Syslog daemon configuration file

The syslog daemon processing is controlled by a configuration file called /etc/syslog.conf in which you define logging rules and output destinations for error messages, authorization violation messages, and trace data. Logging rules are defined by using a facility name and a severity level. The facility name and severity level are passed on the logging request from an application when it wants to log a message. See Figure 1 for an example of a configuration file.

Each statement of the configuration file has the following syntax:

facility

is the name of the system process that is sending the message. The following facility names are supported and predefined in the syslog daemon implementation.

Note: The z/TPF system does not have a server for all of these facilities; however, the syslog daemon will accept messages if your environment has such a server.

auth

Messages generated by authorization programs.

daemon

Messages generated by system server processes.

local0–7

Names reserved for user-defined facilities.

mail

Messages generated by a mail system.

news

Messages generated by a news system.

syslog

Messages generated by the syslog daemon.

user

Messages generated by a process (user).

mark

Messages generated by a mark signal from the syslog daemon. See Adding the syslog daemon server for more information about defining the syslog daemon for mark messages.

*

Placeholder used to represent all facilities.

severity

is the severity level of the message. The following severity levels, shown in order of importance, are supported:

emerg

An emergency condition; that is, the system cannot be used. This is normally broadcast to all processes.

alert

A condition that must be corrected immediately, such as a corrupted system database.

crit

A critical condition, such as a hard device error.

err(or)

An error message.

warn(ing)

A warning message.

notice

A condition that is not an error condition, but that may require special handling.

info

An informational message.

debug

A message that contains information normally of use only when debugging a program.

none

Do not log any messages for the facility.

\t

represents the tab character.

destination

is the destination to which the log message will be sent. The following destinations are supported. You must use lowercase for all file names, users, and hosts.

/file

A specific file (for example, /tmp/syslogd/error.log). All log files used by the syslog daemon must be created in the hierarchical file system (HFS) before the syslog daemon is started.

@host

A syslog daemon on another host (for example, @mya1xserver).

tape

A z/TPF RTA tape.

Note: If you direct the data to an RTA tape, you must postprocess the data offline. The data is written as null terminated strings in 4K blocks. Each block contains a header with the tape record ID of X'EA00'.

Figure 1 shows an example of a syslog daemon configuration file. See Modifying the syslog daemon configuration file for information about how to modify the configuration file.

#
# facility.severity     destination
# -----------------     -----------
# Note: The facility.severity and destination must be separated by tabs.
#
# Uncomment the following to log all messages to the /dev/null file.
#*.emerg                 /dev/null
#
# Uncomment the following to log all error messages
# to the error.log file
#*.err                   /tmp/syslogd/error.log
#
# Uncomment the following to log all debug messages to tape
#*.debug                 tape
#
# Uncomment the following to log all local0 informational messages
# and local1 error messages to a remote host
#local0.info;local1.err  @remote.host.com
#
# Uncomment the following to log all daemon server debug messages
# to the server.debug file
#daemon.debug            /tmp/syslogd/server.debug
#
# Uncomment the following to log everything except local0, local1, and daemon
# messages to the garbagecan.log file
#*.emerg;local0.none;local1.none;daemon.none   /tmp/syslogd/garbagecan.log