====== Syslog ======
* Syslog Facilities
^ **Severity Level** ^ **Keyword** ^ **Description** ^
| 0 | emergencies | System unusable |
| 1 | alerts | Immediate action required |
| 2 | critical | Critical condition |
| 3 | errors | Error conditions |
| 4 | warnings | Warning conditions |
| 5 | notifications | Normal but significant conditions |
| 6 | informational | Informational messages |
| 7 | debugging | Debugging messages |
===== Configuration (Ubuntu/Debian) =====
* Modify config file /etc/syslog.conf
==== Remote Syslog ====
* By default syslog doesn't expect to receive messages from remote clients. Here's how to configure your Linux server to start listening for these messages.
* Edit /etc/default/syslogd directly and make the SYSLOGD variable definition become "-r".
* Restart syslog server
# Options for start/restart the daemons
# For remote UDP logging use SYSLOGD="-r"
#
#SYSLOGD="-u syslog"
SYSLOGD="-r"
==== Restart Syslog ====
* Restart syslog server (Ubuntu/Debian)
sudo /etc/init.d/sysklogd restart
===== Configuration (Redhat) =====
* Modify config file /etc/syslog.conf
==== Remote Syslog ====
* By default syslog doesn't expect to receive messages from remote clients. Here's how to configure your Linux server to start listening for these messages.
* On Redhat, Syslog will not listen for remote messages unless the SYSLOGD_OPTIONS variable in this file has a -r included in it as shown below.
* Restart syslog server
# Options to syslogd
# -m 0 disables ’MARK’ messages.
# -r enables logging from remote machines
# -x disables DNS lookups on messages received with -r
# See syslogd(8) for more details
SYSLOGD_OPTIONS="-m 0 -r"
# Options to klogd
# -2 prints all kernel oops messages twice; once for klogd to decode, and
# once for processing with ’ksymoops’
# -x disables all klogd processing of oops messages entirely
# See klogd(8) for more details
KLOGD_OPTIONS="-2"
==== Restart Syslog ====
* Restart syslog server (Redhat)
service syslog restart