Shulou(Shulou.com)06/03 Report--

What's the difference between syslog and rsyslog? To solve this problem, today the editor summarizes this article about syslog and rsyslog, hoping to help more friends who want to solve this problem to find a more simple and feasible way.

Syslog log collector:

Syslog is the log collector of the earlier version of centos, which should be the previous version of centos5.

Two important daemons for syslog:

1 、 syslogd:system . Mainly focus on collecting system services.

2 、 klogd:kernel . Mainly to collect kernel information.

Two important working mechanisms of syslog:

1. Support stand-alone mode

2. Support Cramp S architecture, which can be provided to logging service through UDP or TCP protocol.

Rsyslog log collector:

Process name of rsyslogd: rsyslogd

Configuration file for rsyslog: / etc/rsyslog.conf

Features of rsyslog:

1. Multithreading

2 、 UDP,TCP,SSL

3. Store log information and database management systems such as MYSQL and PGSQL.

4. Powerful filter to filter any part of the log information.

5. Custom output format

Key terms of rsyslog log collector:

Facility: facility for classifying logs functionally or programmatically:

Auth,authpriv,cron,daemon,kern,Ipr,mail,mark,news,security,user,uucp,local0-local7,syslog

This section is mainly in the "RULES" section of the / etc/rsyslog.conf file.

Priority: priority, which is understood as log level:

Debug, info, notice, warn (warning), error,crit (critical), alert,emerg (panic)

Specify the level:

*: all levels

None: no level

Priority: this level is above all levels above this level

= priority: this level only

.

Rsyslog server:

/ etc/rsyslog.conf file, here we open tcp port 514

Recorded in the MySQL log:

Various log files under Linux / var/log directory are explained:

1) / var/log/secure: record the user's login information, such as SSH,telnet,ftp, etc.

2) / var/log/btmp: record the login failure information, which has been encoded, so you must use last parsing

3) / var/log/messages: almost all errors that occur in the system during startup are recorded here.

4) / var/log/boot.log: record some service information for startup or shutdown

5) / var/log/cron: used to record the logs generated by the execution of task plans for the crontab service

6) / var/log/utmp: record the users who log in now

7) / var/log/dmesg: kernel log

8) / var/log/kern: information generated by the kernel

9) / var/log/daemon.log: logs generated by the system monitor.

After reading the above, do you have a general understanding of syslog and rsyslog? If you want to know more about the content of the article, welcome to follow the industry information channel, thank you for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.