Log - Syslog

> (Data|State) Management and Processing > (Data Type|Data Structure) > Log - Logging

1 - About

Syslog is a (specification|standard) for computer data logging. It separates:

  • the software that generates messages
  • from the system that stores them
  • and the software that reports and analyzes them.

3 - Linux

Syslog is a standard logging facility. It collects messages of various programs and services including the kernel, and stores them, depending on setup, in a bunch of log files typically under /var/log.

According to my /etc/syslog.conf:

  • /var/log/kern.log captures only the kernel's messages of any log level; i.e. the output of dmesg.
  • /var/log/messages instead aims at storing valuable, non-debug and non-critical messages. This log should be considered the “general system activity” log.
  • /var/log/syslog in turn logs everything, except auth related messages.
  • /var/log/auth.log.
  • /var/log/mail.log.

4 - Documentation / Reference