source: trunk/minix/man/man5/syslog.conf.5@ 20

.\" syslog.conf - syslogd(8) configuration file
.\" Copyright (c) 1995  Martin Schulze <Martin.Schulze@Linux.DE>
.\" Modified for Minix porting by G. Falzoni <gfalzoni@inwind.it>
.\" $Id: syslog.conf.5,v 1.1 2006/04/03 14:59:52 beng Exp $
.\" 
.\" This file is part of the sysklogd package, a kernel and system log daemon.
.\" 
.\" This program is free software; you can redistribute it and/or modify
.\" it under the terms of the GNU General Public License as published by
.\" the Free Software Foundation; either version 2 of the License, or
.\" (at your option) any later version.
.\" 
.\" This program is distributed in the hope that it will be useful,
.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
.\" GNU General Public License for more details.
.\" 
.\" You should have received a copy of the GNU General Public License
.\" along with this program; if not, write to the Free Software
.\" Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA.
.\"
.\" Local macros
.de Xr
.BR \\$1 (\\$2)\\$3
..
.de LB
.TP \\$1
\\fB\\$2\\fR
\\$3
..
.de LI
.TP \\$1
\\fI\\$2\\fR
\\$3
..
.de LR
.TP \\$1
\\fR\\$2\\fR
\\$3
..
.\" end local macros
.TH SYSLOG.CONF 5 "1 January 1998"
.SH NAME
syslog.conf \- syslogd(8) configuration file
.SH DESCRIPTION
The
.I syslog.conf
file is the main configuration file for the
.Xr syslogd 8
which logs system messages on *nix systems. This file specifies rules
for logging. For special features see the
.Xr syslogd 8
manpage.
Every rule consists of two fields, a 
.I selector
field and an
.I action 
field. These two fields are separated by one or more tabs.
The selector field specifies a pattern of facilities and
priorities belonging to the specified action.
Lines starting with a hash mark (``#'') and empty lines are ignored.
.SH SELECTORS
The selector field itself again consists of two parts, a
.I facility
and a 
.IR priority ,
separated by a period (``.'').
Both parts are case insensitive and can also be specified as decimal
numbers, but don't do that, you have been warned. Both facilities and
priorities are described in 
.BR syslog (3).
The names mentioned below correspond to the similar 
.BR LOG_ -values
in
.IR /usr/include/syslog.h .
The
.I facility
is one of the following keywords:
.BR auth ", " authpriv ", " cron ", " daemon ", " kern ", " lpr ", "
.BR mail ", " mark ", " news ", " security " (same as " auth "), "
.BR syslog ", " user ", " uucp " and " local0 " through " local7 .
The keyword 
.B security
should not be used anymore and
.B mark
is only for internal use and therefore should not be used in
applications. Anyway, you may want to specify and redirect these
messages here. The
.I facility
specifies the subsystem that produced the message, i.e. all mail
programs log with the mail facility
.BR "" ( LOG_MAIL )
if they log using syslog.

The
.I priority
is one of the following keywords, in ascending order: 
.BR debug ", " info ", " notice ", " warning ", " warn " (same as "
.BR warning "), " err ", " error " (same as " err "), " crit ", "
.BR alert ", " emerg ", " panic " (same as " emerg ).
The keywords
.BR error ", " warn " and " panic
are deprecated and should not be used anymore. The
.I priority
defines the severity of the message
.PP
The behavior of the original BSD syslogd is that all messages of the
specified priority and higher are logged according to the given
action. This
.BR syslogd (8)
behaves the same, but has some extensions.
.PP
In addition to the above mentioned names the
.BR syslogd (8)
understands the following extensions:
.LB 5 "*" "An asterisk (``*'') before the period stands for all facilities.
.LB 5 "none" "The keyword none stands for no priority of the given facility.
.PP
Multiple selectors may be specified for a single
.I action
using the semicolon (``;'') separator.  Remember that each selector in
the 
.I selector
field is capable to overwrite the preceding ones. Using this
behavior you can exclude some priorities from the pattern.
.SH ACTIONS
The action field of a rule describes the abstract term
``logfile''. A ``logfile'' need not to be a real file, btw. The
.Xr syslogd 8
provides the following actions.
.SS Regular File
Typically messages are logged to real files. The file has to be
specified with full pathname, beginning with a slash ``/''.
.SS Terminal and Console
If the file you specified is a tty, special tty-handling is done, same
with
.IR /dev/console .
.SS Remote Machine
This release does not implement 
remote logging, i.e. the ability to send messages to a remote host running 
.Xr syslogd 8 .
To forward messages to another host, prepend the hostname
with the at sign (``@'').
.SS List of Users
Usually critical messages are also directed to ``root'' on that
machine. You can specify a list of users that shall get the message by
simply writing the login. You may specify more than one user by
separating them with commas (``,''). If they're logged in they
get the message. Don't think a mail would be sent, that might be too
late.
.SS Everyone logged on
Emergency messages often go to all users currently online to notify
them that something strange is happening with the system. To specify
this
.IR wall (1)-feature
use an asterisk (``*'').
.SH EXAMPLES
Here are some example, partially taken from a real existing site and
configuration. Hopefully they rub out all questions to the
configuration, if not, drop me (Joey) a line.
.IP
.nf
# Store critical stuff in critical
#
*.crit            /var/adm/critical
.fi
.LP
This will store all messages with the priority
.B crit
in the file
.IR /var/adm/critical .
.IP
.nf
# The tcp wrapper loggs with mail.info, we display
# all the connections on tty12
#
mail.info                   /dev/tty12
.fi
.LP
This directs all messages that uses 
.BR mail.info " (in source " LOG_MAIL " | " LOG_INFO )
to
.IR /dev/tty12 , 
the 12th console.
.IP
.nf
# Log all mail.info and news.info messages to info
#
mail,news.info              /var/adm/info
.fi
.LP
This will extract all messages that come either with
.BR mail.info " or with " news.info 
and store them in the file
.IR /var/adm/info .
.IP
.nf
# Emergency messages will be displayed using wall
#
*.emerg                     *
.fi
.LP
This rule tells the
.B syslogd
to write all emergency messages to all currently logged in users. This
is the wall action.
.IP
.nf
# Messages of the priority alert will be directed
# to the operator
#
*.alert                      root,joey
.fi
.LP
This rule directs all messages with a priority of
.B alert
or higher to the terminals of the operator, i.e. of the users ``root''
and ``joey'' if they're logged in.
.IP
.nf
*.*                          @finlandia
.fi
.LP
This rule would redirect all messages to a remote host called
finlandia. This is useful especially in a cluster of machines where
all syslog messages will be stored on only one machine.
.SH FILES
.I /etc/syslog.conf
Configuration file for
.B syslogd
.SH BUGS
The effects of multiple selectors are sometimes not intuitive. For
example ``mail.crit,*.err'' will select ``mail'' facility messages at
the level of ``err'' or higher, not at the level of ``crit'' or
higher.

.SH SEE ALSO
.BR syslogd (8),
.BR logger (1),
.BR syslog (3)
.SH AUTHORS
The
.B syslogd
is taken from BSD sources, Greg Wettstein (greg@wind.rmcc.com)
performed the port to Linux, Martin Schulze (joey@linux.de)
made some bugfixes and added some new features.