svn commit: r38967 - head/en_US.ISO8859-1/books/handbook/config

Benjamin Kaduk bjk at freebsd.org
Sun Jun 3 05:58:25 UTC 2012


On Sat, 2 Jun 2012, Benedict Reuschling wrote:

> Author: bcr
> Date: Sat Jun  2 21:43:10 2012
> New Revision: 38967
> URL: http://svn.freebsd.org/changeset/doc/38967
>
> Log:
>  This change adds much more information about syslogd and newsyslog
>  than we had before in the configuration chapter. It describes how
>  the system logger can be configured, the rationale behind it and
>  the most important field that the user should edit.
>
>  PR:		docs/168305
>  Submitted by:	Niclas Zeising (zeising daemonic se)
>  Reviewed by:	wblock@, myself
>
> Modified:
>  head/en_US.ISO8859-1/books/handbook/config/chapter.sgml
>
> Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.sgml
> ==============================================================================
> --- head/en_US.ISO8859-1/books/handbook/config/chapter.sgml	Sat Jun  2 19:28:33 2012	(r38966)
> +++ head/en_US.ISO8859-1/books/handbook/config/chapter.sgml	Sat Jun  2 21:43:10 2012	(r38967)
> @@ -1415,6 +1415,303 @@ ifconfig_fxp0_alias7="inet 202.0.75.20 n
[...]
> +
> +    <title>Configuring the system logger
> +      <application>syslogd</application></title>
> +
> +    <indexterm><primary>system logging</primary></indexterm>
> +    <indexterm><primary>syslog</primary></indexterm>
> +    <indexterm><primary>syslogd</primary></indexterm>
> +
> +    <para>System logging is an important aspect of system
> +      administration.  It is used both to detect hardware and software
> +      issues and errors in the system, as well as playing a very
> +      important role in security auditing and incident response.

The tense seems to change in the middle of this sentence (that is,
"playing" does not really match up to anything.  I would probably
s/, as well as playing/; it also plays/ .

> +      System daemons without a controlling terminal also usually log
> +      information to a system logging facility or other log
> +      file.</para>
> +
[...]
> +
> +      <para>Configuring &man.syslogd.8; is quite straight
> +	forward.  The configuration file contains one line per action,
> +	and the syntax for each line is a selector field followed by
> +	an action field.  The syntax of the selector field is
> +	<replaceable>facility.level</replaceable> and this will match

Should the '.' be <replacable>?
I think I would like s/ and this/, which/ .

> +	log messages from <replaceable>facility</replaceable> at level
> +	<replaceable>level</replaceable> or higher.  It is also
> +	possible to add an optional comparison flag before the level
> +	to specify more precisely what is logged. Multiple
> +	selector fields can be used for the same action, and are
> +	separated with a semicolon (<literal>;</literal>).  Using
> +	<literal>*</literal> will match everything.

Hmm, okay, maybe the '.' should remain <replacable> if there is also the 
'*' form.

> +	The action field denotes where to send the log message,
> +	such as a file or a remote log host.  As an example, here is
> +	the default <filename>syslog.conf</filename> from &os;:</para>
> +
> +      <programlisting># &dollar;&os;&dollar;
> +#
> +#       Spaces ARE valid field separators in this file. However,
> +#       other *nix-like systems still insist on using tabs as field
> +#       separators. If you are sharing this file between systems, you
> +#       may want to use only tabs as field separators here.
> +#       Consult the &man.syslog.conf.5; manpage.
> +*.err;kern.warning;auth.notice;mail.crit                /dev/console <co id="co-syslog-many-match">
> +*.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err   /var/log/messages
> +security.*                                      /var/log/security
> +auth.info;authpriv.info                         /var/log/auth.log
> +mail.info                                       /var/log/maillog <co id="co-syslog-one-match">
> +lpr.info                                        /var/log/lpd-errs
> +ftp.info                                        /var/log/xferlog
> +cron.*                                          /var/log/cron
> +*.=debug                                        /var/log/debug.log <co id="co-syslog-comparison">
> +*.emerg                                         *
> +# uncomment this to log all writes to /dev/console to /var/log/console.log
> +#console.info                                   /var/log/console.log
> +# uncomment this to enable logging of all log messages to /var/log/all.log
> +# touch /var/log/all.log and chmod it to mode 600 before it will work
> +#*.*                                            /var/log/all.log

Or wait, does '*' not actually match everything and '*.*' is needed?

> +# uncomment this to enable logging to a remote loghost named loghost
> +#*.*                                            @loghost
> +# uncomment these if you're running inn
> +# news.crit                                     /var/log/news/news.crit
> +# news.err                                      /var/log/news/news.err
> +# news.notice                                   /var/log/news/news.notice
> +!ppp <co id="co-syslog-prog-spec">
> +*.*                                             /var/log/ppp.log
> +!*</programlisting>
> +
> +      <calloutlist>
> +	<callout arearefs="co-syslog-many-match">
> +	  <para>Match all messages with a level of
> +	    <literal>err</literal> or higher, as well as
> +	    <literal>kern.warning</literal>,
> +	    <literal>auth.notice</literal> and
> +	    <literal>mail.crit</literal>, and sends these log messages

Another tense mismatch; 'Match'/'sends' do not agree; I would prefer to go 
with 'send'.

> +	    to the console (<filename>/dev/console</filename>).</para>
> +	</callout>
> +
> +	<callout arearefs="co-syslog-one-match">
> +	  <para>Match all messages from the <literal>mail</literal>
> +	    facility at level <literal>info</literal> or above, and
> +	    logs the messages to

Likewise here, just "log" would be fine.

> +	    <filename>/var/log/maillog</filename>.</para>
> +	</callout>
> +
> +	<callout arearefs="co-syslog-comparison">
> +	  <para>This line uses a comparison flag, <literal>=</literal>
> +	    to only match messages at level <literal>debug</literal>,
> +	    and logs them in

and here.

> +	    <filename>/var/log/debug.log</filename>.</para>
> +	</callout>
[...]
> +
> +      <para>For more information about the different levels and
> +	facilities, refer to &man.syslog.3; and &man.syslogd.8;.
> +	For more information about <filename>syslog.conf</filename>,
> +	its syntax and more advanced usage examples, see
Someone mentioned an Oxford comma?
> +	&man.syslog.conf.5; and <xref
> +	linkend="network-syslogd">.</para>
> +    </sect2>
> +
> +    <sect2>
> +      <title>Log management and rotation with
> +	<application>newsyslog</application></title>
> +
> +      <indexterm><primary>newsyslog</primary></indexterm>
> +      <indexterm><primary>newsyslog.conf</primary></indexterm>
> +      <indexterm><primary>log rotation</primary></indexterm>
> +      <indexterm><primary>log management</primary></indexterm>
> +
> +      <para>Log files tend to grow quickly and accumulate steadily.
> +	This leads to the files being full of less immediately useful
> +	information, as well as filling up the hard drive.  To
> +	mitigate this, log management comes into play.  In &os;,
> +	&man.newsyslog.8; is the tool used to manage log files.  This
> +	program is used to periodically rotate and compress log files,
> +	as well as optionally create missing log files and signal
> +	programs when log files are moved.  The log files do not
> +	necessarily have to come from syslog, &man.newsyslog.8; works

I think this might be better as a semicolon.

-Ben

> +	with any logs written from any program.  It is important to
> +	note that <command>newsyslog</command> is normally run from
> +	&man.cron.8; and is not a system daemon.  In the default
> +	configuration it is run every hour.</para>
> +


More information about the svn-doc-all mailing list