syslogd notes

This post was written by eli on October 17, 2015
Posted Under: Linux,Linux kernel

A few jots on playing with the system logger (the one that writes to /var/log/messages) on an ancient CentOS 5.5.

First, check the version: It says

Oct  6 15:12:06 diskless syslogd 1.4.1: restart.

So it’s a quite old revision of syslogd, unfortunately. There are no filter conditions to rely on.

The relevant configuration file is /etc/syslog.conf. First, one may divert the log messages from /var/log/messages to /var/log/kernel by changing

*.info;mail.none;authpriv.none;cron.none                /var/log/messages

to

*.info;mail.none;authpriv.none;cron.none;kern.none              /var/log/messages

kern.*                                                          /var/log/kernel-junk

Or, alternatively, divert only less-than-warnings messages to kernel-junk (with lazy flushing):

*.info;mail.none;authpriv.none;cron.none;kern.none;kern.warn		/var/log/messages

kern.*							-/var/log/kernel-junk

The trick is that kern.none disables all kernel messages to /var/log/messages. The following kern.warn turns warnings and up back on. kernel-junk gets everything.

Add a Comment

required, use real name
required, will not be published
optional, your blog address

Next Post:
Previose Post: