notice,news.info

The mechanism of the pass distribution:

*: All,: List!: Inverse =: equal

Facility: facilities; classify logs from a feature or program and be responsible for recording their logs by specialized tools

AUTH--Certification related AUTHPRIV--licensing related cron---Task Scheduler Daemon--kern---Kernel LPR---Print system mail--mail mark-- --Firewall Tag News--Newsgroup security (same as Auth) syslog--System log itself user--user UUCP--a protocol Unix to UNIX Copylo Cal0 through Local7:8 customed facility custom Facilities

Priority: Level

Debuginfonoticewarning, warn (same as warning) Err, error (same as err) Critalertemerg, panic (same as Emerg)

Target:

File/var/log/messages user * sent to a user on the login system (typically panic-level logs) log server @172.16.100.1 (Rsyslog server) pipeline | Command (handled with a different command)

Log Information Format:

Time Master Process (PID): Event

[[email protected] ~]# tail/var/log/messagesoct 00:11:17 centos6 dhclient[5518]: bound to 192.168.2.4--renewal in 75 6 seconds.  Oct 00:23:53 CENTOS6 dhclient[5518]: DHCPACK from 192.168.2.254 (XID=0X745700CD) Oct to 00:53:02 CENTOS6 dhclient[5518]: DHCPACK from 192.168.2.254 (XID=0X745700CD)

This article is from the "Homecoming" blog, make sure to keep this source http://sixijie123.blog.51cto.com/11880770/1881017

Rsyslog Log Format Introduction