1LOGGER(1) User Commands LOGGER(1)
2
6 logger - enter messages into the system log
7
9 logger [options] [message]
10
12 logger makes entries in the system log.
13 When the optional message argument is present, it is written to the
15 log. If it is not present, and the -f option is not given either, then
16 standard input is logged.
17
19 -d, --udp
20 Use datagrams (UDP) only. By default the connection is tried to
21 the syslog port defined in /etc/services, which is often 514 .
22 See also --server and --socket to specify where to connect.
24 -e, --skip-empty
26 Ignore empty lines when processing files. An empty line is
27 defined to be a line without any characters. Thus a line con‐
28 sisting only of whitespace is NOT considered empty. Note that
29 when the --prio-prefix option is specified, the priority is not
30 part of the line. Thus an empty line in this mode is a line
31 that does not have any characters after the priority prefix
32 (e.g., <13>).
33 -f, --file file
35 Log the contents of the specified file. This option cannot be
36 combined with a command-line message.
37 -i Log the PID of the logger process with each line.
39 --id[=id]
41 Log the PID of the logger process with each line. When the
42 optional argument id is specified, then it is used instead of
43 the logger command's PID. The use of --id=$$ (PPID) is recom‐
44 mended in scripts that send several messages.
45 Note that the system logging infrastructure (for example systemd
47 when listening on /dev/log) may follow local socket credentials
48 to overwrite the PID specified in the message. logger(1) is
49 able to set those socket credentials to the given id, but only
50 if you have root permissions and a process with the specified
51 PID exists, otherwise the socket credentials are not modified
52 and the problem is silently ignored.
53 --journald[=file]
55 Write a systemd journal entry. The entry is read from the given
56 file, when specified, otherwise from standard input. Each line
57 must begin with a field that is accepted by journald; see sys‐
58 temd.journal-fields(7) for details. The use of a MESSAGE_ID
59 field is generally a good idea, as it makes finding entries
60 easy. Examples:
61 logger --journald <<end
63 MESSAGE_ID=67feb6ffbaf24c5cbec13c008dd72309
64 MESSAGE=The dogs bark, but the caravan goes on.
65 DOGS=bark
66 CARAVAN=goes on
67 end
68 logger --journald=entry.txt
70 Notice that --journald will ignore values of other options, such
72 as priority. If priority is needed it must be within input, and
73 use PRIORITY field. The simple execution of journalctl will
74 display MESSAGE field. Use journalctl --output json-pretty to
75 see rest of the fields.
76 To include newlines in MESSAGE, specify MESSAGE several times.
78 This is handled as a special case, other fields will be stored
79 as an array in the journal if they appear multiple times.
80 --msgid msgid
82 Sets the RFC5424 MSGID field. Note that the space character is
83 not permitted inside of msgid. This option is only used if
84 --rfc5424 is specified as well; otherwise, it is silently
85 ignored.
86 -n, --server server
88 Write to the specified remote syslog server instead of to the
89 system log socket. Unless --udp or --tcp is specified, logger
90 will first try to use UDP, but if this fails a TCP connection is
91 attempted.
92 --no-act
94 Causes everything to be done except for writing the log message
95 to the system log, and removing the connection or the journal.
96 This option can be used together with --stderr for testing pur‐
97 poses.
98 --octet-count
100 Use the RFC 6587 octet counting framing method for sending mes‐
101 sages. When this option is not used, the default is no framing
102 on UDP, and RFC6587 non-transparent framing (also known as octet
103 stuffing) on TCP.
104 -P, --port port
106 Use the specified port. When this option is not specified, the
107 port defaults to syslog for udp and to syslog-conn for tcp con‐
108 nections.
109 -p, --priority priority
111 Enter the message into the log with the specified priority. The
112 priority may be specified numerically or as a facility.level
113 pair. For example, -p local3.info logs the message as informa‐
114 tional in the local3 facility. The default is user.notice.
115 --prio-prefix
117 Look for a syslog prefix on every line read from standard input.
118 This prefix is a decimal number within angle brackets that
119 encodes both the facility and the level. The number is con‐
120 structed by multiplying the facility by 8 and then adding the
121 level. For example, local0.info, meaning facility=16 and
122 level=6, becomes <134>.
123 If the prefix contains no facility, the facility defaults to
125 what is specified by the -p option. Similarly, if no prefix is
126 provided, the line is logged using the priority given with -p.
127 This option doesn't affect a command-line message.
129 --rfc3164
131 Use the RFC 3164 BSD syslog protocol to submit messages to a
132 remote server.
133 --rfc5424[=without]
135 Use the RFC 5424 syslog protocol to submit messages to a remote
136 server. The optional without argument can be a comma-separated
137 list of the following values: notq, notime, nohost.
138 The notq value suppresses the time-quality structured data from
140 the submitted message. The time-quality information shows
141 whether the local clock was synchronized plus the maximum number
142 of microseconds the timestamp might be off. The time quality is
143 also automatically suppressed when --sd-id timeQuality is speci‐
144 fied.
145 The notime value (which implies notq) suppresses the complete
147 sender timestamp that is in ISO-8601 format, including microsec‐
148 onds and timezone.
149 The nohost value suppresses gethostname(2) information from the
151 message header.
152 The RFC 5424 protocol has been the default for logger since ver‐
154 sion 2.26.
155 -s, --stderr
157 Output the message to standard error as well as to the system
158 log.
159 --sd-id name[@digits]
161 Specifies a structured data element ID for an RFC 5424 message
162 header. The option has to be used before --sd-param to intro‐
163 duce a new element. The number of structured data elements is
164 unlimited. The ID (name plus possibly @digits) is case-sensi‐
165 tive and uniquely identifies the type and purpose of the ele‐
166 ment. The same ID must not exist more than once in a message.
167 The @digits part is required for user-defined non-standardized
168 IDs.
169 logger currently generates the timeQuality standardized element
171 only. RFC 5424 also describes the elements origin (with parame‐
172 ters ip, enterpriseId, software and swVersion) and meta (with
173 parameters sequenceId, sysUpTime and language). These element
174 IDs may be specified without the @digits suffix.
175 --sd-param name="value"
178 Specifies a structured data element parameter, a name and value
179 pair. The option has to be used after --sd-id and may be speci‐
180 fied more than once for the same element. Note that the quota‐
181 tion marks around value are required and must be escaped on the
182 command line.
183 logger --rfc5424 --sd-id zoo@123 \
185 --sd-param tiger=\"hungry\" \
186 --sd-param zebra=\"running\" \
187 --sd-id manager@123 \
188 --sd-param onMeeting=\"yes\" \
189 "this is message"
190 produces:
192 <13>1 2015-10-01T14:07:59.168662+02:00 ws kzak - - [timeQual‐
194 ity tzKnown="1" isSynced="1" syncAccuracy="218616"][zoo@123
195 tiger="hungry" zebra="running"][manager@123 onMeeting="yes"]
196 this is message
197 -S, --size size
199 Sets the maximum permitted message size to size. The default is
200 1KiB characters, which is the limit traditionally used and spec‐
201 ified in RFC 3164. With RFC 5424, this limit has become flexi‐
202 ble. A good assumption is that RFC 5424 receivers can at least
203 process 4KiB messages.
204 Most receivers accept messages larger than 1KiB over any type of
206 syslog protocol. As such, the --size option affects logger in
207 all cases (not only when --rfc5424 was used).
208 Note: the message-size limit limits the overall message size,
210 including the syslog header. Header sizes vary depending on the
211 selected options and the hostname length. As a rule of thumb,
212 headers are usually not longer than 50 to 80 characters. When
213 selecting a maximum message size, it is important to ensure that
214 the receiver supports the max size as well, otherwise messages
215 may become truncated. Again, as a rule of thumb two to four KiB
216 message size should generally be OK, whereas anything larger
217 should be verified to work.
218 --socket-errors[=mode]
221 Print errors about Unix socket connections. The mode can be a
222 value of off, on, or auto. When the mode is auto logger will
223 detect if the init process is systemd, and if so assumption is
224 made /dev/log can be used early at boot. Other init systems
225 lack of /dev/log will not cause errors that is identical with
226 messaging using openlog(3) system call. The logger(1) before
227 version 2.26 used openlog, and hence was unable to detected loss
228 of messages sent to Unix sockets.
229 The default mode is auto. When errors are not enabled lost mes‐
231 sages are not communicated and will result to successful exit
232 status of logger(1) invocation.
233 -T, --tcp
235 Use stream (TCP) only. By default the connection is tried to
236 the syslog-conn port defined in /etc/services, which is often
237 601.
238 See also --server and --socket to specify where to connect.
240 -t, --tag tag
242 Mark every line to be logged with the specified tag. The
243 default tag is the name of the user logged in on the terminal
244 (or a user name based on effective user ID).
245 -u, --socket socket
247 Write to the specified socket instead of to the system log
248 socket.
249 -- End the argument list. This allows the message to start with a
251 hyphen (-).
252 -V, --version
254 Display version information and exit.
255 -h, --help
257 Display help text and exit.
258
260 The logger utility exits 0 on success, and >0 if an error occurs.
261
263 Valid facility names are:
264 auth
266 authpriv for security information of a sensitive nature
267 cron
268 daemon
270 ftp
271 kern cannot be generated from userspace process, automati‐
272 cally converted to user
273 lpr
274 mail
275 news
276 syslog
277 user
278 uucp
279 local0
280 to
281 local7
282 security deprecated synonym for auth
283 Valid level names are:
285 emerg
287 alert
288 crit
289 err
290 warning
291 notice
292 info
293 debug
294 panic deprecated synonym for emerg
295 error deprecated synonym for err
296 warn deprecated synonym for warning
297 For the priority order and intended purposes of these facilities and
299 levels, see syslog(3).
300
302 The logger command is expected to be IEEE Std 1003.2 ("POSIX.2") com‐
303 patible.
304
306 logger System rebooted
307 logger -p local0.notice -t HOSTIDM -f /dev/idmc
308 logger -n loghost.example.com System rebooted
309
311 The logger command was originally written by University of California
312 in 1983-1993 and later rewritten by Karel Zak ⟨kzak@redhat.com⟩, Rainer
313 Gerhards ⟨rgerhards@adiscon.com⟩ and Sami Kerola ⟨kerolasa@iki.fi⟩.
314
316 journalctl(1), syslog(3), systemd.journal-fields(7)
317
319 The logger command is part of the util-linux package and is available
320 from Linux Kernel Archive ⟨https://www.kernel.org/pub/linux/utils/util-
321 linux/⟩.
322util-linux November 2015 LOGGER(1)