You want to configure the system logger to use an organized collection of log files.

Set up /etc/syslog.conf for local logging:

               /etc/syslog.conf:
# Messages of priority info or higher, that are not logged elsewhere
*.info;\
mail,authpriv,cron.none;\
local0,local1,local2,local3,local4,local5,local6,local7.none \
                                /var/log/messages

# Messages of priority debug, that are not logged elsewhere
*.=debug;\
mail,authpriv,cron.none;\
local0,local1,local2,local3,local4,local5,local6,local7.none \
                               -/var/log/debug

# Facilities with log files that require restricted access permissions
mail.*                          /var/log/maillog
authpriv.*                      /var/log/secure
cron.*                          /var/log/cron

# Separate log files for local use
local0.*                        /var/log/local0
local1.*                        /var/log/local1
local2.*                        /var/log/local2
local3.*                        /var/log/local3
local4.*                        /var/log/local4
local5.*                        /var/log/local5
local6.*                        /var/log/local6

# Red Hat usurps the local7 facility for boot messages from init scripts
local7.*                        /var/log/boot.log

After you modify /etc/syslog.conf, you must send a signal to force syslogd to reread it and apply your changes. Any of these will do:

# kill -HUP `pidof syslogd`

or:

# kill -HUP `cat /var/run/syslogd.pid`

or:

# /etc/init.d/syslog reload

or:

# service syslog reload                            Red Hat

When your kernel needs to tell you something important, will you notice? If you are investigating a potential break-in last night, will you have all of the information you need? Staying informed requires ...