Configuration file for syslogd
/etc/syslog.conf
The /etc/syslog.conf file is the configuration file for the syslogd daemon. It consists of lines with two fields:
The selectors are encoded as a facility, a dot (.), and a level, with no intervening whitespace. Both the facility and the level are case-insensitive.
The facility describes the part of the system generating the message, and is one of the following keywords:
These keywords (with the exception of mark) correspond to the similar LOG_ values specified to the openlog() and syslog() routines.
The level describes the severity of the message, and is a keyword from the following ordered (higher to lower) list:
These keywords also correspond to the similar LOG_ values specified to the syslog() routine. For further descriptions of both the facility and level keywords and their significance, see syslog() in the QNX Neutrino C Library Reference.
If a received message matches the specified facility and is of the specified (or higher) level, then the action specified in the action field is taken. You can specify multiple selectors for a single action by separating them with semicolon (;) characters.
You can specify multiple facilities for a single level by separating them with comma (,) characters. You can use an asterisk (*) to specify all facilities or all levels.
The special facility mark receives a message at priority info every 20 minutes (see syslogd). The special level none disables a particular facility.
The action field of each line specifies the action to be taken when the selector field selects a message:
A first character of: | Indicates: | The selected messages are: |
---|---|---|
/ | A pathname | Appended to the file |
@ | A hostname | Forwarded to the syslogd program on the named host |
*.* /dev/console
and then start syslogd.
Blank lines and lines whose first nonblank character is a hash (#) character are ignored.
A configuration file might appear as follows:
# Log all kernel messages, authentication messages of # level notice or higher and anything of level err or # higher to the console. # Don't log private authentication messages! *.err;kern.*;auth.notice;authpriv.none /dev/console # Log anything (except mail) of level info or higher. # Don't log private authentication messages! *.info;mail.none;authpriv.none /var/log/messages # The authpriv file has restricted access. authpriv.* /var/log/secure # Log all the mail messages in one place. mail.* /var/log/maillog
The effects of multiple selectors aren't always intuitive. For example, mail.crit,*.err selects mail facility messages at the level of err or higher, not at the level of crit or higher.
Logging messages to users isn't currently implemented.