All Unix variants record significant system and application events to text files called syslog files. Syslog is also the name of the Unix daemon (the equivalent of a Windows service) that performs the logging function. Syslogging isn’t restricted to Unix servers: some network devices (from companies like Cisco) also implement the syslog feature.
Sending Syslog Events to MOM
Syslog supports redirection of the events to syslog files on other computers. This is how you get the syslog events into MOM. Controlling the behavior of syslog is done through the entries in the
syslog.conf file, typically located in the
/root/etc directory on a Unix system. Below is the default
syslog.conf file from a Linux variant.
1 # /etc/syslog.conf - Configuration file for syslogd(8) 2 # 3 # For info about the format of this file, see "man syslog.conf". 4 # 5 6 # 7 # 8 # print most on tty10 and on the xconsole pipe 9 # 10 kern.warning;*.err;authpriv.none /dev/tty10 11 kern.warning;*.err;authpriv.none |/dev/xconsole 12 *.emerg * 13 14 # enable this, if you want that root is informed 15 # immediately, e.g. of logins 16 #*.alert root 17 18 19 # 20 # all email-messages in one file 21 # 22 mail.* -/var/log/mail 23 mail.info -/var/log/mail.info 24 mail.warning -/var/log/mail.warn 25 mail.err /var/log/mail.err 26 27 # 28 # all news-messages 29 # 30 # these files are rotated and examined by "news.daily" 31 news.crit -/var/log/news/news.crit 32 news.err -/var/log/news/news.err 33 news.notice -/var/log/news/news.notice ...