Solved

Where do syslog messages come from?

Posted on 2007-03-30
2
190 Views
Last Modified: 2013-12-16
Experts:

I am trying to learn about syslog (and syslog-ng).  I have a question:  Where do the log messages come from?  Does the kernel just spew messages all the time?  If logging is not configured, do the messages just go nowhere?  Does the programmer of a particular program decide the severity level (warn, info, etc) or does the system somehow classify the messages?  

For instance, as a programmer, can I just arbitrarily decide to send a log message classified as, say, daemon.warn?  Or am I limited to what types of messages I can send.  How would a program actually send a log message?  Would it use the "logger" command?

Thanks,
Tnic
Memphis TN
0
Comment
Question by:tayloenic
2 Comments
 
LVL 25

Expert Comment

by:Cyclops3590
ID: 18826030
0
 
LVL 48

Accepted Solution

by:
Tintin earned 125 total points
ID: 18834042
Lots of questions there.

1.  Log messages come from any program that does it's logging via syslog function call or via the command line 'logger' command.

2.  The Kernel will send out a variety of syslog messages. It depends on your syslog.conf configuration as to how much is actually recorded in log files.

3.  If syslogd is not running, or the syslog message doesn't match any of the syslog.conf entries, then it effectively gets binned.

4.  It's up to the programmer to decide what messages are debug, critical, notice, info etc.

5.  A programmer can use whatever facility and notice level they like for logging.  However, it is not a good idea to mix your logging with the standard existing syslog facilities.  LOCAL0 to LOCAL6 are reserved for custom apps, so you can log via them to keep the app logs separate from everything else.
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Network Interface Card (NIC) bonding, also known as link aggregation, NIC teaming and trunking, is an important concept to understand and implement in any environment where high availability is of concern. Using this feature, a server administrator …
rdate is a Linux command and the network time protocol for immediate date and time setup from another machine. The clocks are synchronized by entering rdate with the -s switch (command without switch just checks the time but does not set anything). …
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now