[EdCert previous] [EdCert next] [EdCert top]

System Logging

The Unix environment has the capability of letting the system administrator know when anything happens, such as a user logging in or out, mail being received or transmitted. Or none trivial problems such as bad blocks on hard drives are accessed or SCSI device errors.

The system logging daemon, syslogd, captures and records these messages from all the different programs that are running. Also provided is a way to place a severity level on the message. The syslogd process is configured by the file /etc/syslog.conf which is used to setup what message are logged and the receiving files of the messages. Please review this recommend document on system logging

System default syslog.conf file:

SunOS 5.5 

#ident  "@(#)syslog.conf        1.3     93/12/09 SMI"   /* SunOS 5.0 */
#
# Copyright (c) 1991-1993, by Sun Microsystems, Inc.
#
# syslog configuration file.
#
# This file is processed by m4 so be careful to quote (`') names
# that match m4 reserved words.  Also, within ifdef's, arguments
# containing commas must be quoted.
#
# Note: Have to exclude user from most lines so that user.alert
#       and user.emerg are not included, because old sendmails
#       will generate them for debugging information.  If you
#       have no 4.2BSD based systems doing network logging, you
#       can remove all the special cases for "user" logging.
#
*.err;kern.notice;auth.notice;user.none         /dev/console
*.err;kern.debug;daemon.notice;mail.crit;user.none      /var/adm/messages

*.alert;kern.err;daemon.err;user.none           operator
*.alert;user.none                               root

*.emerg;user.none                               *

# if a non-loghost machine chooses to have authentication messages
# sent to the loghost machine, un-comment out the following line:
#auth.notice                    ifdef(`LOGHOST', /var/log/authlog, @loghost)

mail.debug                      ifdef(`LOGHOST', /var/log/syslog, @loghost)

#
# non-loghost machines will use the following lines to cause "user"
# log messages to be logged locally.
#
ifdef(`LOGHOST', ,
user.err                                        /dev/console
user.err                                        /var/adm/messages
user.alert                                      `root, operator'
user.emerg                                      *
)

HP-UX 10.x 

# @(#) $Revision: 1.5 $
#
# syslogd configuration file.
#
# See syslogd(1M) for information about the format of this file.
#
mail.debug              /var/adm/syslog/mail.log
*.info;mail.none        /var/adm/syslog/syslog.log
*.alert                 /dev/console
*.alert                 root
*.emerg                 *

IRIX 5.3 

# Configuration file for syslogd(1M) 
# $Revision: 1.5 $
#
# Formats: selector action 
#          selector filter action
kern.debug              |/usr/sbin/klogpp       /var/adm/SYSLOG
*.debug;kern.none       /var/adm/SYSLOG
*.crit                  |/var/adm/sysmonpp      /var/adm/SYSLOG

Linux Slackware 

# /etc/syslog.conf
# For info about the format of this file, see "man syslog.conf" (the BSD man
# page), and /usr/doc/sysklogd/README.linux.
#
# NOTE: YOU HAVE TO USE TABS HERE - NOT SPACES.
# I don't know why.
#

*.=info;*.=notice                               /usr/adm/messages
*.=debug                                        /usr/adm/debug
*.warn                                          /usr/adm/syslog

#
# This might work instead to log on a remote host:
# *                     @hostname
Terms used: SCSI.

[EdCert previous] [EdCert next] [EdCert top]