I want to use it in my own application, so I use:
#include <syslog.h>
int
main(int argc, char *argv[])
{
char *me = argv[0];
openlog(me, LOG_NDELAY, LOG_LOCAL0);
syslog(LOG_NOTICE,"started.");
}
and then when I want to log something:
syslog(LOG_ERR,"Unable to connect to %s",remote_host);
So now if I want to log those messages to a separate file, edit /etc/syslog.conf
*.info;mail.none;authpriv.none;cron.none;local0.none /var/log/messages # Log myapp stuff (local0) local0.* /var/log/myapp
If you do a lot of logging, then adding a dash before the filename will not flush after every write, which is more efficient, but runs the risk of loosing information if the plug is pulled.
# Log myapp stuff (local0) local0.* -/var/log/myapp
And restart with
/etc/rc.d/init.d/syslogd restart
If you want to get syslog to send you an email when something happens, then as root:
mkdir -p /etc/syslog/ mkfifo /etc/syslog/mail.pipe
change /etc/syslog.conf (and restart after with /etc/rc.d/init.d/syslogd restart)
#log myapp to named pipe (logs crit and error messages) local0.crit |/etc/syslog/mail.pipe local0.error |/etc/syslog/mail.pipe local.* /var/log/myapp
add this to /usr/sbin/syslogMail (and “chmod 755 /usr/sbin/syslogMail”)
#!/bin/bash
# syslogMail < /etc/syslog/mail.pipe
# run from cron every 5 minutes
# */5 * * * * /usr/sbin/syslogMail < /etc/syslog/mail.pipe
to="me@example.com"
TMOUT=1 #set timeout for read line to 1 second
FILE=/tmp/syslogMail.$$
while read line
do
echo ${line} | grep -v "message repeated" >> $FILE
done
lines=`wc -l $FILE | awk '{print $1}' `
if [ $lines > 0 ]; then
cat $FILE | mailx -s "syslog mail" $to
fi
/bin/rm -f $FILE
and then set up a cron job to run every 5 minutes (crontab -e)
*/5 * * * * /usr/sbin/syslogMail < /etc/syslog/mail.pipe
Leave a Reply