Configuring rsyslogd sections

The rsyslogd service is used by most of the applications running in Linux for logging events. The rsyslogd service uses three main components for handling the log messages of various applications in the system:

  • Facility: It represents the type of process
  • Priority or severity: It represents the severity of the message
  • Destination/location: It describes the location where the log messages are sent to or logged

The configuration file for the rsyslogd service is stored in two locations:

  • In the main configuration file, /etc/rsyslog.conf
  • In the files stored with .conf extensions inside the /etc/rsyslog.d/ directory

The main configuration file, /etc/rsyslog.conf, contains the information on what is to be logged and where it should be stored. It is divided into three different sections displayed in capital letters, as shown:

  • #### MODULES ####: The modules section is used to configure advanced features of rsyslogd.
  • #### GLOBAL DIRECTIVES ####The global directives section is used to specify globally configurable parameters.
  • #### RULES ####: It is the most important section, and contains the rules to specify what is to be logged and where it is to be logged. We will discuss this more in the Rsyslogd rules section of this chapter.

Documentation for rsyslog can be accessed from the man command as follows:

# man 5 rsyslog.conf
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.191.46.36