/etc/syslog.conf

Configuration file for syslogd

Name:

/etc/syslog.conf

Description:

The /etc/syslog.conf file is the configuration file for the syslogd daemon. It consists of lines with two fields:

Selector field: The types of messages and priorities to which the line applies.
Action field: The action to take if a message received by syslogd matches the selection criteria.

Note: Use one or more tab characters to separate the selector and action fields.

The selectors are encoded as a facility, a dot (.), and a level, with no intervening whitespace. Both the facility and the level are case-insensitive.

The facility describes the part of the system generating the message, and is one of the following keywords:

auth
authpriv
cron
daemon
kern
mail
mark
news
syslog
user
uucp
local0 through local7.

These keywords (with the exception of mark) correspond to the similar “LOG_” values specified to the openlog() and syslog() routines.

The level describes the severity of the message, and is a keyword from the following ordered (higher to lower) list:

emerg
alert
crit
err
warning
notice
info
debug

These keywords also correspond to the similar “LOG_” values specified to the syslog() routine. For further descriptions of both the facility and level keywords and their significance, see syslog() in the QNX Neutrino C Library Reference.

If a received message matches the specified facility and is of the specified (or higher) level, then the action specified in the action field is taken. You can specify multiple selectors for a single action by separating them with semicolon (;) characters.

Note: Note that each selector can modify the ones preceding it.

You can specify multiple facilities for a single level by separating them with comma (,) characters. You can use an asterisk (*) to specify all facilities or all levels.

The special facility mark receives a message at priority info every 20 minutes (see syslogd). The special level none disables a particular facility.

The action field of each line specifies the action to be taken when the selector field selects a message:

A first character of:	Indicates:	The selected messages are:
`/`	A pathname	Appended to the file
`@`	A hostname	Forwarded to the syslogd program on the named host

Note:

If you specify a pathname for an action, the file must exist when syslogd reads its configuration file. Otherwise the action is ignored.
(QNX Neutrino 7.0 or later) If you're using slogger2, and you want to redirect syslogd output to it, send the log messages to /dev/console (which slogger2 monitors) by doing one of the following:
- Specify an action that sends the logs to /dev/console, such as:
```
*.*    /dev/console
```
  and then start syslogd.
- Specify the LOG_CONS flag when you call openlog()

Blank lines and lines whose first nonblank character is a hash (#) character are ignored.

Examples:

A configuration file might appear as follows:

# Log all kernel messages, authentication messages of
# level notice or higher and anything of level err or
# higher to the console.
# Don't log private authentication messages!
*.err;kern.*;auth.notice;authpriv.none /dev/console

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none         /var/log/messages

# The authpriv file has restricted access.
authpriv.*                             /var/log/secure

# Log all the mail messages in one place.
mail.*                                 /var/log/maillog

Caveats:

The effects of multiple selectors aren't always intuitive. For example, mail.crit,*.err selects mail facility messages at the level of err or higher, not at the level of crit or higher.

Logging messages to users isn't currently implemented.