I want to use it in my own application, so I use:
#include <syslog.h> int main(int argc, char *argv[]) { char *me = argv[0]; openlog(me, LOG_NDELAY, LOG_LOCAL0); syslog(LOG_NOTICE,"started."); }
and then when I want to log something:
syslog(LOG_ERR,"Unable to connect to %s",remote_host);
So now if I want to log those messages to a separate file, edit /etc/syslog.conf
*.info;mail.none;authpriv.none;cron.none;local0.none /var/log/messages # Log myapp stuff (local0) local0.* /var/log/myapp
If you do a lot of logging, then adding a dash before the filename will not flush after every write, which is more efficient, but runs the risk of loosing information if the plug is pulled.
# Log myapp stuff (local0) local0.* -/var/log/myapp
And restart with
/etc/rc.d/init.d/syslogd restart
If you want to get syslog to send you an email when something happens, then as root:
mkdir -p /etc/syslog/ mkfifo /etc/syslog/mail.pipe
change /etc/syslog.conf (and restart after with /etc/rc.d/init.d/syslogd restart)
#log myapp to named pipe (logs crit and error messages) local0.crit |/etc/syslog/mail.pipe local0.error |/etc/syslog/mail.pipe local.* /var/log/myapp
add this to /usr/sbin/syslogMail (and “chmod 755 /usr/sbin/syslogMail”)
#!/bin/bash # syslogMail < /etc/syslog/mail.pipe # run from cron every 5 minutes # */5 * * * * /usr/sbin/syslogMail < /etc/syslog/mail.pipe to="me@example.com" TMOUT=1 #set timeout for read line to 1 second FILE=/tmp/syslogMail.$$ while read line do echo ${line} | grep -v "message repeated" >> $FILE done lines=`wc -l $FILE | awk '{print $1}' ` if [ $lines > 0 ]; then cat $FILE | mailx -s "syslog mail" $to fi /bin/rm -f $FILE
and then set up a cron job to run every 5 minutes (crontab -e)
*/5 * * * * /usr/sbin/syslogMail < /etc/syslog/mail.pipe
Leave a Reply