标签:facilities security different message option
日志的分离
1)初学syslog
void openlog(const char *ident, int option, int facility);
void syslog(int priority, const char *format, ...);
void closelog(void);
facility
The facility argument is used to specify what type of program is logging
the message. This lets the configuration file specify that messages from
different facilities will be handled differently.
LOG_AUTH security/authorization messages (DEPRECATED Use LOG_AUTH-
PRIV instead)
LOG_AUTHPRIV security/authorization messages (private)
LOG_CRON clock daemon (cron and at)
LOG_DAEMON system daemons without separate facility value
LOG_FTP ftp daemon
LOG_KERN kernel messages (these can’t be generated from user pro-
cesses)
LOG_LOCAL0 through LOG_LOCAL7
reserved for local use
2)进学rsyslog
3) 退学syslog-ng
Jul 9 11:25:40 localhost rsyslogd-3000: unknown facility name "test" [try http://www.rsyslog.com/e/3000 ]
Jul 9 11:25:40 localhost rsyslogd: the last error occured in /etc/rsyslog.conf, line 58:"test.* /var/log/test"
Jul 9 11:25:40 localhost rsyslogd: warning: selector line without actions will be discarded
Jul 9 11:25:40 localhost rsyslogd-2124: CONFIG ERROR: could not interpret master config file ‘/etc/rsyslog.conf‘. [try http://www.rsyslog.com/e/2124 ]
1 unknown facility name "testprogram"
facility
The facility argument is used to specify what type of program is logging
the message. This lets the configuration file specify that messages from
different facilities will be handled differently.
标签:facilities security different message option
原文地址:http://5228690.blog.51cto.com/5218690/1436509