9.28. Testing a syslog Configuration

Problem

You want to find out where all your syslog messages go.

Solution

#!/bin/sh
PROG=`basename "$0"`
FACILITIES='auth authpriv cron daemon ftp kern lpr mail news syslog user uucp
        local0 local1 local2 local3 local4 local5 local6 local7'
PRIORITIES='emerg alert crit err warning notice info debug'
for f in $FACILITIES
do
        for p in $PRIORITIES
        do
                logger -p $f.$p "$PROG[$$]: testing $f.$p"
        done
done

Discussion

This script simply iterates through all syslog facilities and priorities, sending a message to each combination. After running it, examine your log files to see which messages ended up where.

If you don’t want to hard-code the facilities and priorities (in case they change), write an analogous program in C and reference the names directly in /usr/include/sys/syslog.h.

See Also

logger(1), syslogd(8), syslog.conf(5).

syslog-ng (“new generation”) is a more powerful replacement for the standard system logger. If you crave more features or are frustrated by limitations of facilities and priorities, check out http://www.balabit.com/products/syslog_ng.

Get Linux Security Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial