SYSLOGD(8) | System Manager's Manual | SYSLOGD(8) |
syslogd
—
syslogd |
[-dnrSsTUvX ] [-B
buffer_length] [-b
bind_address] [-f
config_file] [-g
group] [-m
mark_interval] [-o
output_format] [-P
file_list] [-p
log_socket [-p
log_socket2 ...]] [-t
chroot_dir] [-u
user] |
syslogd
reads and logs messages to the system console,
log files, other machines and/or users as specified by its configuration file.
The options are as follows:
-B
buffer_length-X
option.-b
bind_address-d
-f
config_file-g
group-m
mark_interval-n
-o
output_format-P
-p
log_socket-p
options create multiple log sockets. If no -p
arguments are given, the default socket of
/var/run/log is used.-r
-S
-s
syslogd
does not listen on a UDP socket but only
communicates over a UNIX domain socket. This is
valuable when the machine on which syslogd
runs is
subject to attack over the network and it is desired that the machine be
protected from attempts to remotely fill logs and similar attacks.-T
-t
chroot_dir-U
-u
user-v
-X
syslogd
reads its configuration file when
it starts up and whenever it receives a hangup signal. For information on
the format of the configuration file, see
syslog.conf(5).
syslogd
reads messages from the
UNIX domain socket
/var/run/log, from an Internet domain socket
specified in /etc/services, and from the special
device /dev/klog (to read kernel messages).
syslogd
creates the file
/var/run/syslogd.pid, and stores its process id
there. This can be used to kill or reconfigure
syslogd
.
By using multiple -p
options, one can set
up many chroot environments by passing the pathname to the log socket
(/var/run/log) in each chroot area to
syslogd
. For example:
syslogd -p /var/run/log -p
/web/var/run/log -p /ftp/var/run/log
Note: the normal log socket must now also be passed to
syslogd
.
The logged message includes the date, time, and hostname (or pathname of the log socket). Commonly, the program name and the process id is included.
The date and time are taken from the received message. If the
format of the timestamp field is incorrect, time obtained from the local
host is used instead. This can be overridden by the
-T
flag.
Accesses from UDP socket can be filtered by libwrap configuration
files, like /etc/hosts.deny. Specify
“syslogd
” in
daemon_list portion of the configuration files. Refer
to hosts_access(5) for
details.
syslogd
accepts messages in traditional BSD Syslog or in
newer Syslog Protocol format. See RFC 3164 (BSD Syslog) and RFC 5424 (Syslog
Protocol) for detailed description of the message format. Messages from the
local kernel that are not tagged with a priority code receive the default
facility LOG_KERN
and priority
LOG_NOTICE
. All other untagged messages receive the
default facility LOG_USER
and priority
LOG_NOTICE
.
syslogd
.The BSD syslog Protocol, RFC, 3164, August 2001.
The Syslog Protocol, RFC, 5424, March 2009.
syslogd
command appeared in
4.3BSD. Support for multiple log sockets appeared in
NetBSD 1.4. libwrap support appeared in
NetBSD 1.6. Support for RFC 5424, TLS encryption and
authentication, signed messages appeared in NetBSD
6.0.
November 4, 2018 | NetBSD 9.4 |