SYSLOGD(8) BSD System Manager's Manual SYSLOGD(8)NAMEsyslogd - log systems messages
SYNOPSISsyslogd [-iln] [-f config_file] [-m mark_interval] [-p log_socket]
DESCRIPTION
Syslogd reads and logs messages to the system console, log files, other
machines and/or users as specified by its configuration file. The op-
tions are as follows:
-f Specify the pathname of an alternate configuration file; the de-
fault is /etc/syslog.conf.
-i Insecure mode. Do not log credentials of messages from non-root
users. The default is to log credentials of messages received
from other processes on the same host if the username is not
``root'' and neither the real or effective uids are zero.
-l Accept local connections only; do not accept connections on the
Internet domain socket. This is useful to prevent denial of ser-
vice attacks on a system set up as a firewall.
-m Select the number of minutes between ``mark'' messages; the de-
fault is 20 minutes.
-n Log requests from remote hosts with the source address. By de-
fault the source address is used to lookup the hostname of host
originating each message. Under heavy loads the delay incurred
doing this lookup could result in lost messages.
-p Specify the pathname of an alternate log socket; the default is
/var/run/log.
Syslogd reads its configuration file when it starts up and whenever it
receives a hangup signal. For information on the format of the configu-
ration file, see syslog.conf(5).
Syslogd reads messages from the LOCAL domain socket /var/run/log, from an
Internet domain socket specified in /etc/services, and from the special
device /dev/klog (to read kernel messages). Messages received on the In-
ternet and LOCAL domain sockets may be NULL terminated and may include a
single trailing newline, any other non-printable characters are encoded
into a visible representation by strvisx(3).
Syslogd creates the file /var/run/syslog.pid, and stores its process id
there. This can be used to kill or reconfigure syslogd.
The message sent to syslogd should consist of a single line. The message
can contain a priority code, which should be a preceding decimal number
in angle braces, for example, ``<5>''. This priority code should map into
the priorities defined in the include file <sys/syslog.h>.
FILES
/etc/syslog.conf The configuration file.
/var/run/syslog.pid The process id of current syslogd.
/var/run/log Name of the LOCAL domain datagram log socket.
/dev/klog The kernel log device.
SEE ALSOlogger(1), syslog(3), services(5), syslog.conf(5)HISTORY
The syslogd command appeared in 4.3BSD.
BUGS
No authentication is done on messages received via the Internet domain
socket. The source address of a message can easily be spoofed, as can
the translation of address to host name. Use of the -l flag whenever
possible to disable the reception of messages via the Internet domain
socket is recommended. Alternatively, the -n flag may be used to avoid
address to host name translation.
4.2 Berkeley Distribution Nov 27, 1996 2