Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
SYSLOGD(8)		  BSD System Manager's Manual		    SYSLOGD(8)

     syslogd --	log systems messages

     syslogd [-46Acdknsuv] [-a allowed_peer] [-b bind_address]
	     [-f config_file] [-l path]	[-m mark_interval] [-P pid_file]
	     [-p log_socket]

     The syslogd utility reads and logs	messages to the	system console,	log
     files, other machines and/or users	as specified by	its configuration

     The options are as	follows:

     -4	     Force syslogd to use IPv4 addresses only.

     -6	     Force syslogd to use IPv6 addresses only.

     -A	     Ordinarily, syslogd tries to send the message to only one address
	     even if the host has more than one	A or AAAA record.  If this op-
	     tion is specified,	syslogd	tries to send the message to all ad-

     -a	allowed_peer
	     Allow allowed_peer	to log to this syslogd using UDP datagrams.
	     Multiple -a options may be	specified.

	     Allowed_peer can be any of	the following:

	     ipaddr/masklen[:service]	 Accept	datagrams from ipaddr (in the
					 usual dotted quad notation) with
					 masklen bits being taken into account
					 when doing the	address	comparison.
					 ipaddr	can be also IPv6 address by
					 enclosing the address with `['	and
					 `]'.  If specified, service is	the
					 name or number	of an UDP service (see
					 services(5)) the source packet	must
					 belong	to.  A service of `*' allows
					 packets being sent from any UDP port.
					 The default service is	`syslog'.  If
					 ipaddr	is IPv4	address, a missing
					 masklen will be substituted by	the
					 historic class	A or class B netmasks
					 if ipaddr belongs into	the address
					 range of class	A or B,	respectively,
					 or by 24 otherwise.  If ipaddr	is
					 IPv6 address, a missing masklen will
					 be substituted	by 128.

	     domainname[:service]	 Accept	datagrams where	the reverse
					 address lookup	yields domainname for
					 the sender address.  The meaning of
					 service is as explained above.

	     *domainname[:service]	 Same as before, except	that any
					 source	host whose name	ends in
					 domainname will get permission.

	     The -a options are	ignored	if the -s option is also specified.

     -b	bind_address
	     Specify one specific IP address or	hostname to bind to.  If a
	     hostname is specified, the	IPv4 or	IPv6 address which corresponds
	     to	it is used.

     -c	     Disable the compression of	repeated instances of the same line
	     into a single line	of the form "last message repeated N times"
	     when the output is	a pipe to another program.  If specified
	     twice, disable this compression in	all cases.

     -d	     Put syslogd into debugging	mode.  This is probably	only of	use to
	     developers	working	on syslogd.

     -f	     Specify the pathname of an	alternate configuration	file; the de-
	     fault is /etc/syslog.conf.

     -k	     Disable the translation of	messages received with facility	"kern"
	     to	facility "user".  Usually the "kern" facility is reserved for
	     messages read directly from /dev/klog.

     -m	     Select the	number of minutes between "mark" messages; the default
	     is	20 minutes.

     -n	     Disable dns query for every request.

     -p	     Specify the pathname of an	alternate log socket to	be used	in-
	     stead; the	default	is /var/run/log.

     -P	     Specify an	alternative file in which to store the process ID.
	     The default is /var/run/

     -l	     Specify a location	where syslogd should place an additional log
	     socket.  Up to 19 additional logging sockets can be specified.
	     The primary use for this is to place additional log sockets in
	     /var/run/log of various chroot filespaces.

     -s	     Operate in	secure mode.  Do not log messages from remote ma-
	     chines.  If specified twice, no network socket will be opened at
	     all, which	also disables logging to remote	machines.

     -u	     Unique priority logging.  Only log	messages at the	specified pri-
	     ority.  Without this option, messages at the stated priority or
	     higher are	logged.	 This option changes the default comparison
	     from "=>" to "=".

     -v	     Verbose logging.  If specified once, the numeric facility and
	     priority are logged with each locally-written message.  If	speci-
	     fied more than once, the names of the facility and	priority are
	     logged with each locally-written message.

     The syslogd utility reads its configuration file when it starts up	and
     whenever it receives a hangup signal.  For	information on the format of
     the configuration file, see syslog.conf(5).

     The syslogd utility reads messages	from the UNIX domain socket
     /var/run/log, from	an Internet domain socket specified in /etc/services,
     and from the special device /dev/klog (to read kernel messages).

     The syslogd utility creates its process ID	file, by default
     /var/run/, and stores its process ID there.  This can be	used
     to	kill or	reconfigure syslogd.

     The message sent to syslogd should	consist	of a single line.  The message
     can contain a priority code, which	should be a preceding decimal number
     in	angle braces, for example, `<5>'.  This	priority code should map into
     the priorities defined in the include file	<sys/syslog.h>.

     For security reasons, syslogd will	not append to log files	that do	not
     exist; therefore, they must be created manually before running syslogd.

     /etc/syslog.conf	  configuration	file
     /var/run/  default process ID file
     /var/run/log	  name of the UNIX domain datagram log socket
     /dev/klog		  kernel log device

     logger(1),	syslog(3), services(5),	syslog.conf(5)

     The syslogd utility appeared in 4.3BSD.

     The -a, -s, -u, and -v options are	FreeBSD	2.2 extensions.

     The ability to log	messages received in UDP packets is equivalent to an
     unauthenticated remote disk-filling service, and should probably be dis-
     abled by default.	Some sort of inter-syslogd authentication mechanism
     ought to be worked	out.  To prevent the worst abuse, use of the -a	option
     is	therefore highly recommended.

     The -a matching algorithm doesn't pretend to be very efficient; use of
     numeric IP	addresses is faster than domain	name comparison.  Since	the
     allowed peer list is being	walked linearly, peer groups where frequent
     messages are being	anticipated from should	be put early into the -a list.

     The log socket was	moved from /dev	to ease	the use	of a read-only root
     file system.  This	may confuse some old binaries so that a	symbolic link
     might be used for a transitional period.

BSD			       November	24, 2001			   BSD


Want to link to this manual page? Use this URL:

home | help