syslogd

SYSLOGD NAME syslogd -- Apple System Log server SYNOPSIS syslogd [-d] [-D] [-m mark_interval] [-p prune_days] [-c log_cutoff] [-l lib_path] [-u] [-module_name {0|1}] DESCRIPTION The syslogd server receives and processes log messages. Several modules receive input messages through various channels, including UNIX domain sockets associated with the syslog(3), asl(3), and kernel printf APIs, and optionally from a UDP socket if the ``udp_in'' module is enabled. The Apple System Log facility comprises the asl(3) API, a new syslogd server, and the syslog(1) command-line utility. The system supports structured and extensible messages, permitting advanced message browsing and management through search APIs and other components of the Apple system log facility. Log messages are retained in a data store, subject to pruning and input filtering as described below, to simplify the task of locating log messages and to facilitate browsing and searching. The data store is intended to become a replacement for the numerous log files that are currently found in various locations on the system. Those files will be phased out in future versions of Mac OS. The following options are recognized: -d Run syslogd in debugging mode. The server stays attached to the controlling terminal and prints debugging messages. -D Start as a daemon. This option forces syslogd to fork and have the child process become a daemon. Since syslogd is started by launchd, this is not normally required. -m Set the number of minutes between ``mark'' messages. The default is 20 minutes. The ``mark'' facility is disabled if the setting is zero minutes. -p syslogd saves log messages in a data store that may be searched using the syslog(1) utility or with the asl(3) API. The data store is pruned daily by the /etc/daily cron job to keep it from growing without bound. Since many systems are shut down overnight (when the daily cron job runs), the data store is also pruned shortly after syslogd starts up as the system boots. By default, log messages in the data store that are more than 7 days old are removed. The setting of the -p prune_days overrides the default. A setting of zero days disables pruning of the data store when syslogd starts up. -c Sets a cutoff filter for log priorities for messages to be retained in the log message data store. The value of log_cutoff must be between 0 and 7, corresponding to log priorities LOG_EMERG or ASL_LEVEL_EMERG and LOG_DEBUG or ASL_LEVEL_DEBUG as defined in the syslog(3) and asl(3) header files. Received messages with a priority or level value greater than the cutoff will not be saved in the data store. The default filter will retain messages in the range 0 (Emergency) to 5 (Notice) inclusive. Note that a this filter value may be adjusted while syslogd is running using the syslog command-line utility. See the syslog(1) manual. The filter may be adjusted using the ``-c'' option, e.g. sudo syslog -c syslogd -d will set the filter to retain messages in the range 0 (Emergency) to 7 (Debug). -l Specifies an alternate path for loading plug-in modules. By default, syslogd checks for plug-in modules in the directory /usr/lib/asl. -u Enables the ``udp_in'' module, configuring syslogd to act as a network log message receiver. The server will receive messages on the standard ``syslog'' UDP port. Note that this opens the server to potential denial-of-service attacks, as a malicious remote sender can flood the server with messages. The -u option is equivalent to using the -udp_in 1 option. The remaining options of the form -module_name {0|1} may be used to disable (0) or enable (1) the action of several of internal modules. -asl_in The ``asl_in'' module receives log messages on the UNIX domain socket associated with the asl(3) API. The module may be disabled using -asl_in 0. The module is normally enabled. -asl_action The ``asl_action'' module examines the stream of received log messages and acts upon them according to the rules specified in the file /etc/asl.conf. See asl.conf(5) for details. -klog_in The ``klog_in'' module receives log messages on the UNIX domain socket associated with the kernel logging API. The module may be disabled using -klog_in 0. The module is normally enabled. -bsd_in The ``bsd_in'' module receives log messages on the UNIX domain socket associated with the syslog(3) API. The module may be disabled using -bsd_in 0. The module is normally enabled. -bsd_out The ``bsd_out'' module examines the stream of received log messages and acts upon them according to the rules specified in the file /etc/syslog.conf. See syslog.conf(5) for details. This module exists for backward compatibility with previous syslogd implementations. Apple encourages use of the syslog(1) and asl(3) search APIs over the use of the log files that are specified in the /etc/syslog.conf file. Future versions of Mac OS will move functions that are currently handled by the ``bsd_out'' module to the ``asl_action'' module. -udp_in The ``udp_in'' module receives log messages on the UDP socket associated with the Internet syslog message protocol. The module may be enabled using -udp_in 1. The module is normally disabled. This module may also be enabled using the -u option. syslogd initializes its built-in modules and loads plug-ins during its start-up. The data store is pruned approximately 5 minutes after startup. syslogd reinitializes in response to a HUP signal. FILES /etc/syslog.conf bsd_out module configuration file /etc/asl.conf asl_action module configuration file /var/run/syslog.pid process ID file /var/run/log name of the UNIX domain datagram log socket /dev/klog kernel log device SEE ALSO syslog(1), logger(1), asl(3), syslog(3), asl.conf(5) syslog.conf(5) HISTORY The syslogd utility appeared in 4.3BSD. The Apple System Log facility was introduced in Mac OS X 10.4. Mac OS X October 18, 2004 Mac OS X
manual pages:

3 A B C D E F G H I L M N O P Q R S T U W X _
a b c d e f g h i j k l m n o p q r s t u v w x y z

www.osxterminal.com is a website by Andreas Wacker