Linux Log Management advanced: instance details syslog

Source: Internet
Author: User
Article Title: Linux Log Management advanced: instance details syslog. Linux is a technology channel of the IT lab in China. Some basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open-source syslog have been adopted by many log functions and are used in many protection measures, any program can record events through syslog. Syslog can record system events, write to a file or device, or send a message to users. It can record local events or events on another host over the network.
  1. syslog Introduction
Syslog is an industrial standard protocol that can be used to record device logs. In UNIX systems, routers, switches, and other network devices, System logs record System events at any time. Administrators can view system records to keep abreast of system conditions. UNIX system logs use syslogd to record system-related event records and Application Operation events. Through proper configuration, we can also implement inter-machine communication that runs the syslog protocol. By analyzing these network behavior logs, we can track the status of devices and networks.
   2. syslog configuration file
The syslog device depends on two important files: the/etc/syslogd daemon and the/etc/syslog. conf configuration file. Generally, most syslog information is written to the/var/adm or the information file (messages. *) in the/var/log directory .*). A typical syslog record includes the name of the generated program and a text message. It also includes a device and a priority range.
By using the syslog. conf file, you can flexibly configure the location of the generated log and its related information. This configuration file specifies the log behavior recorded by the syslogd daemon, which queries the configuration file at startup. This file consists of a single entry of different programs or message categories, each occupying a row. Provides a selection domain and an action domain for each type of message. These fields are separated by tabs:
Select a domain to specify the Message Type and priority;
The action field specifies the action that syslogd performs when it receives a message that matches the selection criteria.
The basic syntax of syslog. conf is as follows:
Message type. Priority Action domain
Each selection domain consists of the Message Type and priority. When a priority is specified, syslogd records a message with the same or higher priority. In Linux, some major message types are shown in table 2. Table 3 lists some priority information:
Table 2 syslog message types

Table 3 common syslog priorities

[1] [2] [3] Next page

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.