sysklogd – Linux system logging utilities.

syslogd [ -a socket ] [ -d ] [ -f config file ] [ -h ] [ -lhostlist ] [ -m interval ] [ -n ] [ -p socket ] [ -r ] [ -sdomainlist ] [ -v ] [ -x ]


Sysklogd provides two system utilities which provide support for system logging and kernel message trapping. Support of both internet and unix domain sockets enables this utility package to support both local and remote logging.

Syslogd provides a kind of logging that many modern programs use. Every logged message contains at least a time and a hostname field, normally a program name field, too, but that depends on how trusty the logging program is.

While the syslogd sources have been heavily modified a couple of notes are in order. First of all there has been a systematic attempt to insure that syslogd follows its default, standard BSD behavior. The second important concept to note is that this version of syslogd interacts transparently with the version of syslog found in the standard libraries. If a binary linked to the standard shared libraries fails to function correctly we would like an example of the anomalous behavior.

The main configuration file /etc/syslog.conf or an alternative file, given with the -f option, is read at startup. Any lines that begin with the hash mark (“#”) and empty lines are ignored. If an error occurs during parsing the whole line is ignored.

-a socket
Using this argument you can specify additional sockets from that syslogd has to listen to. This is needed if you’re going to let some daemon run within a chroot() environment. You can use up to 19 additional sockets. If your environment needs even more, you have to increase the symbol MAXFUNIX within the syslogd.c source file. An example for a chroot() daemon is described by the people from OpenBSD at
Turns on debug mode. Using this the daemon will not proceed a fork  2) to set itself in the background, but opposite to that stay in the foreground and write much debug information on the current tty. See the DEBUGGING section for more information.
-f config file
Specify an alternative configuration file instead of /etc/syslog.conf, which is the default.
By default syslogd will not forward messages it receives from remote hosts. Specifying this switch on the command line will cause the log daemon to forward any remote messages it receives to forwarding hosts which have been defined.
-l hostlist
Specify a hostname that should be logged only with its simple hostname and not the fqdn. Multiple hosts may be specified using the colon (“:”) separator.
-m interval
The syslogd logs a mark timestamp regularly. The default interval between two — MARK — lines is 20 minutes. This can be changed with this option. Setting the interval to zero turns it off entirely.
Avoid auto-backgrounding. This is needed especially if the syslogd is started and controlled by init 8).
-p socket
You can specify an alternative unix domain socket instead of /dev/log.
This option will enable the facility to receive message from the network using an internet domain socket with the syslog service (see services (5)). The default is to not receive any messages from the network.This option is introduced in version 1.3 of the sysklogd package. Please note that the default behavior is the opposite of how older versions behave, so you might have to turn this on.

-s domainlist
Specify a domainname that should be stripped off before logging. Multiple domains may be specified using the colon (“:”) separator. Please be advised that no sub-domains may be specified but only entire domains. For example if -s is specified and the host logging resolves to no domain would be cut, you will have to specify two domains like: -s
Print version and exit.
Disable name lookups when receiving remote messages. This avoids deadlocks when the nameserver is running on the same machine that runs the syslog daemon.