FreeBSD 4.7 Syslogs

JJB Barbish3 at adelphia.net
Sun May 16 07:44:49 PDT 2004 

Thanks for the additional info.

I tested using this  logger -p lpr.err  "test test"
There is no error message about logger not working.

And I get nothing in the /var/log/lpr-errs log file.

syslogd -d  shows nothing happening.

I am running 4.9. virgin install so all the config files are there.

This is so simple that the only conclusion is that it's broken in
4.x versions.

Can any one verify that it's working in 4.x versions.

Any ideas of suggestions of how to proceed to get the logger command
working?

-----Original Message-----
From: Micheal Patterson [mailto:micheal at tsgincorporated.com]
Sent: Sunday, May 16, 2004 5:04 AM
To: Matt "Cyber Dog" LaPlante; 'Matthew Seaman';
freebsd-questions at freebsd.org; Barbish3 at adelphia.net
Subject: Re: FreeBSD 4.7 Syslogs



----- Original Message -----
From: "JJB" <Barbish3 at adelphia.net>
To: "Matt "Cyber Dog" LaPlante" <webmaster at cyberdogtech.com>;
"'Matthew
Seaman'" <m.seaman at infracaninophile.co.uk>;
<freebsd-questions at freebsd.org>
Sent: Saturday, May 15, 2004 3:04 PM
Subject: RE: FreeBSD 4.7 Syslogs


> Well since you are new to FBSD and since the syslogd -d commands
> shows that you do not have logging specified in /etc/syslog.conf
for
> the messages file. You just do not know what you are looking at.
Who
> ever was sysadmin before you probably  commented it out for what
> ever reason.
>
> By the way I tried using the logger command on my 4.9 system and
it
> did not write any messages at all. So it is no help in debugging
> this problem. I read the man logger info and as usual the man page
> is useless. Who ever writes those must work real hard at writing
> sentences that convey no meanings.

Logger works just fine if you know how to use it and are running it
as root
and is a good tool for working with syslog problems. The man pages
tell you
quite a bit about provided you can interpret them effectively.

man logger:

logger [-46Ais] [-f file] [-h host] [-p pri] [-t tag] [message ...]

-p pri  Enter the message with the specified priority.  The priority
may
             be specified numerically or as a ``facility.level''
pair.  For
             example, ``-p local3.info'' logs the message(s) as
informational
             level in the local3 facility.  The default is
``user.notice.''


man syslogd will give you a list of all priorities and facilities.

Priorities:

LOG_EMERG     A panic condition.  This is normally broadcast to all
                   users.

LOG_ALERT     A condition that should be corrected immediately, such
as a
                   corrupted system database.

LOG_CRIT      Critical conditions, e.g., hard device errors.
LOG_ERR       Errors.
LOG_WARNING   Warning messages.
LOG_NOTICE    Conditions that are not error conditions, but should
possi-
                   bly be handled specially.
LOG_INFO      Informational messages.
LOG_DEBUG     Messages that contain information normally of use only
when
                   debugging a program.

Facilities:

LOG_AUTH      The authorization system: login(1), su(1), getty(8),
etc.
LOG_AUTHPRIV  The same as LOG_AUTH, but logged to a file readable
only by
                   selected individuals.
LOG_CONSOLE   Messages written to /dev/console by the kernel console
out-
                   put driver.
LOG_CRON      The cron daemon: cron(8).
LOG_DAEMON    System daemons, such as routed(8), that are not
provided
                   for explicitly by other facilities.
LOG_FTP       The file transfer protocol daemons: ftpd(8), tftpd(8).
LOG_KERN      Messages generated by the kernel.  These cannot be
gener-
                   ated by any user processes.
LOG_LPR       The line printer spooling system: lpr(1), lpc(8),
lpd(8),
                   etc.
LOG_MAIL      The mail system.
LOG_NEWS      The network news system.
LOG_SECURITY  Security subsystems, such as ipfw(4).
LOG_SYSLOG    Messages generated internally by syslogd(8).
LOG_USER      Messages generated by random user processes.  This is
the
                   default facility identifier if none is specified.
LOG_UUCP      The uucp system.
LOG_LOCAL0    Reserved for local use.  Similarly for LOG_LOCAL1
through
                   LOG_LOCAL7.

So, you have facilities of auth, authpriv, console, cron, daemon,
ftp, kern,
lpr, mail, news, security, syslog, user, uucp, local0 - local7 and
you have
priorities of: emerg, alert, crit, err, warning, notice, info and
debug

So, by doing the command logger -p <facility.priority> <message>
like so:

logger -p security.notice "This is a test of security.notice"

You get this in your security log which is default to
/var/log/security

May 16 03:24:14 router /kernel: ipfw: 65000 Deny TCP
222.90.22.52:4267
68.227.96.223:65506 in via ep0
May 16 03:30:03 router micheal: This is a test of security.notice

If you're running syslogd -d you'll see exactly what was sent to
syslogd and
where it was placed:

logmsg: pri 155, flags 0, from router, msg May 16 04:01:04 micheal:
This is
a test of security.notice
Logging to FILE /var/log/messages
Logging to CONSOLE /dev/console
Logging to FILE /var/log/security
logmsg: pri 166, flags 17, from router, msg May 16 04:01:04 router
micheal:
This is a test of security.notice

As you can see, I have *.notice going to messages and security.* to
security
and /dev/console.


--

Micheal Patterson
TSG Network Administration
405-917-0600

Confidentiality Notice:  This e-mail message, including any
attachments, is
for the sole use of the intended recipient(s) and may contain
confidential
and privileged information. Any unauthorized review, use, disclosure
or
distribution is prohibited. If you are not the intended recipient,
please
contact the sender by reply e-mail and destroy all copies of the
original
message.

More information about the freebsd-questions mailing list