[syslog-ng] why /var/log/syslog, /var/log/messages etc
Jim Hendrick
jrhendri at maine.rr.com
Sat Jan 6 04:14:30 CET 2007
Mostly it is historical coupled with the limitations of the standard syslog.
It can only differentiate by facility, with the priority settings only
governing what the lowest level message that is captured (for all practical
purposes anyway).
With these limitations, it became useful to separate some of the files due
to the volume of data produced.
However, when using syslog-ng *please* do not try to emulate the vendor
scheme. You can (and should) do much better.
Hope this helps.
Jim
> -----Original Message-----
> From: syslog-ng-bounces at lists.balabit.hu
> [mailto:syslog-ng-bounces at lists.balabit.hu] On Behalf Of Zoilo Gomez
> Sent: Friday, January 05, 2007 9:31 AM
> To: syslog-ng at lists.balabit.hu
> Subject: [syslog-ng] why /var/log/syslog, /var/log/messages etc
>
>
> I would be interested in a link to a document, explaining what is the
> idea behind log-files like /var/log/syslog and /var/log/messages etc,
> and why some information is often being written to 2 or more files
> instead of 1.
>
> And why some distros will log DHCP-messages to /var/log/daemon.log,
> while others will use a different log file.
>
> Of course I know that this is all up to myself to decide, but I would
> like to understand better what is the reasoning behind the
> various options.
>
> Z.
> _______________________________________________
> syslog-ng maillist - syslog-ng at lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/sysl> og-ng
>
> Frequently asked questions at
> http://www.campin.net/syslog-ng/faq.html
>
More information about the syslog-ng
mailing list