SYSLOGD(8,C) AIX Commands Reference SYSLOGD(8,C)
-------------------------------------------------------------------------------
syslogd
PURPOSE
Logs system messages.
SYNTAX
+-----------------+ +------------------+ +------+
syslogd ---| |---| |---| |---|
+- -f configfile -+ +- -mmarkinterval -+ +- -d -+
DESCRIPTION
The syslogd command reads and logs messages into a set of files described by
the configuration file /etc/syslog.conf. This daemon configures itself when it
starts up and whenever it receives a hangup signal.
Each message read by syslogd is one line. A message can contain a priority
code (marked by a number in "< >" brackets at the beginning of the line) and
message text. Priorities are defined in sys/syslog.h. The syslogd command
reads from the AIX domain socket /dev/log or from an Internet domain socket
specified in /etc/services.
Each line in the syslogd configuration file must consist of two parts:
o A selector to determine the message priorities to which the line applies
o An action.
The two fields must be separated by one or more tabs. Here is an example of
the line in a configuration file:
mail.info;*.notice /usr/spool/adm/syslog
The first part, the selector, is semicolon-separated list of priority
specifiers. Each priority specifier consists of a facility describing the part
of the system that generated the message, a "." (period), and a level
indicating the severity of the message. Symbolic names may be used and an "*"
(asterisk) specifies all facilities. All messages of the specified level or
higher (greater severity) are selected. In the previous example, syslogd
selects the "mail" facility at the "info" level (or higher) and all facilities
at the "notice" level (or higher).
More than one facility may be selected using commas to separate them. For
example:
*.emerg;mail,daemon.crit
Processed November 8, 1990 SYSLOGD(8,C) 1
SYSLOGD(8,C) AIX Commands Reference SYSLOGD(8,C)
selects all facilities at the "emerg" level (or higher) and the "mail" and
"daemon" facilities at the "crit" level (or higher).
Known facilities and levels recognized by syslogd are those listed under syslog
in the AIX Operating System Technical Reference. When you specify the name of
a facility or level in a syslogd configuration file, omit the LOG_ prefix used
by syslog in the name. For example, syslog lists LOG_DEBUG as the lowest
level. To specify this level in a syslogd configuration file, specify "debug".
In addition to these facilities, there is a mark facility. This facility has
messages at priority info sent to it every 20 minutes. You can change the mark
time interval with the -m flag. The mark facility is not enabled by a facility
field containing an asterisk; you must explicitly enable it. For example:
kern,mark.debug
logs kernel messages and 20 minute marks of "debug" level (or higher).
The level none may be used to disable a particular facility. For example:
*.debug;mail.none
logs all messages except mail messages.
The second part of each line, the action, describes where the message is to be
logged if the line is selected. There are four forms:
o A file name beginning with a leading "/" (Selected messages are appended
to this file)
o A host name preceded by a "@" (Selected messages are forwarded to syslogd
on the named host)
o A comma-separated list of users (Selected messages are written to those
users, if they are logged in)
o An "*" (Selected messages are written to all logged-in users).
For example:
*.crit /usr/adm/critical
kern.err @nick
*.alert bobbi,kristi
*.emerg *
logs critical (or higher) messages into "/usr/adm/critical", forwards kernel
messages of error severity (or higher) to syslogd on the host "nick", informs
the users "bobbi" and "kristi" of any alert (or higher) messages, and informs
all logged-in users of any emergency messages.
Blank lines and lines beginning with "#" are ignored.
Processed November 8, 1990 SYSLOGD(8,C) 2
SYSLOGD(8,C) AIX Commands Reference SYSLOGD(8,C)
The syslogd command creates the file /etc/syslog.pid, containing a single line
with its process id. This file can be used to kill or reconfigure syslogd. To
bring syslogd down, it should be sent a terminate signal. For example:
kill `cat /etc/syslog.pid`
FLAGS
-d Turns on debugging.
-f configfile Specifies an alternate configuration file.
-m markinterval Specifies the number of minutes between mark messages.
EXAMPLES
To start syslogd daemon and change the mark interval:
syslogd -m30
This command changes the mark interval to 30 minutes. If the configuration
file contains:
kern,mark.notice /usr/adm/notice
kern.err @scott
*.info;mail.none /usr/spool/adm/syslog
*.alert;auth.warning darlene
syslogd logs kernel messages and 30 minute marks at "notice" level (or
higher) in the file "/usr/adm/notice", forwards kernel messages at "err"
level (or higher) to syslogd on the host "scott", logs messages at "info"
level (or higher) except mail messages in the file "/usr/spool/adm/syslog",
and informs the user "darlene" of any warning message (or higher) from the
authorization system.
FILES
/etc/services Contains definition of the internet domain socket.
/etc/syslog.conf Contains the configuration file.
/etc/syslog.pid Contains the process id.
/dev/log Contains AIX domain datagram log socket.
RELATED INFORMATION
See the syslog system call in AIX Operating System Technical Reference.
Processed November 8, 1990 SYSLOGD(8,C) 3