Unix and Linux Stack Exchange
Unix and Linux Stack Exchange

Questions tagged [syslog]

syslog is a standard (RFC 5424) for message logging. Use this tag for syslog logging related messages. For generic logging messages use [logging] instead

Standardized by the RFC 5424, it is a de facto standard to manage system logs on network assets and Unix-like operating systems. It is a client/server protocol used to centralize log messages, but many times configured to deliver local only logs.

It have facility codes that define what type of sofware created a log entry and severity levels to better separate messages to be interpreted by a sysadmin, or integrate with a monitoring tool.

Further Reading:

433 questions
207
votes
4 answers

Where are Apache file access logs stored?

Does anyone know where file access logs are stored, so I can run a tail -f command in order to see who is accessing a particular file. I have XAMPP, which is an Apache server installed on my machine, which automatically logs the accesses. It is…
AkshaiShah
  • 3,599
  • 5
  • 18
  • 9
158
votes
4 answers

How to make log-rotate change take effect

I followed this link to change log-rotate configuration for RHEL 6 After I made the change to config file, what should I do to let this take effect?
BufBills
  • 3,035
  • 7
  • 22
  • 20
91
votes
2 answers

Understand logging in Linux

As I understand, Linux kernel logs to /proc/kmsg file(mostly hardware-related messages) and /dev/log socket? Anywhere else? Are other applications also able to send messages to /proc/kmsg or /dev/log? Last but not least, am I correct that it is the…
Martin
  • 7,284
  • 40
  • 125
  • 208
55
votes
2 answers

What is the local6 (and all other local#) facilities in syslog?

##What I understand On *nix servers, we configure sending logs using facility.severity, where facility is the name of the (let's call it) "component" of the system, such as kernel, authentication, and so on; and severity is the "level" of each of…
Alaa Ali
  • 1,875
  • 2
  • 15
  • 21
36
votes
7 answers

I don't know what is producing the gigabytes of error in syslog

The error is showing itself like this: Jan 11 16:39:52 pop-os org.gnome.Nautilus[1514]: [00007fa4fc465ce0] vdpau_chroma filter error: video mixer rendering failure: An invalid handle value was provided. Jan 11 16:39:52 pop-os…
shivank anchal
  • 475
  • 4
  • 6
34
votes
1 answer

Is systemd-journald a syslog implementation?

I wonder if systemd-journald is a new implementation of syslog protocol, or rather, it uses syslog implementations, such as rsyslog, syslog-ng I've googled a bit, but I didn't find nothing convincing about it.
sebelk
  • 4,209
  • 10
  • 35
  • 54
30
votes
3 answers

How can dmesg content be logged into a file?

I'm running a Linux OS that was built from scratch. I'd like to save the kernel message buffer (dmesg) to a file that will remain persistent between reboots. I've tried running syslogd but it just opened a new log file, /var/log/messages, with…
miluz
  • 423
  • 1
  • 4
  • 5
29
votes
2 answers

add new syslog facility

I would like to use syslog to log messages coming from my PHP based site. My question is - can I add custom facility name? I know there are predefined facilities like: auth, authpriv, cron, dæmon, kern, lpr, mail, mark, news, syslog, user, UUCP and…
Stann
  • 2,159
  • 5
  • 23
  • 24
28
votes
6 answers

Receiving Syslog messages with a systemd Arch Linux

I'm feeling like I've overlooked the obvious, but I can't figure out how to get my Arch Linux server, which uses systemd, to receive and log syslog messages from a remote system. I have a Cisco 678 DSL modem and a DD-WRT WAP, and both can be…
user732
28
votes
2 answers

System log full of session and slice messages

I have a new CentOS 7 installation, and noticed that my /var/log/messages file is full of messages like this Mar 6 08:40:01 myhostname systemd: Started Session 2043 of user root. Mar 6 08:40:01 myhostname systemd: Starting Session 2043 of user…
TSG
  • 1,580
  • 6
  • 26
  • 42
26
votes
2 answers

Difference between authpriv and auth?

What's the difference between authpriv and auth in syslog configuration? It wasn't mentioned in syslog.conf, only tells me that such facility exists.
daisy
  • 53,527
  • 78
  • 236
  • 383
23
votes
4 answers

make a log file

Is there any way to make a log file for maintaining some data in /var/log/ with the help of some library function or system call in c language in linux. And I also want to know the standards that we should follow to write and process log. Thanks
Sushant Jain
  • 541
  • 1
  • 4
  • 11
21
votes
3 answers

Examining /dev/log

/dev/log is the default entry for system logging. In the case of a systemd implementation (this case) it's a symlink to whatever /run/systemd/journal/dev-log. It used to be a receiving end of a unix socket handled by syslog daemon. ~$ echo "hello" >…
TheMeaningfulEngineer
  • 5,735
  • 15
  • 64
  • 113
19
votes
1 answer

How can I disable UFW logging for a specific event?

My router sends out multicast packets in regular intervals that are blocked by UFW's standard policies. These events are harmless but spam my syslogs and ufwlogs. I can't change the router's behaviour as that would require installing a modified…
Glutanimate
  • 2,168
  • 4
  • 22
  • 38
19
votes
1 answer

Why does journalctl say "-- no entries --"?

For example: ┌─[10:50:38/hypership/root/~] └─╼ journalctl -b No journal files were found. -- No entries -- ┌─[10:50:46/hypership/root/~] └─╼ journalctl --verify No journal files were found. /var/log is full of files though, and this was working…
trusktr
  • 4,035
  • 7
  • 29
  • 34
1
2 3
28 29