Difference between revisions of "Syslog"

From Alpine Linux
Jump to: navigation, search
(Created page with "Syslog collects log data from multiple programs either to RAM or to a file, and handles log rotation (similar to <code>journald</code> on systemd-based systems). Alpine instal...")
 
 
(One intermediate revision by one other user not shown)
Line 1: Line 1:
 +
{{TOC right}}
 +
 
Syslog collects log data from multiple programs either to RAM or to a file, and handles log rotation (similar to <code>journald</code> on systemd-based systems). Alpine installs <code>syslog</code> as provided by <code>busybox</code> per default, but it also packages [https://pkgs.alpinelinux.org/packages?name=*syslog* other implementations], such as <code>rsyslog</code> and <code>syslog-ng</code>.
 
Syslog collects log data from multiple programs either to RAM or to a file, and handles log rotation (similar to <code>journald</code> on systemd-based systems). Alpine installs <code>syslog</code> as provided by <code>busybox</code> per default, but it also packages [https://pkgs.alpinelinux.org/packages?name=*syslog* other implementations], such as <code>rsyslog</code> and <code>syslog-ng</code>.
  
Line 23: Line 25:
 
When <code>-C</code> is enabled in the configuration:
 
When <code>-C</code> is enabled in the configuration:
 
<pre>
 
<pre>
# logread -f /var/log/messages
+
# logread -f
# logread -f /var/log/messages | grep ssh
+
# logread -f | grep ssh
 
</pre>
 
</pre>
  
Line 33: Line 35:
 
$ logger "hello world"
 
$ logger "hello world"
 
</pre>
 
</pre>
 +
 +
 +
[[category:System Administration]]

Latest revision as of 12:07, 14 September 2019

Syslog collects log data from multiple programs either to RAM or to a file, and handles log rotation (similar to journald on systemd-based systems). Alpine installs syslog as provided by busybox per default, but it also packages other implementations, such as rsyslog and syslog-ng.

busybox syslog

Running syslogd

Depending on how you have installed Alpine, it is already running (check with ps a | grep syslogd). Otherwise enable it at boot and start it with the following commands:

# rc-update add syslog boot
# rc-service syslog start

Configuration

Edit /etc/conf.d/syslog.cfg to change the options used when running syslogd. All available options can be looked up with syslogd --help.

Reading logs

# tail -f /var/log/messages
Shows all messages and follows the log
# tail -f /var/log/messages | grep ssh
Only shows SSH related messages, also follows the log

When -C is enabled in the configuration:

# logread -f
# logread -f | grep ssh

Writing logs

Many applications are able to write to the syslog by default (e.g. sshd). If you wish to write manually to it, use the logger program.

$ logger "hello world"