linux syslog

 

 

syslogd 是后台跑的服务,从/dev/log 里读log, 然后推送到对应的/var/log,推送的规则是按照 /etc/rsyslog.d/50-default.conf 

rsyslog 是和syslogd 一样的,我理解. 推送规则按照 /etc/rsyslog.conf

jounald 是新的后台服务,可以支持 syslogd 支持的文件类型,journald logs are written in binary, and you need to use the journalctl command to view them.

 

Standard RFC5424

 

Ref:

https://linuxhandbook.com/syslog-guide/

https://www.linuxfordevices.com/tutorials/remote-syslog-in-linux

https://zhuanlan.zhihu.com/p/62793386

https://success.trendmicro.com/dcx/s/solution/TP000086250?language=en_US

 

https://devconnected.com/syslog-the-complete-system-administrator-guide/#:~:text=Syslog%20is%20used%20as%20a%20standard%20to%20produce%2C,and%20visualized%20on%20servers%20referred%20as%20Syslog%20servers.

https://devconnected.com/linux-logging-complete-guide/

 

posted @ 2023-07-04 10:31  mashuai_191  阅读(25)  评论(0编辑  收藏  举报