3.6.3 Other Error
Handling Commands
3.6.3 Other Error
Handling Commands
In order to log system messages, AIX uses syslogd. The syslogd daemon reads a datagram socket and sends each message line to a destination described by the /etc/syslog.conf configuration file. The syslogd daemon reads the configuration file when it is activated and when it receives a hang-up signal.
The syslogd daemon creates the /etc/syslog.pid file, which contains a single line with the command process ID used to end or reconfigure the syslogd daemon.
A terminate signal sent to the syslogd daemon ends the daemon. The syslogd daemon logs the end-signal information and terminates immediately.
Each message is one line. A message can contain a priority code marked by a digit enclosed in < > (angle braces) at the beginning of the line. Messages longer than 900 bytes may be truncated.
The /usr/include/sys/syslog.h include file defines the facility and priority codes used by the configuration file. Locally written applications use the definitions contained in the syslog.h file to log messages using the syslogd daemon.
The general syntax of the syslogd command is as follows:
syslogd [ -d ] [ -s ] [ -f ConfigurationFile ] [ -m MarkInterval ] [-r]
The flags commonly used when starting syslogd are
provided in Table 15.
Table 15: syslogd Daemon Flags
The syslogd daemon uses a configuration file to determine where to send a system message depending on the message's priority level and the facility that generated it. By default, syslogd reads the default configuration file /etc/syslog.conf, but if you specify the -f flag, you can specify an alternate configuration file.
The /etc/syslog.conf file controls the behavior of the syslogd daemon. For example, syslogd uses /etc/syslog.conf file to determine where to send the error messages or how to react to different system events. The following is a part of the default /etc/syslog.conf file.
/etc/syslog.conf - control output of syslogd # # Each line must consist of two parts:- # # 1) A selector to determine the message priorities to which the # line applies # 2) An action. # # The two fields must be separated by one or more tabs or spaces. # # format: # # <msg_src_list> <destination> # # where <msg_src_list> is a semicolon separated list of <facility>.<priority> # where: # # <facility> is: # * - all (except mark) # mark - time marks # kern,user,mail,daemon, auth,... (see syslogd(AIX Commands Reference)) # # <priority> is one of (from high to low): # emerg/panic,alert,crit,err(or),warn(ing),notice,info,debug # (meaning all messages of this priority or higher) # # <destination> is: # /filename - log to this file # username[,username2...] - write to user(s) # @hostname - send to syslogd on this machine # * - send to all logged in users # # example: # "mail messages, at debug or higher, go to Log file. File must exist." # "all facilities, at debug and higher, go to console" # "all facilities, at crit or higher, go to all users" # mail.debug /usr/spool/mqueue/syslog # *.debug /dev/console # *.crit *
In addition to the /etc/syslog.conf file that contains the settings for the syslogd daemon, the /etc/syslog.pid file contains a list of all the process IDs.
This section describes what the format is of the /etc/syslog.conf file is and how you can interpret the different entries in this file. Lines in the configuration file for the syslogd daemon contain a selector field and an action field separated by one or more tabs.
The selector field names a facility and a priority level. These are separate facility names with a comma (,), separate the facility and priority-level portions of the selector field with a period (.), and separate multiple entries in the same selector field with a semicolon (;). To select all facilities, use an asterisk (*).
The action field identifies a destination (file, host, or user) to receive the messages. If routed to a remote host, the remote system will handle the message as indicated in its own configuration file. To display messages on a user's terminal, the destination field must contain the name of a valid, logged-in system user.
Table 16 lists some of the facilities used in the
/etc/syslog.conf file. You can use these system facility names in the selector
field.
Table 16: Facilities Used in the /etc/syslog.conf File
Table 17 lists the priority levels used in the
/etc/syslog.conf file. You can use the message priority levels in the selector
field. Messages of the specified priority level and all levels above it are
sent as directed.
Table 17: Priority Levels for the /etc/syslog.conf File
Table 18 lists a few of the destinations that are used
in the /etc/syslog.conf file. You can use these message destinations in the
action field.
Table 18: Destination Description for the /etc/syslog.conf File
To customize the /etc/syslog.conf file so that your required conditions are met, the system log should be updated by editing the /etc/syslog.conf file. After you have edited and added your lines to the /etc/syslog.conf file, you need to restart the syslogd daemon. You can do this by running the following commands:
# ps -ef | grep syslogd root 5426 4168 0 Nov 01 - 0:00 /usr/sbin/syslogd root 24938 25854 2 12:04:03 pts/6 0:00 grep syslog
# stopsrc -s syslogd 0513-044 The stop of the syslogd Subsystem was completed successfully.
# ps -ef | grep syslogd root 26112 25854 2 12:04:16 pts/6 0:00 grep syslog
# startsrc -s syslogd 0513-059 The syslogd Subsystem has been started. Subsystem PID is 13494.
The following are a few examples on the /etc/syslog.conf file usage.
mail.debug /tmp/mailsyslog
Where:
*.debug;mail.none @rigil
Where:
*.emerg;mail,daemon.crit nick, jam
Where:
mail.debug *
Where:
3.8 Setting Up an ASCII
Terminal