Interpreting the System Logs
syslogd is the service daemon that logs system events. syslogd's main system log file is /var/log/messages. Many programs use syslogd's standard logging services. Other programs, such as the Apache web server, maintain their own separate log files.
Not all log messages are equally important—or even interesting. This is where /etc/syslog.conf comes in. The configuration file /etc/syslog.conf enables you to tailor the log output to meet your own needs.
Messages are categorized by the subsystem that produces them. In the man pages, these categories are called facilities (see Table 8.1).
|auth or security||Security/authorization|