1 .\" Copyright (c) 1983, 1986, 1991, 1993
2 .\" The Regents of the University of California. All rights reserved.
4 .\" Redistribution and use in source and binary forms, with or without
5 .\" modification, are permitted provided that the following conditions
7 .\" 1. Redistributions of source code must retain the above copyright
8 .\" notice, this list of conditions and the following disclaimer.
9 .\" 2. Redistributions in binary form must reproduce the above copyright
10 .\" notice, this list of conditions and the following disclaimer in the
11 .\" documentation and/or other materials provided with the distribution.
12 .\" 4. Neither the name of the University nor the names of its contributors
13 .\" may be used to endorse or promote products derived from this software
14 .\" without specific prior written permission.
16 .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
17 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
20 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 .\" @(#)syslogd.8 8.1 (Berkeley) 6/6/93
36 .Nd log systems messages
40 .Op Fl a Ar allowed_peer
41 .Op Fl b Ar bind_address
42 .Op Fl f Ar config_file
43 .Op Fl l Oo Ar mode : Oc Ns Ar path
44 .Op Fl m Ar mark_interval
46 .Op Fl p Ar log_socket
50 utility reads and logs messages to the system console, log files, other
51 machines and/or users as specified by its configuration file.
53 The options are as follows:
54 .Bl -tag -width indent
58 to use IPv4 addresses only.
62 to use IPv6 addresses only.
66 tries to send the message to only one address
67 even if the host has more than one A or AAAA record.
68 If this option is specified,
70 tries to send the message to all addresses.
71 .It Fl a Ar allowed_peer
79 options may be specified.
82 can be any of the following:
83 .Bl -tag -width "ipaddr/masklen[:service]XX"
93 (in the usual dotted quad notation) with
95 bits being taken into account when doing the address comparison.
97 can be also IPv6 address by enclosing the address with
103 is the name or number of an UDP service (see
105 the source packet must belong to.
110 allows packets being sent from any UDP port.
117 is IPv4 address, a missing
119 will be substituted by the historic class A or class B netmasks if
121 belongs into the address range of class A or B, respectively, or
125 is IPv6 address, a missing
127 will be substituted by 128.
130 .Ar domainname Op : Ar service
133 Accept datagrams where the reverse address lookup yields
135 for the sender address.
138 is as explained above.
141 .No * Ar domainname Op : Ar service
144 Same as before, except that any source host whose name
153 options are ignored if the
155 option is also specified.
156 .It Fl b Ar bind_address
157 Specify one specific IP address or hostname to bind to.
158 If a hostname is specified,
159 the IPv4 or IPv6 address which corresponds to it is used.
161 Create log files that do not exist (permission is set to
164 Disable the compression of repeated instances of the same line
165 into a single line of the form
166 .Dq Li "last message repeated N times"
167 when the output is a pipe to another program.
168 If specified twice, disable this compression in all cases.
173 This is probably only of use to developers working on
176 Specify the pathname of an alternate configuration file;
178 .Pa /etc/syslog.conf .
180 Disable the translation of
181 messages received with facility
187 facility is reserved for messages read directly from
190 Select the number of minutes between
192 messages; the default is 20 minutes.
194 Disable dns query for every request.
196 Prefix kernel messages with the full kernel boot file as determined by
198 Without this, the kernel message prefix is always
201 Specify the pathname of an alternate log socket to be used instead;
205 Specify an alternative file in which to store the process ID.
207 .Pa /var/run/syslog.pid .
209 Specify the pathname of an alternate log socket for privileged
210 applications to be used instead; the default is
211 .Pa /var/run/logpriv .
213 Specify a location where
215 should place an additional log socket.
216 The primary use for this is to place additional log sockets in
218 of various chroot filespaces.
219 File permissions for socket can be specified in octal representation
220 before socket name, delimited with a colon.
221 Path to socket location must be absolute.
223 Operate in secure mode.
224 Do not log messages from remote machines.
226 specified twice, no network socket will be opened at all, which also
227 disables logging to remote machines.
229 Unique priority logging.
230 Only log messages at the specified priority.
231 Without this option, messages at the stated priority or higher are logged.
232 This option changes the default comparison from
238 If specified once, the numeric facility and priority are
239 logged with each locally-written message.
240 If specified more than once,
241 the names of the facility and priority are logged with each locally-written
247 utility reads its configuration file when it starts up and whenever it
248 receives a hangup signal.
249 For information on the format of the configuration file,
255 utility reads messages from the
260 .Pa /var/run/logpriv ,
261 from an Internet domain socket specified in
263 and from the special device
265 (to read kernel messages).
269 utility creates its process ID file,
271 .Pa /var/run/syslog.pid ,
272 and stores its process
274 This can be used to kill or reconfigure
279 should consist of a single line.
280 The message can contain a priority code, which should be a preceding
281 decimal number in angle braces, for example,
283 This priority code should map into the priorities defined in the
287 For security reasons,
289 will not append to log files that do not exist (unless
291 option is specified);
292 therefore, they must be created manually before running
295 .Bl -tag -width /var/run/syslog.pid -compact
296 .It Pa /etc/syslog.conf
298 .It Pa /var/run/syslog.pid
299 default process ID file
303 domain datagram log socket
304 .It Pa /var/run/logpriv
306 socket for privileged applications
332 The ability to log messages received in UDP packets is equivalent to
333 an unauthenticated remote disk-filling service, and should probably be
336 .No inter- Ns Nm syslogd
337 authentication mechanism ought to be worked out.
341 option is therefore highly recommended.
345 matching algorithm does not pretend to be very efficient; use of numeric
346 IP addresses is faster than domain name comparison.
348 peer list is being walked linearly, peer groups where frequent messages
349 are being anticipated from should be put early into the
353 The log socket was moved from
355 to ease the use of a read-only root file system.
357 some old binaries so that a symbolic link might be used for a