Filter
Top Products
17
281
17 Configuring System Logging
In this chapter you will find commands you can use to
configure and manage system logging.
Logging System Events
Logs are text files that form a record of what has occurred on the system, much like a
journal.
Configuring the Log File
Log files are maintained in the /Library/Logs/ and /var/log/ folders. Some commonly
monitored log files include console.log and system.log. Applications may have their
own log files located in different folders. Console.log is located in /Library/Logs/
Console/uid, where uid is the user ID. The console.log file contains recent console
activity. System.log is located in /var/log/ and contains all system activity, including
console log information.
Configuring Your System Logging
The configuration file for the system logging daemon, syslogd, is /etc/syslog.conf.
Each line within /etc/syslog.conf consists of text containing three types of data:
 Facility: categories of log messages. The standard facilities include mail, news, user,
and kern (kernel).
 Priority: urgency of the message. In order from least to most critical, they are: debug,
info, notice, warning, err, crit, alert, and emerg. The priority of the log message is
set by the application sending it, not by syslogd.
 Action: specifies what to do with a log message of a specific facility and priority.
Messages can be sent to files, named pipes, devices, or to a remote host.
The following example line specifies that for any log messages in the category mail,
with a priority of
emerg or higher, the message will be written to the /var/log/mail.log
file:
mail.emerg /var/log/mail.log