syslog

System default log daemon

Supplementary instructions

syslog is the default log daemon in Linux systems. The default syslog configuration file is the /etc/syslog.conf file. Programs, daemons, and the kernel provide logging information for access to the system. Therefore, any program that wishes to generate log information can generate that information by making calls to the syslog interface.

Almost all network devices can transmit log information to the remote server in the User Datagram Protocol (UDP) through the syslog protocol. The remote receiving log server must listen to UDP port 514 through syslogd and configure the log information according to the syslog.conf configuration file. The configuration handles this machine, receives log information from the access system, and writes specified events into specific files for backend database management and response. This means that any event can be logged to one or more servers, so that the backend database can analyze the events of the remote device using the off-line method.

Typically, syslog accepts messages from various functions of the system, each message including a level of severity. The /etc/syslog.conf file tells syslogd how to report information based on the device and information severity.

Instructions

Creating and writing log information in /var/log is handled by the syslog protocol and is executed by the daemon sylogd. Every standard process can be logged using syslog. Logging can be done via syslogd using the logger command.

To record log information to the syslog file /var/log/messages:

logger this is a test log line

Output:
tail -n 1 messages
Jan 5 10:07:03 localhost root: this is a test log line

If you want to record a specific tag (tag) you can use:

logger -t TAG this is a test log line

Output:
tail -n 1 messages
Jan 5 10:37:14 localhost TAG: this is a test log line