Syslog: Difference between revisions
No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
Syslog is the common way of managing logfiles on UNIX. [[Process|Processes]] that wish to log something write to a UNIX socket usually bound in /dev/log which then goes to [[syslogd]] that writes these logs to a file usually found in /var/log. Syslog has different facilities which are a series of different log categories and priorities which is self explanatory. High syslog priorities notify the entire system so that these logs do not get missed. | Syslog is the common way of managing logfiles on UNIX. [[Process|Processes]] that wish to log something write to a UNIX socket usually bound in /dev/log which then goes to [[syslogd]] that writes these logs to a file usually found in /var/log. Syslog has different facilities which are a series of different log categories and priorities which is self explanatory. High syslog priorities notify the entire system so that these logs do not get missed. | ||
[http://www.balabit.com/products/syslog_ng/ syslog_ng] is a popular alternative to the standard syslogd. | |||
Check the [[Manual]] for your syslogd, as some popular implementations require you do add "-s" to the daemon to prevent it from listening on a [[Ports|port]]. You do not want syslogd listening on a port unless you've configured other hosts to log to that specific syslog server (Usually only for centralized logging). | |||
Latest revision as of 17:41, 16 March 2006
Syslog is the common way of managing logfiles on UNIX. Processes that wish to log something write to a UNIX socket usually bound in /dev/log which then goes to syslogd that writes these logs to a file usually found in /var/log. Syslog has different facilities which are a series of different log categories and priorities which is self explanatory. High syslog priorities notify the entire system so that these logs do not get missed. syslog_ng is a popular alternative to the standard syslogd.
Check the Manual for your syslogd, as some popular implementations require you do add "-s" to the daemon to prevent it from listening on a port. You do not want syslogd listening on a port unless you've configured other hosts to log to that specific syslog server (Usually only for centralized logging).
