reads and logs messages to the system
console, log files, pipes to other programs, other machines and/or users as
specified by its configuration file.
The options are as follows:
- Forces syslogd to use only
IPv4 addresses for UDP.
- Forces syslogd to use only
IPv6 addresses for UDP.
- Specify a location where
syslogd should place an additional log
socket. Up to 20 additional logging sockets can be specified. The primary
use for this is to place additional log sockets in
/dev/log of various chroot filespaces, though
the need for these is less urgent after the introduction of
- PEM encoded file containing CA certificates used for
certificate validation; the default is
- Enable debugging to the standard output, and do not
disassociate from the controlling terminal.
- Specify the pathname of an alternate configuration file;
the default is /etc/syslog.conf.
- Include the hostname when forwarding messages to a remote
- Select the number of minutes between “mark”
messages; the default is 20 minutes.
- Print source addresses numerically rather than
symbolically. This saves an address-to-name lookup for each incoming
message, which can be useful when combined with the
-u option on a loghost with no DNS cache.
Messages from the local host will still be logged with the symbolic local
- Specify the pathname of an alternate log socket to be used
instead; the default is /dev/log.
- Specify path to an
AF_LOCAL socket for use in reporting
logs stored in memory buffers using
- Select the historical “insecure” mode, in
which syslogd will accept input from the UDP port. Some software wants
this, but you can be subjected to a variety of attacks over the network,
including attackers remotely filling logs.
- Do not perform server certificate and hostname
reads its configuration file when it starts
up and whenever it receives a hangup signal. For information on the format of
the configuration file, see
creates the file
, and stores its process ID
there. This can be used to kill or reconfigure
opens an Internet domain socket as
specified in /etc/services
will only use this socket to send
messages outwards, but in “insecure” mode it will also read
messages from this socket. syslogd
also opens and
reads messages from the UNIX
, and from the special device
(to read kernel messages).
opens the above described socket whether or
not it is running in secure mode. If syslogd
running in secure mode, all incoming data on this socket is discarded. The
socket is required for sending forwarded messages.
The message sent to syslogd
should consist of a
single line. The message can contain a priority code, which should be a
preceding decimal number in angle braces, for example,
“⟨5⟩”. This priority code should map into the
priorities defined in the include file
- configuration file
- process ID of current
- name of the UNIX-domain datagram
- kernel log device
command appeared in
does not create files, it only logs to