9.3 The startsrc
The syslogd daemon reads a datagram socket and sends each message line to a destination described by the /etc/syslog.conf configuration file. The syslogd daemon reads the configuration file when it is activated and when it receives a hangup signal. The syslogd daemon provides the syslog function for AIX.
The syslogd daemon is started during system IPL by
srcmstr. The stanza in ODM is shown as follows in
Figure 82: Syslogd Stanza in ODM
The configuration file informs the syslogd daemon where to send a system message depending on the message's priority level and the facility that generated it.
If you do not use the -f flag to specify an alternate configuration file, the default configuration file /etc/syslog.conf file is used.
The syslogd daemon ignores blank lines and lines beginning with a # (pound sign).
Lines in the configuration file for the syslogd daemon contain a selector field and an action field separated by one or more tabs.
The selector field names a facility and a priority level. Separate facility names with a , (comma). Separate the facility and priority-level portions of the selector field with a . (period). Separate multiple entries in the same selector field with a ; (semicolon). To select all facilities, use an * (asterisk).
The action field identifies a destination (file, host, or user) to receive the messages. If routed to a remote host, the remote system will handle the message as indicated in its own configuration file. To display messages on a user's terminal, the destination field must contain the name of a valid, logged-in system user.
The last part of the default /etc/syslog.conf is shown in
Figure 83: Sample syslog Configuration File
If you decide to capture the warning messages from all users in the /var/spool/syslog file, you should do the following:
chmod 666 /var/spool/syslog
refresh -s syslogd
The syslogd daemon reads the configuration file when it is activated and when it receives a hangup signal. You can recycle the syslogd daemon by stopping and then starting it.
Alternatively, you can refresh the syslogd daemon by sending a HUP signal.
Note the PID of the syslogd process, for example, 5682.
The syslogd daemon logs messages received from remote hosts unless you use the -r flag to suppress it.
In the /etc/syslog.conf of the remote hosts, instead of specifying the full path name of the file for logging message for the destination part, put in @Host where Host is the hostname of the remote system.
9.5 Refreshing a