eduardo:linux:syslog
Table of Contents
Syslog
- Syslog Facilities
| Severity Level | Keyword | Description |
|---|---|---|
| 0 | emergencies | System unusable |
| 1 | alerts | Immediate action required |
| 2 | critical | Critical condition |
| 3 | errors | Error conditions |
| 4 | warnings | Warning conditions |
| 5 | notifications | Normal but significant conditions |
| 6 | informational | Informational messages |
| 7 | debugging | Debugging messages |
Configuration (Ubuntu/Debian)
- Modify config file /etc/syslog.conf
Remote Syslog
- By default syslog doesn't expect to receive messages from remote clients. Here's how to configure your Linux server to start listening for these messages.
- Edit /etc/default/syslogd directly and make the SYSLOGD variable definition become “-r”.
- Restart syslog server
# Options for start/restart the daemons # For remote UDP logging use SYSLOGD="-r" # #SYSLOGD="-u syslog" SYSLOGD="-r"
Restart Syslog
- Restart syslog server (Ubuntu/Debian)
sudo /etc/init.d/sysklogd restart
Configuration (Redhat)
- Modify config file /etc/syslog.conf
Remote Syslog
- By default syslog doesn't expect to receive messages from remote clients. Here's how to configure your Linux server to start listening for these messages.
- On Redhat, Syslog will not listen for remote messages unless the SYSLOGD_OPTIONS variable in this file has a -r included in it as shown below.
- Restart syslog server
# Options to syslogd # -m 0 disables ’MARK’ messages. # -r enables logging from remote machines # -x disables DNS lookups on messages received with -r # See syslogd(8) for more details SYSLOGD_OPTIONS="-m 0 -r" # Options to klogd # -2 prints all kernel oops messages twice; once for klogd to decode, and # once for processing with ’ksymoops’ # -x disables all klogd processing of oops messages entirely # See klogd(8) for more details KLOGD_OPTIONS="-2"
Restart Syslog
- Restart syslog server (Redhat)
service syslog restart
eduardo/linux/syslog.txt · Last modified: 2024/02/23 08:20 by 127.0.0.1