Syslog usage in Linux

Source: Internet
Author: User
Tags openlog

C language programming in Linux-add program output information to system logs
Keywords: Linux System Log syslog service program syslogd
Our programs generally generate output information. However, server programs generally do not want to output information to the screen, because no one is staring at your program execution. Therefore, we need to write some information into a log file. Under normal circumstances, people running the program do not need to care about the content in the log, you can only view the content in the log file when a problem occurs to confirm the problem.
However, it is not a good idea for our program to generate a file to save the log, because this increases the burden on the person who maintains the program, and it is inconvenient to maintain the system.
In Linux
There is a system log in the/var/log directory. For example, if the file name is syslog, logs generated by some programs in the system will be stored in this file. Log files include
Fixed format. For example, 1st columns are the message generation time, 2nd columns are the machine name (because the logging program supports remote connection), and 3rd columns are the Tag Information (generally the program name). And there are some
This tool is used to maintain the log. For example, the migration mechanism ensures that the log file size does not occupy the disk space. Therefore, it is a good idea to write information about our programs into this system log.
In the content provided by the gnu c language library, an interface can be used to do this. Run the following command to View Details:

Nm-D/lib/libc. so.6 | grep log

You can see some calls:
000b9410 t closelog
0008b870 t getlogin
0008b960 t getlogin_r
000d0180 T _ getlogin_r_chk
000bd190 t klogctl
00027450 T _ open_catalog
000b9380 t openlog
0008bae0 t setlogin
000b8b80 t setlogmask
000b9350 t Syslog
000b9320 T _ syslog_chk
000b92f0 t vsyslog
000b8da0 T _ vsyslog_chk
Here, the three functions openlog, syslog, and closelog are a set of system log writing interfaces. In addition, the vsyslog and Syslog functions the same, but the parameter format is different.
The sample code for program usage is as follows:
# Include <syslog. h>
Int main (INT argc, char ** argv)
Openlog ("mymsgmark", log_cons | log_pid, 0 );
Syslog (log_debug,
"This is a SYSLOG Test message generated by program '% s'/N ",
Argv [0]);
Closelog ();
Return 0;
After an executable program is compiled and generated, a line of information will be added to the/var/log/syslog file once the program runs as follows:
Feb 12 08:48:38 localhost mymsgmark [7085]: This is a SYSLOG Test message generated by program './A. out'
Openlog and closelog Functions
The function is prototype as follows:
Void openlog (const char * Ident, int option, int facility );
This function is used to open a connection to the system logging program. After it is enabled, you can use the syslog or vsyslog function to add information to the system logs. The closelog function is used to close the connection.
The first ident parameter of will be a tag. The string represented by ident will be added to the front of each line of log to identify this log. Generally, it is written as the name of the current program for marking. Second Parameter
Number option is the result of the following operations: log_cons, log_ndelay, log_nowait, log_odelay,
For the meanings of log_perror and log_pid, see man openlog manual:
Write directly to system console if there is an error while sending to system logger.

Open the connection immediately (normally, the connection is opened when the first message is logged ).

Don't wait for child Processes
That may have been created while logging the message. (The GNU C
Library does not create
Child process, so this option has no effect on Linux .)

The converse of log_ndelay;
Opening of the connection is delayed until syslog () is called. (This
Is the default, and need
Not be specified .)

(Not in susv3.) print to stderr as well.

Include PID with each message.
The third parameter specifies the program type for logging.

Void openlog (char * Ident, int option, int facility)
Void syslog (INT priority, char * format ,...)
Void closelog (void)
The option parameter used in openlog () can be a combination of the following:

Log_cons: if a problem occurs when it is sent to system logger, it is directly written to the system console.
Log_ndelay: Enable the connection immediately (normally, the connection is enabled only when a message is written for the first time ).
Log_perror: send messages to stderr at the same time
Log_pid: Include the PID in all messages

The facility parameter is used to specify the program in which messages are recorded. This allows the setting file to set which messages are processed.

Log_auth: Security/authorization message (use log_authpriv instead)
Log_authpriv: Security/authorization message
Log_cron: dedicated to the god of time (cron and)
Log_daemon: The patron saint of other systems
Log_kern: core message
Log_local0 to log_local7: Reserved
Log_lpr: Line Printer System
Log_mail: Mail System
Log_news: Usenet news system
Log_syslog: messages generated inside syslogd
Log_user (default): General user level information
Log_uucp: uucp System

Determine the importance of the message. The following levels of importance gradually decline:

Log_emerg: The system is unavailable.
Log_alert: action must be taken immediately
Log_crit: Important Events
Log_err: Error status
Log_warning: Warning
Log_notice: normal, but important
Log_info: Information
Log_debug: Debugging message

Syslog functions and Parameters
The SYSLOG function is used to send log messages to the system program syslogd for record. The prototype of this function is:
Void syslog (INT priority, const char * format ,...);
The first parameter is the urgency level of the message, the second parameter is the message format, and the second parameter is the parameter corresponding to the format. It is used like the printf function.

If our program needs to use the system log function, we only need to use the openlog function when the program starts to connect to the syslogd program. Then we can use the syslog function to write logs at any time.

In addition, the new generation tool used as an alternative to syslog is syslog-ng. syslog-ng has strong network functions, you can easily save logs from multiple machines to a central log server.


Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.