Softpanorama
(slightly skeptical)
Open Source Software Educational Society
May the source be with you, but remember the KISS principle ;-)
Softpanorama Search
|
Softpanorama |
May the source be with you, but remember the KISS principle ;-)
Softpanorama Search
|
| News | See also | Recommended Links | Messages Facility | Messages Severity | Configuration Examples | Etc |
Syslog system messages are classified by two categories: facility and severity. Facility is the most weak and outdated category (uucp is probably no longer used in most countries). It is also very inflexible.
The notation used to classify syslog messages is facility.severity. For example, a critical message from mail daemon would be classified as mail.crit.
For any severity level specified, messages are logged for that and all less-severe levels. Only lesser levels of messages are ignored. For example, mail.warning causes warning-, err-, crit-, alert-, and emerg-level messages from the mail service to be logged.
Wild card notation is used in syslog notation. For example, *.err means severity level err messages from all facilities (except the mark facility).
|
For any severity level specified, messages are logged for that and all less-severe levels |
| Facility | Message Description |
|---|---|
| user | Generated by user processes. This is the default facility; messages not fitting any of the other listed categories here are classified as facility user. |
| kern | Generated by the system kernel. |
| Generated by the e-mail system. | |
| daemon | Generated by system daemons, such as ftpd. |
| auth | Generated by the authorization programs login, su, and getty. |
| lpr | Generated by the printing system. |
| news | Generated by the Usenet News system. |
| uccp | Generated by the UUCP system. |
| cron | Generated by cron and at. |
| local0-7 | Generated by up to eight locally defined categories numbered 0 through 7. |
| mark | Generated by syslog itself for timestamping logs. |
Severity levels looks slightly better and still make a lot
of sense, although definitions are fuzzy and exact categorization between,
say, crit and alert messages is non-obvious. IBM mainframe error classification
system is slightly better despite being even older then Unix capabilities
that Unix inherited from Sendmail ;-).
| Severity | Description | |
|---|---|---|
| emerg | 0 | The most severe messages that prevent continuation of operation, such as immediate system shutdown. Somewhat similar to Terminal errors in IBM mainframes |
| alert | 1 | System conditions requiring immediate attention (for example corrupted system database, insufficient disk space, run out of file descriptors, etc) |
| crit | 2 | Mostly serious system/application malfunctioning, such as failing hardware (hard device errors) or software. Usually non-recoverable. somewhat similar to Serious errors (S) in IBM mainframes |
| err | 3 | Mostly correctable errors, for example errors other that hard device errors. Continuation of the operation is possible. Usually all err conditions are automatically recoverable. Somewhat similar to IBM's error category (E). |
| warning | 4 | Warning messages. Somewhat similar to IBM's warning category (E). |
| notice | 5 | Notices requiring attention at a later time. Non-error conditions that might require special handling. difference with the warning is not very clear |
| info | 6 | Informational messages. |
| debug | 7 | Messages for debugging purposes. |
| none | 8 | Messages are not sent from the indicated facility to the selected file |
Copyright © 1996-2009 by Dr. Nikolai Bezroukov. www.softpanorama.org was created as a service to the UN Sustainable Development Networking Programme (SDNP) in the author free time. Submit comments This document is an industrial compilation designed and created exclusively for educational use and is placed under the copyright of the Open Content License(OPL). Site uses AdSense so you need to be aware of Google privacy policy. Original materials copyright belong to respective owners. Quotes are made for educational purposes only in compliance with the fair use doctrine.
Disclaimer:
Last modified: August 12, 2009