Syslog: Difference between revisions
m (→Reading logs: fix logread command example) |
(Move 'Writing logs' out of busybox syslog section) |
||
(6 intermediate revisions by 4 users not shown) | |||
Line 1: | Line 1: | ||
Syslog collects log data from multiple programs either to RAM or to a file, and handles log rotation (similar to <code>journald</code> on systemd-based systems). Alpine installs <code>syslog</code> as provided by | {{TOC right}} | ||
Syslog collects log data from multiple programs either to RAM or to a file, and handles log rotation (similar to <code>journald</code> on systemd-based systems). Alpine installs <code>syslog</code> as provided by {{pkg|busybox}} per default, but it also packages [https://pkgs.alpinelinux.org/packages?name=*syslog* other implementations], such as {{pkg|rsyslog}}, {{pkg|syslog-ng}} and [[logbookd]]. | |||
== busybox syslog == | == busybox syslog == | ||
Line 5: | Line 7: | ||
Depending on how you have installed Alpine, it is already running (check with <code>ps a | grep syslogd</code>). Otherwise enable it at boot and start it with the following commands: | Depending on how you have installed Alpine, it is already running (check with <code>ps a | grep syslogd</code>). Otherwise enable it at boot and start it with the following commands: | ||
< | {{cmd|<nowiki># rc-update add syslog boot | ||
# rc-update add syslog boot | |||
# rc-service syslog start | # rc-service syslog start | ||
</ | </nowiki>}} | ||
=== Configuration === | === Configuration === | ||
Edit | Edit {{path|/etc/conf.d/syslog}} to change the options used when running <code>syslogd</code>. All available options can be looked up with <code>syslogd --help</code>. | ||
=== Reading logs === | === Reading logs === | ||
< | {{cmd|<nowiki># tail -f /var/log/messages | ||
# tail -f /var/log/messages | |||
Shows all messages and follows the log | Shows all messages and follows the log | ||
# tail -f /var/log/messages | grep ssh | # tail -f /var/log/messages | grep ssh | ||
Only shows SSH related messages, also follows the log | Only shows SSH related messages, also follows the log | ||
</ | </nowiki>}} | ||
When <code>-C</code> is enabled in the configuration: | When <code>-C</code> is enabled in the configuration: | ||
< | {{cmd|<nowiki># logread -f | ||
# logread -f | |||
# logread -f | grep ssh | # logread -f | grep ssh | ||
</ | </nowiki>}} | ||
== Writing logs == | |||
Many applications are able to write to the syslog by default (e.g. <code>sshd</code>). If you wish to write manually to it, use the <code>logger</code> program. | Many applications are able to write to the syslog by default (e.g. <code>sshd</code>). If you wish to write manually to it, use the <code>logger</code> program. | ||
{{cmd|$ logger "hello world"}} | |||
$ logger "hello world" | |||
== See also == | |||
* [https://wiki.gentoo.org/wiki/Logging Gentoo Wiki - Logging] | |||
[[category:System Administration]] |
Latest revision as of 10:53, 29 February 2024
Syslog collects log data from multiple programs either to RAM or to a file, and handles log rotation (similar to journald
on systemd-based systems). Alpine installs syslog
as provided by busybox per default, but it also packages other implementations, such as rsyslog, syslog-ng and logbookd.
busybox syslog
Running syslogd
Depending on how you have installed Alpine, it is already running (check with ps a | grep syslogd
). Otherwise enable it at boot and start it with the following commands:
# rc-update add syslog boot # rc-service syslog start
Configuration
Edit /etc/conf.d/syslog to change the options used when running syslogd
. All available options can be looked up with syslogd --help
.
Reading logs
# tail -f /var/log/messages Shows all messages and follows the log # tail -f /var/log/messages | grep ssh Only shows SSH related messages, also follows the log
When -C
is enabled in the configuration:
# logread -f # logread -f | grep ssh
Writing logs
Many applications are able to write to the syslog by default (e.g. sshd
). If you wish to write manually to it, use the logger
program.
$ logger "hello world"