1syslogd(1M) System Administration Commands syslogd(1M)
2
6 syslogd - log system messages
7
9 /usr/sbin/syslogd [-d] [-f configfile] [-m markinterval]
10 [-p path] [-t | -T]
11
14 syslogd reads and forwards system messages to the appropriate log files
15 or users, depending upon the priority of a message and the system
16 facility from which it originates. The configuration file /etc/sys‐
17 log.conf (see syslog.conf(4)) controls where messages are forwarded.
18 syslogd logs a mark (timestamp) message every markinterval minutes
19 (default 20) at priority LOG_INFO to the facility whose name is given
20 as mark in the syslog.conf file.
21 A system message consists of a single line of text, which may be pre‐
24 fixed with a priority code number enclosed in angle-brackets (<>); pri‐
25 orities are defined in <sys/syslog.h>.
26 syslogd reads from the STREAMS log driver, /dev/log, and from any
29 transport provider specified in /etc/netconfig, /etc/net/trans‐
30 port/hosts, and /etc/net/transport/services.
31 syslogd reads the configuration file when it starts up, and again when‐
34 ever it receives a HUP signal (see signal.h(3HEAD), at which time it
35 also closes all files it has open, re-reads its configuration file, and
36 then opens only the log files that are listed in that file. syslogd
37 exits when it receives a TERM signal.
38 As it starts up, syslogd creates the file /var/run/syslog.pid, if pos‐
41 sible, containing its process identifier (PID).
42 If message ID generation is enabled (see log(7D)), each message will be
45 preceded by an identifier in the following format: [ID msgid facil‐
46 ity.priority]. msgid is the message's numeric identifier described in
47 msgid(1M). facility and priority are described in syslog.conf(4). [ID
48 123456 kern.notice] is an example of an identifier when message ID gen‐
49 eration is enabled.
50 If the message originated in a loadable kernel module or driver, the
53 kernel module's name (for example, ufs) will be displayed instead of
54 unix. See EXAMPLES for sample output from syslogd with and without mes‐
55 sage ID generation enabled.
56 In an effort to reduce visual clutter, message IDs are not displayed
59 when writing to the console; message IDs are only written to the log
60 file. See .
61 The /etc/default/syslogd file contains the following default parameter
64 settings, which are in effect if neither the -t nor -T option is
65 selected. See FILES.
66 The recommended way to allow or disallow message logging is through the
69 use of the service management facility (smf(5)) property:
70 svc:/system/system-log/config/log_from_remote
72 This property specifies whether remote messages are logged.
76 log_from_remote=true is equivalent to the -t command-line option and
77 false is equivalent to the -T command-line option. The default value
78 for -log_from_remote is false. See NOTES, below.
79 LOG_FROM_REMOTE
81 Specifies whether remote messages are logged. LOG_FROM_REMOTE=NO is
83 equivalent to the -t command-line option. The default value for
84 LOG_FROM_REMOTE is YES.
85
88 The following options are supported:
89 -d
91 Turn on debugging. This option should only be used interactively in
93 a root shell once the system is in multi-user mode. It should not
94 be used in the system start-up scripts, as this will cause the sys‐
95 tem to hang at the point where syslogd is started.
96 -f configfile
99 Specify an alternate configuration file.
101 -m markinterval
104 Specify an interval, in minutes, between mark messages.
106 -p path
109 Specify an alternative log device name. The default is /dev/log.
111 -T
114 Enable the syslogd UDP port to turn on logging of remote messages.
116 This is the default behavior. See .
117 -t
120 Disable the syslogd UDP port to turn off logging of remote mes‐
122 sages. See .
123
126 Example 1 syslogd Output Without Message ID Generation Enabled
127 The following example shows the output from syslogd when message ID
130 generation is not enabled:
131 Sep 29 21:41:18 cathy unix: alloc /: file system full
134 Example 2 syslogd Output with ID generation Enabled
138 The following example shows the output from syslogd when message ID
141 generation is enabled. The message ID is displayed when writing to log
142 file/var/adm/messages.
143 Sep 29 21:41:18 cathy ufs: [ID 845546 kern.notice]
146 alloc /: file system full
147 Example 3 syslogd Output with ID Generation Enabled
151 The following example shows the output from syslogd when message ID
154 generation is enabled when writing to the console. Even though message
155 ID is enabled, the message ID is not displayed at the console.
156 Sep 29 21:41:18 cathy ufs: alloc /: file system full
159 Example 4 Enabling Acceptance of UDP Messages from Remote Systems
163 The following commands enable syslogd to accept entries from remote
166 systems.
167 # svccfg -s svc:/system/system-log setprop config/log_from_remote = true
170 # svcadm restart svc:/system/system-log
171
175 /etc/syslog.conf
176 Configuration file
178 /var/run/syslog.pid
181 Process ID
183 /etc/default/syslogd
186 Contains default settings. You can override some of the settings by
188 command-line options.
189 /dev/log
192 STREAMS log driver
194 /etc/netconfig
197 Transport providers available on the system
199 /etc/net/transport/hosts
202 Network hosts for each transport
204 /etc/net/transport/services
207 Network services for each transport
209
212 See attributes(5) for descriptions of the following attributes:
213 ┌─────────────────────────────┬─────────────────────────────┐
218 │ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
219 ├─────────────────────────────┼─────────────────────────────┤
220 │Availability │SUNWcsu │
221 └─────────────────────────────┴─────────────────────────────┘
222
224 logger(1), svcs(1), msgid(1M), svcadm(1M), svccfg(1M), syslog(3C), sys‐
225 log.conf(4), attributes(5), signal.h(3HEAD), smf(5), log(7D)
226
228 The mark message is a system time stamp, and so it is only defined for
229 the system on which syslogd is running. It can not be forwarded to
230 other systems.
231 When syslogd receives a HUP signal, it attempts to complete outputting
234 pending messages, and close all log files to which it is currently log‐
235 ging messages. If, for some reason, one (or more) of these files does
236 not close within a generous grace period, syslogd discards the pending
237 messages, forcibly closes these files, and starts reconfiguration. If
238 this shutdown procedure is disturbed by an unexpected error and syslogd
239 cannot complete reconfiguration, syslogd sends a mail message to the
240 superuser on the current system stating that it has shut down, and
241 exits.
242 Care should be taken to ensure that each window displaying messages
245 forwarded by syslogd (especially console windows) is run in the system
246 default locale (which is syslogd's locale). If this advice is not fol‐
247 lowed, it is possible for a syslog message to alter the terminal set‐
248 tings for that window, possibly even allowing remote execution of arbi‐
249 trary commands from that window.
250 The syslogd service is managed by the service management facility,
253 smf(5), under the service identifier:
254 svc:/system/system-log:default
256 Administrative actions on this service, such as enabling, disabling, or
261 requesting restart, can be performed using svcadm(1M). The service's
262 status can be queried using the svcs(1) command.
263 When syslogd is started by means of svcadm(1M), if a value is specified
266 for LOG_FROM_REMOTE in the /etc/defaults/syslogd file, the SMF property
267 svc:/system/system-log/config/log_from_remote is set to correspond to
268 the LOG_FROM_REMOTE value and the /etc/default/syslogd file is modified
269 to replace the LOG_FROM_REMOTE specification with the following com‐
270 ment:
271 # LOG_FROM_REMOTE is now set using svccfg(1m), see syslogd(1m).
273 If neither LOG_FROM_REMOTE nor svc:/system/system-log/con‐
277 fig/log_from_remote are defined, the default is to log remote messages.
278 On installation, the initial value of svc:/system/system-log/con‐
281 fig/log_from_remote is false.
282SunOS 5.11 31 Oct 2008 syslogd(1M)