DistributedNetworks DistributedNetworks


Kernel Logging   «Prev 

Valid Facilities and Severities


The define logging facilities are:
  1. user
  2. kern
  3. mail
  4. daemon
  5. auth
  6. lpr
  7. news
  8. uucp
  9. cron
  10. local0
  11. local1
  12. local2
  13. local3
  14. local4
  15. local5
  16. local6
  17. local7

System logging

Though not specifically a network service, the system-logging facility (rsysklogd package) logs information and error messages from most of the network services (and other services) on your computer. The system-logging daemon (/sbin/rsyslogd) should be running at all times. The rsyslogd daemon is, by default, started at all multiuser run levels (2, 3, 4, and 5). You can change what messages are logged or have logging messages directed to different files by reconfiguring the /etc/rsyslog.conf file. You can change options used by the rsyslogd daemon by editing the /etc/sysconfig/rsyslog file.

Red Hat Reference

CAUTION: If, when installing Windows or Fedora, you find that the other operating system is no longer available on your boot screen, do not panic and do not immediately reinstall. You can usually recover from the problem by booting the live CD that comes with this book, and then using the grub-install command to reinsert the proper master boot record. Refer to the “Using the GRUB boot loader” section later in this chapter. If you are uncomfortable working in emergency mode, seek out an expert to help you.

CAUTION: Remember that any partition commands can easily erase your disk or make it inaccessible. Back up critical data before using any tool to change partitions! Then be very careful about the changes you do make. Keeping an emergency boot disk handy is a good idea, too.
The severity levels in order of most important to least are:
  1. emerg
  2. alert
  3. crit
  4. err
  5. warning
  6. notice
  7. info
  8. debug
  9. none

You must combine exactly one facility and one severity to create a selector.

Using logging with iptables

Using the LOG target you can log information about packets that meet the criteria you choose. In particular you might want to use this feature to log packets that seem like they might be improper in some way. In other words, if you do not want to drop a packet for some reason, you can just log its activity and decide later if something needs to be corrected. The LOG target directs log information to the standard tools used to do logging in Fedora: dmesg and rsyslogd. Here’s an example of a rule using a LOG target:
-A FORWARD -p tcp -j LOG --log-level info

Instead of info, you could use any of the following log levels available with rsyslog:
emerg, alert, crit, err, warning, notice, info, or debug. Using the --logprefix

option as follows, you could also add information to the front of all messages produced from this logging action:
-A FORWARD -p tcp -j LOG --log-level info --log-prefix "Forward INFO "