Difference between revisions of "Syslog"

From Hackepedia
Jump to navigationJump to search
 
 
Line 1: Line 1:
 
Syslog is the common way of managing logfiles on UNIX.  [[Process|Processes]] that wish to log something write to a UNIX socket usually bound in /dev/log which then goes to [[syslogd]] that writes these logs to a file usually found in /var/log.  Syslog has different facilities which are a series of different log categories and priorities which is self explanatory.  High syslog priorities notify the entire system so that these logs do not get missed.
 
Syslog is the common way of managing logfiles on UNIX.  [[Process|Processes]] that wish to log something write to a UNIX socket usually bound in /dev/log which then goes to [[syslogd]] that writes these logs to a file usually found in /var/log.  Syslog has different facilities which are a series of different log categories and priorities which is self explanatory.  High syslog priorities notify the entire system so that these logs do not get missed.
 +
[http://www.balabit.com/products/syslog_ng/ syslog_ng] is a popular alternative to the standard syslogd.
 +
 +
Check the [[Manual]] for your syslogd, as some popular implementations require you do add "-s" to the daemon to prevent it from listening on a [[Ports|port]]. You do not want syslogd listening on a port unless you've configured other hosts to log to that specific syslog server (Usually only for centralized logging).

Latest revision as of 17:41, 16 March 2006

Syslog is the common way of managing logfiles on UNIX. Processes that wish to log something write to a UNIX socket usually bound in /dev/log which then goes to syslogd that writes these logs to a file usually found in /var/log. Syslog has different facilities which are a series of different log categories and priorities which is self explanatory. High syslog priorities notify the entire system so that these logs do not get missed. syslog_ng is a popular alternative to the standard syslogd.

Check the Manual for your syslogd, as some popular implementations require you do add "-s" to the daemon to prevent it from listening on a port. You do not want syslogd listening on a port unless you've configured other hosts to log to that specific syslog server (Usually only for centralized logging).