SYSLOGD
Section: Maintenance Commands (8)
Index
Return to Main Contents
BSD mandoc
BSD 4.2
NAME
syslogd
- log systems messages
SYNOPSIS
syslogd
[-ds
]
[-a allowed_peer
]
[-f config_file
]
[-m mark_interval
]
[-p log_socket
]
DESCRIPTION
Syslogd
reads and logs messages to the system console, log files, other
machines and/or users as specified by its configuration file.
The options are as follows:
- -a allowed_peer
-
Allow
allowed_peer
to log to this
syslogd
using UDP datagrams. Multiple
-a
options may be specified.
Allowed_peer
can be any of the following:
- ipaddr/masklen [:service
]
-
Accept datagrams from
ipaddr
(in the usual dotted quad notation) with
masklen
bits being taken into account when doing the address comparision. If
specified,
service
is the name or number of an UDP service (see
services(5))
the source packet must belong to. A
service
of
`*'
allows packets being sent from any UDP port. The default
service
is
`syslog'
A missing
masklen
will be substituted by the historic class A or class B netmasks if
ipaddr
belongs into the address range of class A or B, respectively, or
by 24 otherwise.
- domainname [:service
]
-
Accept datagrams where the reverse address lookup yields
domainname
for the sender address. The meaning of
service
is as explained above.
- *domainname [:service
]
-
Same as before, except that any source host whose name
ends
in
domainname
will get permission.
- -d
-
Put
syslogd
into debugging mode. This is probably only of use to developers working on
syslogd
- -f
-
Specify the pathname of an alternate configuration file;
the default is
/etc/syslog.conf
- -m
-
Select the number of minutes between ``mark'' messages;
the default is 20 minutes.
- -p
-
Specify the pathname of an alternate log socket;
the default is
/var/run/log
- -s
-
Operate in secure mode. Do not listen for log message from remote machines.
Syslogd
reads its configuration file when it starts up and whenever it
receives a hangup signal.
For information on the format of the configuration file,
see
syslog.conf5.
Syslogd
reads messages from the
UNIX
domain socket
/var/run/log
from an Internet domain socket specified in
/etc/services
and from the special device
/dev/klog
(to read kernel messages).
Syslogd
creates the file
/var/run/syslog.pid
and stores its process
id there.
This can be used to kill or reconfigure
syslogd
The message sent to
syslogd
should consist of a single line.
The message can contain a priority code, which should be a preceding
decimal number in angle braces, for example,
`Aq 5.
'
This priority code should map into the priorities defined in the
include file
Aq Pa sys/syslog.h .
FILES
- /etc/syslog.conf
-
The configuration file.
- /var/run/syslog.pid
-
The process id of current
syslogd
- /var/run/log
-
Name of the
UNIX
domain datagram log socket.
- /dev/klog
-
The kernel log device.
SEE ALSO
logger(1),
syslog(3),
services(5),
syslog.conf5
HISTORY
The
syslogd
command appeared in
BSD 4.3
The
-s
and
-a
options are
Fx 2.2
extensions.
BUGS
The ability to log messages received in UDP packets is equivalent to
an unauthenticated remote disk-filling service, and should probably be
disabled by default. Some sort of
inter- syslogd
authentication mechanism ought to be worked out. To prevent the worst
abuse, use of the
-a
option is therefore highly recommended.
The
-a
matching algorithm doesn't pretend to be very efficient; use of numeric
IP addresses is faster than domain name comparision. Since the allowed
peer list is being walked linearly, peer groups where frequent messages
are being anticipated from should be put early into the
-a
list.
The log socket was moved from
/dev
to ease the use of a read-only root filesystem. This may confuse
some old binaries so that a symbolic link might be used for a
transitional period.
Index
- NAME
-
- SYNOPSIS
-
- DESCRIPTION
-
- FILES
-
- SEE ALSO
-
- HISTORY
-
- BUGS
-
This document was created by
man2html,
using the manual pages.
Time: 03:08:37 GMT, January 13, 2023