使用syslogd 抓取kernel log,指定输出到某个文件:
/sbin/syslogd -n -O /userdata/log/kernel/message -s 2048 -b 99
/etc/syslog.conf 决定抓取哪些log
# First some standard log files.
*.*;auth,authpriv.none;mail.none /var/log/syslog
*.alert;*.crit;*.err /var/log/syserr
auth,authpriv.* /var/log/auth.log
mail.* /var/log/mail.log
# Emergencies are sent to everybody logged in.
*.emerg :omusrmsg:*
[root@localhost ~]# cat /etc/syslog.conf
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.* /dev/console
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none /var/log/messages
# The authpriv file has restricted access.
authpriv.* /var/log/secure
# Log all the mail messages in one place.
mail.* -/var/log/maillog
# Log cron stuff
cron.* /var/log/cron
# Everybody gets emergency messages
*.emerg *
# Save news errors of level crit and higher in a special file.
uucp,news.crit /var/log/spooler
# Save boot messages also to boot.log
local7.* /var/log/boot.log
BusyBox v1.29.2 (2022-08-15 08:39:12 UTC) multi-call binary.
Usage: syslogd [OPTIONS]
System logging utility
-n Run in foreground
-R HOST[:PORT] Log to HOST:PORT (default PORT:514)
-L Log locally and via network (default is network only if -R)
-C[size_kb] Log to shared mem buffer (use logread to read it)
-K Log to kernel printk buffer (use dmesg to read it)
-O FILE Log to FILE (default: /var/log/messages, stdout if -)
-s SIZE Max size (KB) before rotation (default 200KB, 0=off)
-b N N rotated logs to keep (default 1, max 99, 0=purge)
-l N Log only messages more urgent than prio N (1-8)
-S Smaller output
-D Drop duplicates
-f FILE Use FILE as config (default:/etc/syslog.conf)