Linux 在哪里存储我的 syslog?

我编写了一个简单的测试应用程序来记录日志文件中的内容。我正在使用 Linux 薄荷,在应用程序执行后,我尝试使用以下命令查看日志:

tail -n 100 /var/log/messages

但是文件消息既不存在,也不经过测试或其他。下面你可以找到我的代码。也许我做错了什么,文件没有存储在那里,或者我需要在 linux 薄荷登录。

#include <stdio.h>
#include <stdlib.h>
#include <syslog.h>


void init_log()
{
setlogmask(LOG_UPTO(LOG_NOTICE));
openlog("testd",LOG_CONS | LOG_PID | LOG_NDELAY, LOG_LOCAL1);
}


int main(void) {


init_log();
printf("Session started!");
syslog(LOG_NOTICE, "Session started!!");
closelog();


return EXIT_SUCCESS;
}
296426 次浏览
小开

syslog() generates a log message, which will be distributed by syslogd.

The file to configure syslogd is /etc/syslog.conf. This file will tell your where the messages are logged.

How to change options in this file ? Here you go http://www.bo.infn.it/alice/alice-doc/mll-doc/duix/admgde/node74.html

小开

Default log location (rhel) are

General messages:

/var/log/messages

Authentication messages:

/var/log/secure

Mail events:

/var/log/maillog

Check your /etc/syslog.conf or /etc/syslog-ng.conf (it depends on which of syslog facility you have installed)

Example:

$ cat /etc/syslog.conf
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none         /var/log/messages


# The authpriv file has restricted access.
authpriv.*                             /var/log/secure


# Log all the mail messages in one place.
mail.*                                 /var/log/maillog


#For a start, use this simplified approach.
*.*                                     /var/log/messages
小开

In addition to the accepted answer, it is useful to know the following ...

Each of those functions should have manual pages associated with them.

If you run man -k syslog (a keyword search of man pages) you will get a list of man pages that refer to, or are about syslog 

$ man -k syslog
logger (1)           - a shell command interface to the syslog(3) system l...
rsyslog.conf (5)     - rsyslogd(8) configuration file
rsyslogd (8)         - reliable and extended syslogd
syslog (2)           - read and/or clear kernel message ring buffer; set c...
syslog (3)           - send messages to the system logger
vsyslog (3)          - send messages to the system logger

You need to understand the manual sections in order to delve further.

Here's an excerpt from the man page for man, that explains man page sections :

The table below shows the section numbers of the manual followed  by
the types of pages they contain.


1   Executable programs or shell commands
2   System calls (functions provided by the kernel)
3   Library calls (functions within program libraries)
4   Special files (usually found in /dev)
5   File formats and conventions eg /etc/passwd
6   Games
7   Miscellaneous  (including  macro  packages and conven‐
tions), e.g. man(7), groff(7)
8   System administration commands (usually only for root)
9   Kernel routines [Non standard]

To read the above run 

$man man

So, if you run man 3 syslog you get a full manual page for the syslog function that you called in your code.

SYSLOG(3)                Linux Programmer's Manual                SYSLOG(3)


NAME
closelog,  openlog,  syslog,  vsyslog  - send messages to the system
logger


SYNOPSIS
#include <syslog.h>


void openlog(const char *ident, int option, int facility);
void syslog(int priority, const char *format, ...);
void closelog(void);


#include <stdarg.h>


void vsyslog(int priority, const char *format, va_list ap);

Not a direct answer but hopefully you will find this useful.

小开
最佳答案

On my Ubuntu machine, I can see the output at /var/log/syslog.

On a RHEL/CentOS machine, the output is found in /var/log/messages.

This is controlled by the rsyslog service, so if this is disabled for some reason you may need to start it with systemctl start rsyslog.

As noted by others, your syslog() output would be logged by the /var/log/syslog file.
You can see system, user, and other logs at /var/log.

For more details: here's an interesting link.

小开

Logging is very configurable in Linux, and you might want to look into your /etc/syslog.conf (or perhaps under /etc/rsyslog.d/). Details depend upon the logging subsystem, and the distribution.

Look also into files under /var/log/ (and perhaps run dmesg for kernel logs).

小开

You have to tell the system what information to log and where to put the info. Logging is configured in the /etc/rsyslog.conf file, then restart rsyslog to load the new config. The default logging rules are usually in a /etc/rsyslog.d/50-default.conf file.

小开

I'm running Ubuntu under WSL(Windows Subsystem for Linux) and systemctl start rsyslog didn't work for me.

So what I did is this:

$ service rsyslog start

Now syslog file will appear at /var/log/


提交答案