1LOGGER(1) User Commands LOGGER(1)
2
3
4
6 logger - enter messages into the system log
7
9 logger [options] [message]
10
12 logger makes entries in the system log.
13
14 When the optional message argument is present, it is written to the
15 log. If it is not present, and the -f option is not given either, then
16 standard input is logged.
17
19 -d, --udp
20 Use datagrams (UDP) only. By default the connection is tried to
21 the syslog port defined in /etc/services, which is often 514 .
22
23 See also --server and --socket to specify where to connect.
24
25 -e, --skip-empty
26 Ignore empty lines when processing files. An empty line is
27 defined to be a line without any characters. Thus a line con‐
28 sisting only of whitespace is NOT considered empty. Note that
29 when the --prio-prefix option is specified, the priority is not
30 part of the line. Thus an empty line in this mode is a line
31 that does not have any characters after the priority prefix
32 (e.g., <13>).
33
34 -f, --file file
35 Log the contents of the specified file. This option cannot be
36 combined with a command-line message.
37
38 -i Log the PID of the logger process with each line.
39
40 --id[=id]
41 Log the PID of the logger process with each line. When the
42 optional argument id is specified, then it is used instead of
43 the logger command's PID. The use of --id=$$ (PPID) is recom‐
44 mended in scripts that send several messages.
45
46 Note that the system logging infrastructure (for example systemd
47 when listening on /dev/log) may follow local socket credentials
48 to overwrite the PID specified in the message. logger(1) is
49 able to set those socket credentials to the given id, but only
50 if you have root permissions and a process with the specified
51 PID exists, otherwise the socket credentials are not modified
52 and the problem is silently ignored.
53
54 --journald[=file]
55 Write a systemd journal entry. The entry is read from the given
56 file, when specified, otherwise from standard input. Each line
57 must begin with a field that is accepted by journald; see sys‐
58 temd.journal-fields(7) for details. The use of a MESSAGE_ID
59 field is generally a good idea, as it makes finding entries
60 easy. Examples:
61
62 logger --journald <<end
63 MESSAGE_ID=67feb6ffbaf24c5cbec13c008dd72309
64 MESSAGE=The dogs bark, but the caravan goes on.
65 DOGS=bark
66 CARAVAN=goes on
67 end
68
69 logger --journald=entry.txt
70
71 Notice that --journald will ignore values of other options, such
72 as priority. If priority is needed it must be within input, and
73 use PRIORITY field. The simple execution of journalctl will
74 display MESSAGE field. Use journalctl --output json-pretty to
75 see rest of the fields.
76
77 To include newlines in MESSAGE, specify MESSAGE several times.
78 This is handled as a special case, other fields will be stored
79 as an array in the journal if they appear multiple times.
80
81 --msgid msgid
82 Sets the RFC5424 MSGID field. Note that the space character is
83 not permitted inside of msgid. This option is only used if
84 --rfc5424 is specified as well; otherwise, it is silently
85 ignored.
86
87 -n, --server server
88 Write to the specified remote syslog server instead of to the
89 system log socket. Unless --udp or --tcp is specified, logger
90 will first try to use UDP, but if this fails a TCP connection is
91 attempted.
92
93 --no-act
94 Causes everything to be done except for writing the log message
95 to the system log, and removing the connection or the journal.
96 This option can be used together with --stderr for testing pur‐
97 poses.
98
99 --octet-count
100 Use the RFC 6587 octet counting framing method for sending mes‐
101 sages. When this option is not used, the default is no framing
102 on UDP, and RFC6587 non-transparent framing (also known as octet
103 stuffing) on TCP.
104
105 -P, --port port
106 Use the specified port. When this option is not specified, the
107 port defaults to syslog for udp and to syslog-conn for tcp con‐
108 nections.
109
110 -p, --priority priority
111 Enter the message into the log with the specified priority. The
112 priority may be specified numerically or as a facility.level
113 pair. For example, -p local3.info logs the message as informa‐
114 tional in the local3 facility. The default is user.notice.
115
116 --prio-prefix
117 Look for a syslog prefix on every line read from standard input.
118 This prefix is a decimal number within angle brackets that
119 encodes both the facility and the level. The number is con‐
120 structed by multiplying the facility by 8 and then adding the
121 level. For example, local0.info, meaning facility=16 and
122 level=6, becomes <134>.
123
124 If the prefix contains no facility, the facility defaults to
125 what is specified by the -p option. Similarly, if no prefix is
126 provided, the line is logged using the priority given with -p.
127
128 This option doesn't affect a command-line message.
129
130 --rfc3164
131 Use the RFC 3164 BSD syslog protocol to submit messages to a
132 remote server.
133
134 --rfc5424[=without]
135 Use the RFC 5424 syslog protocol to submit messages to a remote
136 server. The optional without argument can be a comma-separated
137 list of the following values: notq, notime, nohost.
138
139 The notq value suppresses the time-quality structured data from
140 the submitted message. The time-quality information shows
141 whether the local clock was synchronized plus the maximum number
142 of microseconds the timestamp might be off. The time quality is
143 also automatically suppressed when --sd-id timeQuality is speci‐
144 fied.
145
146 The notime value (which implies notq) suppresses the complete
147 sender timestamp that is in ISO-8601 format, including microsec‐
148 onds and timezone.
149
150 The nohost value suppresses gethostname(2) information from the
151 message header.
152
153 The RFC 5424 protocol has been the default for logger since ver‐
154 sion 2.26.
155
156 -s, --stderr
157 Output the message to standard error as well as to the system
158 log.
159
160 --sd-id name[@digits]
161 Specifies a structured data element ID for an RFC 5424 message
162 header. The option has to be used before --sd-param to intro‐
163 duce a new element. The number of structured data elements is
164 unlimited. The ID (name plus possibly @digits) is case-sensi‐
165 tive and uniquely identifies the type and purpose of the ele‐
166 ment. The same ID must not exist more than once in a message.
167 The @digits part is required for user-defined non-standardized
168 IDs.
169
170 logger currently generates the timeQuality standardized element
171 only. RFC 5424 also describes the elements origin (with parame‐
172 ters ip, enterpriseId, software and swVersion) and meta (with
173 parameters sequenceId, sysUpTime and language). These element
174 IDs may be specified without the @digits suffix.
175
176
177 --sd-param name="value"
178 Specifies a structured data element parameter, a name and value
179 pair. The option has to be used after --sd-id and may be speci‐
180 fied more than once for the same element. Note that the quota‐
181 tion marks around value are required and must be escaped on the
182 command line.
183
184 logger --rfc5424 --sd-id zoo@123 \
185 --sd-param tiger=\"hungry\" \
186 --sd-param zebra=\"running\" \
187 --sd-id manager@123 \
188 --sd-param onMeeting=\"yes\" \
189 "this is message"
190
191 produces:
192
193 <13>1 2015-10-01T14:07:59.168662+02:00 ws kzak - - [timeQuality tzKnown="1" isSynced="1" syncAccuracy="218616"][zoo@123 tiger="hungry" zebra="running"][manager@123 onMeeting="yes"] this is message
194
195 -S, --size size
196 Sets the maximum permitted message size to size. The default is
197 1KiB characters, which is the limit traditionally used and spec‐
198 ified in RFC 3164. With RFC 5424, this limit has become flexi‐
199 ble. A good assumption is that RFC 5424 receivers can at least
200 process 4KiB messages.
201
202 Most receivers accept messages larger than 1KiB over any type of
203 syslog protocol. As such, the --size option affects logger in
204 all cases (not only when --rfc5424 was used).
205
206 Note: the message-size limit limits the overall message size,
207 including the syslog header. Header sizes vary depending on the
208 selected options and the hostname length. As a rule of thumb,
209 headers are usually not longer than 50 to 80 characters. When
210 selecting a maximum message size, it is important to ensure that
211 the receiver supports the max size as well, otherwise messages
212 may become truncated. Again, as a rule of thumb two to four KiB
213 message size should generally be OK, whereas anything larger
214 should be verified to work.
215
216
217 --socket-errors[=mode]
218 Print errors about Unix socket connections. The mode can be a
219 value of off, on, or auto. When the mode is auto logger will
220 detect if the init process is systemd, and if so assumption is
221 made /dev/log can be used early at boot. Other init systems
222 lack of /dev/log will not cause errors that is identical with
223 messaging using openlog(3) system call. The logger(1) before
224 version 2.26 used openlog, and hence was unable to detected loss
225 of messages sent to Unix sockets.
226
227 The default mode is auto. When errors are not enabled lost mes‐
228 sages are not communicated and will result to successful return
229 value of logger(1) invocation.
230
231 -T, --tcp
232 Use stream (TCP) only. By default the connection is tried to
233 the syslog-conn port defined in /etc/services, which is often
234 601.
235
236 See also --server and --socket to specify where to connect.
237
238 -t, --tag tag
239 Mark every line to be logged with the specified tag. The
240 default tag is the name of the user logged in on the terminal
241 (or a user name based on effective user ID).
242
243 -u, --socket socket
244 Write to the specified socket instead of to the system log
245 socket.
246
247 -- End the argument list. This allows the message to start with a
248 hyphen (-).
249
250 -V, --version
251 Display version information and exit.
252
253 -h, --help
254 Display help text and exit.
255
257 The logger utility exits 0 on success, and >0 if an error occurs.
258
260 Valid facility names are:
261
262 auth
263 authpriv for security information of a sensitive nature
264
265 cron
266 daemon
267 ftp
268 kern cannot be generated from userspace process, automati‐
269 cally converted to user
270 lpr
271 mail
272 news
273 syslog
274 user
275 uucp
276 local0
277 to
278 local7
279 security deprecated synonym for auth
280
281 Valid level names are:
282
283 emerg
284 alert
285 crit
286 err
287 warning
288 notice
289 info
290 debug
291 panic deprecated synonym for emerg
292 error deprecated synonym for err
293 warn deprecated synonym for warning
294
295 For the priority order and intended purposes of these facilities and
296 levels, see syslog(3).
297
299 logger System rebooted
300 logger -p local0.notice -t HOSTIDM -f /dev/idmc
301 logger -n loghost.example.com System rebooted
302
304 journalctl(1), syslog(3), systemd.journal-fields(7)
305
307 The logger command is expected to be IEEE Std 1003.2 ("POSIX.2") com‐
308 patible.
309
311 The logger command was originally written by University of California
312 in 1983-1993 and later rewritten by Karel Zak ⟨kzak@redhat.com⟩, Rainer
313 Gerhards ⟨rgerhards@adiscon.com⟩ and Sami Kerola ⟨kerolasa@iki.fi⟩.
314
316 The logger command is part of the util-linux package and is available
317 from Linux Kernel Archive ⟨https://www.kernel.org/pub/linux/utils/util-
318 linux/⟩.
319
320
321
322util-linux November 2015 LOGGER(1)