247 lines
7.2 KiB
Groff
247 lines
7.2 KiB
Groff
|
.\" syslog.conf - syslogd(8) configuration file
|
||
|
.\" Copyright (c) 1995 Martin Schulze <Martin.Schulze@Linux.DE>
|
||
|
.\" Modified for Minix porting by G. Falzoni <gfalzoni@inwind.it>
|
||
|
.\" $Id$
|
||
|
.\"
|
||
|
.\" This file is part of the sysklogd package, a kernel and system log daemon.
|
||
|
.\"
|
||
|
.\" This program is free software; you can redistribute it and/or modify
|
||
|
.\" it under the terms of the GNU General Public License as published by
|
||
|
.\" the Free Software Foundation; either version 2 of the License, or
|
||
|
.\" (at your option) any later version.
|
||
|
.\"
|
||
|
.\" This program is distributed in the hope that it will be useful,
|
||
|
.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||
|
.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||
|
.\" GNU General Public License for more details.
|
||
|
.\"
|
||
|
.\" You should have received a copy of the GNU General Public License
|
||
|
.\" along with this program; if not, write to the Free Software
|
||
|
.\" Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA.
|
||
|
.\"
|
||
|
.\" Local macros
|
||
|
.de Xr
|
||
|
.BR \\$1 (\\$2)\\$3
|
||
|
..
|
||
|
.de LB
|
||
|
.TP \\$1
|
||
|
\\fB\\$2\\fR
|
||
|
\\$3
|
||
|
..
|
||
|
.de LI
|
||
|
.TP \\$1
|
||
|
\\fI\\$2\\fR
|
||
|
\\$3
|
||
|
..
|
||
|
.de LR
|
||
|
.TP \\$1
|
||
|
\\fR\\$2\\fR
|
||
|
\\$3
|
||
|
..
|
||
|
.\" end local macros
|
||
|
.TH SYSLOG.CONF 5 "1 January 1998"
|
||
|
.SH NAME
|
||
|
syslog.conf \- syslogd(8) configuration file
|
||
|
.SH DESCRIPTION
|
||
|
The
|
||
|
.I syslog.conf
|
||
|
file is the main configuration file for the
|
||
|
.Xr syslogd 8
|
||
|
which logs system messages on *nix systems. This file specifies rules
|
||
|
for logging. For special features see the
|
||
|
.Xr syslogd 8
|
||
|
manpage.
|
||
|
Every rule consists of two fields, a
|
||
|
.I selector
|
||
|
field and an
|
||
|
.I action
|
||
|
field. These two fields are separated by one or more tabs.
|
||
|
The selector field specifies a pattern of facilities and
|
||
|
priorities belonging to the specified action.
|
||
|
Lines starting with a hash mark (``#'') and empty lines are ignored.
|
||
|
.SH SELECTORS
|
||
|
The selector field itself again consists of two parts, a
|
||
|
.I facility
|
||
|
and a
|
||
|
.IR priority ,
|
||
|
separated by a period (``.'').
|
||
|
Both parts are case insensitive and can also be specified as decimal
|
||
|
numbers, but don't do that, you have been warned. Both facilities and
|
||
|
priorities are described in
|
||
|
.BR syslog (3).
|
||
|
The names mentioned below correspond to the similar
|
||
|
.BR LOG_ -values
|
||
|
in
|
||
|
.IR /usr/include/syslog.h .
|
||
|
The
|
||
|
.I facility
|
||
|
is one of the following keywords:
|
||
|
.BR auth ", " authpriv ", " cron ", " daemon ", " kern ", " lpr ", "
|
||
|
.BR mail ", " mark ", " news ", " security " (same as " auth "), "
|
||
|
.BR syslog ", " user ", " uucp " and " local0 " through " local7 .
|
||
|
The keyword
|
||
|
.B security
|
||
|
should not be used anymore and
|
||
|
.B mark
|
||
|
is only for internal use and therefore should not be used in
|
||
|
applications. Anyway, you may want to specify and redirect these
|
||
|
messages here. The
|
||
|
.I facility
|
||
|
specifies the subsystem that produced the message, i.e. all mail
|
||
|
programs log with the mail facility
|
||
|
.BR "" ( LOG_MAIL )
|
||
|
if they log using syslog.
|
||
|
|
||
|
The
|
||
|
.I priority
|
||
|
is one of the following keywords, in ascending order:
|
||
|
.BR debug ", " info ", " notice ", " warning ", " warn " (same as "
|
||
|
.BR warning "), " err ", " error " (same as " err "), " crit ", "
|
||
|
.BR alert ", " emerg ", " panic " (same as " emerg ).
|
||
|
The keywords
|
||
|
.BR error ", " warn " and " panic
|
||
|
are deprecated and should not be used anymore. The
|
||
|
.I priority
|
||
|
defines the severity of the message
|
||
|
.PP
|
||
|
The behavior of the original BSD syslogd is that all messages of the
|
||
|
specified priority and higher are logged according to the given
|
||
|
action. This
|
||
|
.BR syslogd (8)
|
||
|
behaves the same, but has some extensions.
|
||
|
.PP
|
||
|
In addition to the above mentioned names the
|
||
|
.BR syslogd (8)
|
||
|
understands the following extensions:
|
||
|
.LB 5 "*" "An asterisk (``*'') before the period stands for all facilities.
|
||
|
.LB 5 "none" "The keyword none stands for no priority of the given facility.
|
||
|
.PP
|
||
|
Multiple selectors may be specified for a single
|
||
|
.I action
|
||
|
using the semicolon (``;'') separator. Remember that each selector in
|
||
|
the
|
||
|
.I selector
|
||
|
field is capable to overwrite the preceding ones. Using this
|
||
|
behavior you can exclude some priorities from the pattern.
|
||
|
.SH ACTIONS
|
||
|
The action field of a rule describes the abstract term
|
||
|
``logfile''. A ``logfile'' need not to be a real file, btw. The
|
||
|
.Xr syslogd 8
|
||
|
provides the following actions.
|
||
|
.SS Regular File
|
||
|
Typically messages are logged to real files. The file has to be
|
||
|
specified with full pathname, beginning with a slash ``/''.
|
||
|
.SS Terminal and Console
|
||
|
If the file you specified is a tty, special tty-handling is done, same
|
||
|
with
|
||
|
.IR /dev/console .
|
||
|
.SS Remote Machine
|
||
|
This release does not implement
|
||
|
remote logging, i.e. the ability to send messages to a remote host running
|
||
|
.Xr syslogd 8 .
|
||
|
To forward messages to another host, prepend the hostname
|
||
|
with the at sign (``@'').
|
||
|
.SS List of Users
|
||
|
Usually critical messages are also directed to ``root'' on that
|
||
|
machine. You can specify a list of users that shall get the message by
|
||
|
simply writing the login. You may specify more than one user by
|
||
|
separating them with commas (``,''). If they're logged in they
|
||
|
get the message. Don't think a mail would be sent, that might be too
|
||
|
late.
|
||
|
.SS Everyone logged on
|
||
|
Emergency messages often go to all users currently online to notify
|
||
|
them that something strange is happening with the system. To specify
|
||
|
this
|
||
|
.IR wall (1)-feature
|
||
|
use an asterisk (``*'').
|
||
|
.SH EXAMPLES
|
||
|
Here are some example, partially taken from a real existing site and
|
||
|
configuration. Hopefully they rub out all questions to the
|
||
|
configuration, if not, drop me (Joey) a line.
|
||
|
.IP
|
||
|
.nf
|
||
|
# Store critical stuff in critical
|
||
|
#
|
||
|
*.crit /var/adm/critical
|
||
|
.fi
|
||
|
.LP
|
||
|
This will store all messages with the priority
|
||
|
.B crit
|
||
|
in the file
|
||
|
.IR /var/adm/critical .
|
||
|
.IP
|
||
|
.nf
|
||
|
# The tcp wrapper loggs with mail.info, we display
|
||
|
# all the connections on tty12
|
||
|
#
|
||
|
mail.info /dev/tty12
|
||
|
.fi
|
||
|
.LP
|
||
|
This directs all messages that uses
|
||
|
.BR mail.info " (in source " LOG_MAIL " | " LOG_INFO )
|
||
|
to
|
||
|
.IR /dev/tty12 ,
|
||
|
the 12th console.
|
||
|
.IP
|
||
|
.nf
|
||
|
# Log all mail.info and news.info messages to info
|
||
|
#
|
||
|
mail,news.info /var/adm/info
|
||
|
.fi
|
||
|
.LP
|
||
|
This will extract all messages that come either with
|
||
|
.BR mail.info " or with " news.info
|
||
|
and store them in the file
|
||
|
.IR /var/adm/info .
|
||
|
.IP
|
||
|
.nf
|
||
|
# Emergency messages will be displayed using wall
|
||
|
#
|
||
|
*.emerg *
|
||
|
.fi
|
||
|
.LP
|
||
|
This rule tells the
|
||
|
.B syslogd
|
||
|
to write all emergency messages to all currently logged in users. This
|
||
|
is the wall action.
|
||
|
.IP
|
||
|
.nf
|
||
|
# Messages of the priority alert will be directed
|
||
|
# to the operator
|
||
|
#
|
||
|
*.alert root,joey
|
||
|
.fi
|
||
|
.LP
|
||
|
This rule directs all messages with a priority of
|
||
|
.B alert
|
||
|
or higher to the terminals of the operator, i.e. of the users ``root''
|
||
|
and ``joey'' if they're logged in.
|
||
|
.IP
|
||
|
.nf
|
||
|
*.* @finlandia
|
||
|
.fi
|
||
|
.LP
|
||
|
This rule would redirect all messages to a remote host called
|
||
|
finlandia. This is useful especially in a cluster of machines where
|
||
|
all syslog messages will be stored on only one machine.
|
||
|
.SH FILES
|
||
|
.I /etc/syslog.conf
|
||
|
Configuration file for
|
||
|
.B syslogd
|
||
|
.SH BUGS
|
||
|
The effects of multiple selectors are sometimes not intuitive. For
|
||
|
example ``mail.crit,*.err'' will select ``mail'' facility messages at
|
||
|
the level of ``err'' or higher, not at the level of ``crit'' or
|
||
|
higher.
|
||
|
|
||
|
.SH SEE ALSO
|
||
|
.BR syslogd (8),
|
||
|
.BR logger (1),
|
||
|
.BR syslog (3)
|
||
|
.SH AUTHORS
|
||
|
The
|
||
|
.B syslogd
|
||
|
is taken from BSD sources, Greg Wettstein (greg@wind.rmcc.com)
|
||
|
performed the port to Linux, Martin Schulze (joey@linux.de)
|
||
|
made some bugfixes and added some new features.
|