The syslog system displays and records messages describing system events.
The syslog program is made up of two processes: syslogd, which logs user-level events, and klogd, which logs kernel events.
Messages can be placed on the console, in logfiles, and on the text screens of users.
Syslog is configured by /etc/syslog.conf in the form
The creator of the message, selected from among
Specifies a severity threshold beyond which messages are logged and is one of (from lowest to highest severity)
emerg. The special level
nonedisables a facility.
The destination for messages that correspond to a given selector. It can be a filename,
@hostname, a comma-separated list of users, or an asterisk (meaning all logged-in users).
facility.levelscomprise the message selector.
Most syslog messages go to /var/log/messages.