To configure the Linux system logging facility, use the
file. This file enables you to specify how log messages will be handled when they arrive, such as what file or host will log them.
Every line in this file is called a rule
. Rules map selectors
, which allows the Linux system logging facility to route messages of certain types to different locations.
For example, you might want to route debugging messages and critical messages to different locations.
combine to form a selector.
Linux predefines valid facilities and severities
, which applications use to log entries to the system logger.
To make a selector, place the facility name followed by a period in front of the severity. For example, an email program might use the
selector if it is unable to download your email.
- Facility: Facilities are simply programs that can be configured to send notices to the system log. Common facilities include user, kern, mail, daemon, auth, lpr, news, uucp, and cron.
- Severity: The severity level indicates the importance of a given message. The severity levels listed from most importance to least important are: emerg, alert, crit, err, warning, notice, info, debug, and none.
The system logger checks a log message's selector against selectors defined in
. If the selector is configured in
, the system logger performs the associated action.
You can specify actions that
- log the message to a file
- broadcast the message to all logged-in users
- write the message to the system console
- transmit the message to remote logging daemons across the network
By default, emergency messages (those with a severity of
) are broadcast to all users, and most other messages are written to the standard system logfile
Once you have made configuration changes, restart the system logging facility with
The next lesson explains how to maintain logs.