Re: syslogd question (modifying syslogd.c)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Thank You David :)

On 11/13/05, David Tonhofer, m-plify S.A. <d.tonhofer@xxxxxxxxxxx> wrote:
--On Sunday, November 13, 2005 4:59 PM +0530 Nikhil <mnikhil.juno@xxxxxxxxx> wrote:

> But this is not the same on Solaris, as I do get them on a Solaris ' syslog . Why this should not be the case with Linux as well ?
>
>
> On 11/12/05, David Tonhofer, m-plify S.A. <d.tonhofer@xxxxxxxxxxx > wrote:
>
> I'm pretty sure that there is no way to set up the format without changing syslogd's
> code (which is probably not hard to do, BTW).
>

Because Solaris != Linux ?

Seriously though, Solaris seems to have more feature-full logging facilities.
Which is nice. In particular:

man log (7D):        http://docs.sun.com/app/docs/doc/816-5177/6mbbc4g7k?a=view
man syslogd (1M):     http://docs.sun.com/app/docs/doc/816-5166/6mbb1kqig?a=view
man syslog.conf (4): http://docs.sun.com/app/docs/doc/816-5174/6mbb98uka?a=view

In 'log', we read:

"log is a STREAMS software device driver that provides an interface for console
logging and for the STREAMS error logging and event tracing processes"

And in 'syslogd':

"If message ID generation is enabled (see log(7D)), each message will be preceded
by an identifier in the following format: [ID msgid facility.priority]. msgid
is the message's numeric identifier described in msgid(1M). facility and priority
are described in syslog.conf(4). [ID 123456 kern.notice] is an example of an
identifier when message ID generation is enabled."

So you can configure logging through STREAMS ... but
AFAIK no-one ever bothered to polish STREAMS to a usable degree under Linux.
And it is not used for syslogging.


A quick peek at the source for syslog and syslogd

(obtained through:
  up2date --get-source  sysklogd
  rpm --install /var/spool/up2date/sysklogd-1.4.1-26_EL.src.rpm
  cd /usr/src/redhat/SOURCES/
  tar xzf sysklogd-1.4.1rh.tar.gz
  cd sysklogd-1.4.1rh
  vi syslog.c)

...reveals that the logging format is quite hardcoded.

In syslog ("the utility to log something"), the logging priority
is written out at the start of the line, enclosed in < >, if
the message goes to the 'local logger' but not if it goes to a
file. The 'local logger' would be syslogd, and indeed in
syslogd.c, one sees that the <pri> value is stripped out and used
to set the priority. After that, a lot of stuff happens to get
the message to where one wants it. But the priority is not included
in the final output.

So...if you absolutely need the priority, my best guess would be
to modify syslogd.c to insert it in the output, then install your
modified syslog-daemon.

Best regards,

-- David




[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux