Syslog is a tool that records logging in the system and can support local or remote log writes.
In the LinuxMint environment, the upstart-based daemon is placed in the/etc/init/directory, and the following command can be used to view the specific startup script:
[Email protected]:/var/log$ less/etc/init/rsyslog.conf
To see if the current RSYSLOGD has been started:
[Email protected]:/var/log$ initctl List | grep rsyslog
4. Flexible use of syslog call interface
Rsyslog start/running, Process 634
During the actual use, we can use the syslog through the configuration file and view the corresponding log file. However, in many application scenarios, we often need to generate output information through the program and record, that is, to write some information into a log file, the following will detail how to use the syslog system provided by the API call interface, using the program to implement the use of the syslog.
1. The main function
In Linux, four system calls are provided for the Syslog log system for use by the user:
Openlog: Open the log device for reading and writing, similar to the open file system call;
Syslog: Writes a log, similar to the write of a file system call;
Closelog: Turns off the log device, similar to the file system call close;
Vsyslog: Like the syslog function, it is responsible for writing to the log, except that the parameter format is different.
(1) Openlog function
The declaration of this function is as follows:
void Openlog (const char *ident, int option, int facility);
This function is used to open a connection to the system logger, which can then be used to add information to the system log using a syslog or Vsyslog function. The Closelog function is used to close the connection.
Openlog's first parameter, ident, is a token, and the string represented by ident is pinned to the front of each line of the log to identify the log, usually written as the name of the current program for marking. The second parameter, option, is typically the following option value for the "and" Operation (using the "|" Say, "log_cons | Log_pid ") Results:
Log_cons: If a problem occurs when sending to system logger, write directly to the terminal;
Log_ndelay: Immediately open the connection, usually the connection is opened the first time the message is written;
Log_perror: The message is also sent to the STDERR device;
Log_pid: Contains the process PID into all messages.
The third parameter, facility, indicates the type of program that logs the log, and it mainly has the following types of logs:
Log_auth: Security/Authorization Message
LOG_AUTHPRIV: Security/Authorization Message
Log_cron: Time Daemon (CRON and at) dedicated
Log_daemon: Other System daemons
Log_kern: Core Message
Log_local0 to LOG_LOCAL7: System reserved
Log_news:usenet News Subsystem
Messages generated internally by the LOG_SYSLOG:SYSLOGD process
Log_user (default): The general user uses the message by default
LOG_FTP:FTP Subsystem Usage
(2) Syslog function
The syslog functions are declared as follows:
void syslog (int priority, const char * message, ...);
The first parameter is the urgency level of the message priority, the second parameter is the message and its format, followed by the format corresponding to the parameters, like the C language inside the printf output function to use, the specific format is no longer detailed here, it is not the focus of this book introduction.
There is also a need to introduce the first parameter priority, which is made up of severity level and facility. Facility has been introduced above, the following describes the severity level, which is the important levels of the message, it mainly includes:
Log_emerg: Emergency situation
Log_alert: High-priority issues, such as database crashes, require immediate response action
Log_crit: Important situations, such as hardware failures
Log_err: Error occurred
Log_warning: Warning occurs
Log_notice: General situation, need to attract attention
Log_info: Information Status
Log_debug: Debug Message
In the actual use, if our program to use the System log function, only need to use the Openlog function when the program starts to connect the SYSLOGD program, after any time with the Syslog function to write the log on the line.
(3) Closelog function
The function is very simple relative to the above 2 functions, which are declared as follows:
void Closelog (void);
It is worth noting that although the use and invocation of this function is very simple, but is necessary, because in the Linux system, the open log is also a resource, if you only use the Openlog function to open the log, and forget to use Closelog to close the log, when the number of open logs accumulated to a certain extent , it causes insufficient memory, which can cause system problems. Therefore, remind the user to pay special attention in the use.
Examples of tests:
int main ()
Openlog ("Log_test", Log_pid,log_user);
Syslog (Log_info, "PID information, pid=%d\n", Getpid ());
Syslog (Log_debug, "DEBUG message");
You can see whether the above print information appears in the/var/log/syslog file, and you can use the Less/var/log/syslog command to jump to the end of the file to view it:
DEC 17:46:27 UFO log_test: PID information, pid=7811
DEC 17:46:27 UFO log_test: Debug Message
Introduction to the GNU Linux syslog daemon and examples of syslog log writes