Chinaunix首页 | 论坛 | 博客
  • 博客访问: 84088
  • 博文数量: 3
  • 博客积分: 1460
  • 博客等级: 上尉
  • 技术积分: 340
  • 用 户 组: 普通用户
  • 注册时间: 2007-01-13 20:42
文章分类
文章存档

2008年(3)

我的朋友
最近访客

分类: 系统运维

2008-04-27 17:42:29

Syslog Facility

Syslog Facility is one information field associated with a syslog message. It is defined by the syslog protocol. It is meant to provide a very rough clue from what part of a system the message originated from. Tradidionally, under UNIX, there are facilities like KERN (the OS kernel itself), LPD (the line printer daemon) and so on. There are also the LOCAL_0 to LOCAL_7 facilities, which were traditionally reserved for administrator and application use.

However, with the wide adaption of the syslog protocol, the facility field contents has become a little less clear. Most syslog enabled devices nowadays allow configuring any value as the facility. So it is basically left to distinguise different classes of syslog messages.

The facility can be very helpful to define rules that split messages for example to different log files based on the facility level.

Facility values are defined in RFC 3164:

 The Facilities and Severities of the messages are numerically coded
with decimal values. Some of the operating system daemons and
processes have been assigned Facility values. Processes and daemons
that have not been explicitly assigned a Facility may use any of the
"local use" facilities or they may use the "user-level" Facility.
Those Facilities that have been designated are shown in the following
table along with their numerical code values.

Numerical Facility
Code

0 kernel messages
1 user-level messages
2 mail system
3 system daemons
4 security/authorization messages (note 1)

5 messages generated internally by syslogd
6 line printer subsystem
7 network news subsystem
8 UUCP subsystem
9 clock daemon (note 2)
10 security/authorization messages (note 1)
11 FTP daemon
12 NTP subsystem
13 log audit (note 1)
14 log alert (note 1)
15 clock daemon (note 2)
16 local use 0 (local0)
17 local use 1 (local1)
18 local use 2 (local2)
19 local use 3 (local3)
20 local use 4 (local4)
21 local use 5 (local5)
22 local use 6 (local6)
23 local use 7 (local7)

Table 1. syslog Message Facilities

Note 1 - Various operating systems have been found to utilize
Facilities 4, 10, 13 and 14 for security/authorization,
audit, and alert messages which seem to be similar.
Note 2 - Various operating systems have been found to utilize
both Facilities 9 and 15 for clock (cron/at) messages.
阅读(2635) | 评论(0) | 转发(0) |
0

上一篇:没有了

下一篇:FAQ - Ports and Packages

给主人留下些什么吧!~~