Logging is the process of issuing one-line messages or warnings that will be either displayed to a human, archived to a file, or both. The mechanism that sendmail uses to produce these logging lines is called syslog(3). The sendmail program is concerned only with issuing its messages and warnings. Once they are issued, the syslog facility takes over and disposes of them in a manner described in the file /etc/syslog.conf. Statements in this file determine whether a logged line is written to a device (such as /dev/console), appended to a file, forwarded to another host, or displayed on a logged-in user’s screen.
In the following discussion of syslog and syslog.conf, we will describe the BSD 4.4 version. Some versions of Unix, such as Ultrix, use the 4.2 version of syslog, but because syslog is public domain, we recommend you upgrade and will not cover that old version here.
syslog(3) facility uses two items of information
to determine how to handle messages: facility
and level. The facility is the category of
program issuing a message. The syslog facility
can handle many categories, but only one,
When sendmail first starts to run, it opens its connection to the syslog facility with the following C-language line:
openlog("sendmail", LOG_PID, LOG_MAIL); ...