Linux Log System syslog

Log Information Detail Program: Log Level

SUBSYSTEM: Facility (facilities)

Actions (Action)

Log system on Linux:

Syslog

Syslog-ng

Syslog Service Process:

SYSLOGD: System, non-kernel generated information

KLOGD: Kernel, specifically responsible for recording the log information generated by the kernel

Kernel---physical terminal (/dev/console)--/VAR/LOG/DMESG

#dmesg命令查看

#cat/VAR/LOG/DMESG

/sbin/init

/var/log/messages: System standard error log information, non-kernel generated boot information, the information generated by each subsystem

/var/log/maillog: Information generated by the mail system

/var/log/secure: Security Log

Logs require scrolling: Also known as log cutting

Logrotate Command: Responsible for specialized log cutting program, configuration file is located in:/etc/logrotate.conf

SYSLOGD configuration file

/etc/syslog.conf

The format is as follows:

The configuration file definition format is:  facility.priority        action  facility, Can be understood as the source of the log or the device currently used by the facility has the following several:     auth      #  Certifications related to      authpriv  #  rights, licensing related      cron       daemon    # related to      #  mission plans   Daemon-related      kern      #  kernel-related       lpr       #  Printing related      mail       #  e-Mail related      mark       #  tags related      news      #  news related      security #  safety-related, similar to auth         Syslog   # sysLog own      user     #  user-related       uucp     # unix to unix cp  related       local0  to  local7 #  user-defined use      *         # * represents the level of all facility   priority (log level) logs, which generally have the following levels (from low to high)   Lower levels of information more detailed     debug            #  Debugging information for a program or system      info             #  General Information     notice           #  do not affect the normal function, need to be aware of the message      warning/warn    #  May affect system functions, need to remind users of important events      err/error       #  Error message      crit            #  more serious       alert           #  must be processed at once       emerg/panic     #  will cause the system to be      *                #  indicates all log levels      none            #   In contrast to * , it means nothing.        action (action) log record location      Absolute paths on   systems     #  normal files   such as:  /var/log/xxx     |                     #  Pipelines    pipeline to other command processing       terminal                #  terminal     such as:/dev/console      @HOST                 #  remote host   such as:  @10.0.0.1            Users                #  system users   such as: root     *                    #  To log on to all users on the system, the general Emerg level of the log is defined as an example of the   definition format: mail.info   /var/log/mail.log #  Indicates mail-related, level info and                                 #  Information above the info level is recorded in the/var/log/mail.log file  auth.=info  @10.0.0.1          #  indicates that the auth-related, baseThis information for info is recorded on the 10.0.0.1 host                                 #  The premise is that 10.0.0.1 to be able to receive the log messages sent by other hosts  user.! =error                   #  indicates records of user-related, excluding error-level information  user.! error                    #  and User.error opposite  *.info                         #  represents the info level that records all log information   mail.*                         #  indicates all levels of information related to the record mail  *.*                            # , you know . . cron.info;mail.info           #  multiple log sources can be used ";"   Separating  cron,mail.info                 #  and cron.info;mail.info  is a meaning  mail.*;mail.! =info            #  indicates that all levels of mail-related information are logged. But does not include the info level

Linux Log System syslog