The file /etc/syslog.conf contains information used by the system log daemon, syslogd.8 to forward a system message to appropriate log files and/or users. syslog preprocesses this file through m4.1v to obtain the correct information for certain log files.
A configuration entry is composed of two TAB-separated fields:
selector action
The selector field contains a semicolon-separated list of priority specifications of the form:
facility.level[;facility.level]
where facility is a system facility, or comma-separated list of facilities, and level is an indication of the severity of the condition being logged. Recognized values for facility include:
Recognized values for level are (in descending order of severity):
will send all messages
except
mail messages to the selected file.
The action field indicates where to forward the message. Values for this field can have one of four forms:
Blank lines are ignored. Lines for which the first character is a `#' are treated as comments.
The file is as described above, except that there is an additional valid entry type, for translation. A line containing the keyword "translate," if present, specifies how system error messages are translated, suppressed, or forwarded to appropriate log files and/or users.
A translation entry in the file is composed of five TAB-separated fields:
translate source facility input output
The translate field consists of the word translate and is used to indicate that this is a translation entry.
The source field contains a comma separated list of source names. Recognized sources are:
The facility field contains a comma-separated list of facilities.
The input field is the name of the file used to map error messages (in printf format strings) to numbers. This number is used to locate a new string in the file specified in the output field. The format of both files is described in translate.5
The output file specified by the output field translates the numbers
from the input file into the desired error messages, and also
specifies the format to be used to
output each message.
*.notice;mail.info /var/log/notice *.crit /var/log/critical kern,mark.debug /dev/console kern.err @server *.emerg * *.alert root,operator *.alert;auth.warning /var/log/auth
syslogd
will log all mail system messages except
debug
messages and all
notice
(or higher) messages into a file named
/var/log/notice.
It logs all critical messages into
/var/log/critical,
and all kernel messages and 20-minute
marks onto the system console.
Kernel messages of err (error) severity or higher are forwarded to the machine named server. Emergency messages are forwarded to all users. The users ``root'' and ``operator'' are informed of any alert messages. All messages from the authorization system of warning level or higher are logged in the file /var/log/auth.
Created by unroff & hp-tools. © somebody (See intro for details). All Rights Reserved. Last modified 11/5/97