syslogd.1m (2010 09)

ManualsBrandsHP ManualsSoftwareHP-UX Manpages

syslogd(1M) syslogd(1M)

syslogd conﬁgures itself when it starts up and whenever it receives a hangup signal. Lines in the

conﬁguration ﬁle consist of a selector to determine the message priorities to which the line applies and

an action. The action ﬁeld is separated from the selector by one or more tabs.

Selectors are semicolon separated lists of priority speciﬁers. Each priority has a facility indicating the

subsystem that generated the message, a dot, and a level indicating the severity of the message. Sym-

bolic names can be used. An asterisk selects all facilities. All messages of the speciﬁed level or higher

(greater severity) are selected. More than one facility can be selected, using commas to separate them.

For example:

*.emerg;mail,daemon.crit

selects all facilities at the emerg level and the

mail and daemon facilities at the crit level.

The known facilities and levels recognized by

syslogd are those listed in syslog (3C) converted to lower-

case without the leading

LOG_. The additional facility

mark has a message at priority LOG_INFO sent

to it every 20 minutes (this can be changed with the

-m ﬂag). The mark facility is not enabled by a facil-

ity ﬁeld containing an asterisk. The level

none can be used to disable a particular facility. For example,

*.debug;mail.none

selects all messages except mail messages.

The second part of each line describes where the message is to be logged if this line is selected. There are

four forms:

• A ﬁle name (beginning with a leading slash). The ﬁle is opened in append mode. If the ﬁle does

not exist, it is created.

• A host name preceded by an @ character. Selected messages are forwarded to the syslogd

the named host.

• A comma-separated list of users. Selected messages are written to those users’ terminals if they

are logged in.

• An asterisk. Selected messages are written to the terminals of all logged-in users.

Blank lines and lines beginning with a

# character are ignored.

For example, the conﬁguration ﬁle:

kern,mark.debug /dev/console

mail.debug /var/adm/syslog/mail.log

*.info;mail.none /var/adm/syslog/syslog.log

*.alert /dev/console

*.alert root,eric,kridle

*.emerg *

*.emerg @admin

logs all kernel messages and 20 minute marks onto the system console, all mail system messages to

/var/adm/syslog/mail.log, and all messages at info and above, except mail messages, to the ﬁle

/var/adm/syslog/syslog.log. Messages at alert and above are logged to the console and to the

users root, eric, and kridle if they are logged in. emerg messages are written to all logged-in users’

terminals, and forwarded to the host admin.

Only a superuser can invoke

syslogd.

Notes

syslogd logs messages into a set of ﬁles. Once the size of a log ﬁle reaches 2 GB, syslogd stops log-

ging to that ﬁle. You can conﬁgure the maximum size of syslogd log ﬁles by setting the variable

LOG_SIZE in /etc/default/syslogd. The values of LOG_SIZE can be any positive integer greater

than 2, representing the maximum size of the ﬁle in GB. When LOG_SIZE=NOLIMIT, syslogd uses

the limit imposed by the ﬁle system on ﬁle size.

syslogd logs messages in a locale-independent fashion as a stream of bytes and will replace each new-

line character in the message with a blank space except for the last newline character. Applications

using the services of syslogd can log messages in different locales. However, be careful when

conﬁguring syslogd so that messages from different locales do not get logged to the same log ﬁle.

2 Hewlett-Packard Company − 2 − HP-UX 11i Version 3: September 2010