《Linux/UNIX系统编程手册》 英文版读书笔记syslog学习记录

#include <syslog.h>
void syslog(int priority, const char *format, ...);

The priority argument is created by ORing together afacility value and a levelvalue. The facilityindicates the general category of the application logging the message, and is specified as one of the values listed in Table 37-1. If omitted, thefacility defaults to the value specified in a previous openlog() call, or toLOG_USER if that call was omitted.
The level value indicates the severity of the message, and is specified as one of the values in Table 37-2

yslog()are a format string and corresponding arguments in the manner ofprintf(). One difference fromprintf() is that the format string doesn’t need to include a terminating newline character. 

Also, the format string may
include the 2-character sequence%m, which is replaced by theerror string corresponding to the current value oferrno(i.e., the equivalent ofstrerror(errno)).

It is an error to usesyslog() to write some user-supplied string in the following
manner:

syslog(priority, user_supplied_string);

正确的写法为

syslog(priority, "%s", user_supplied_string);

Thesetlogmask() function sets a mask that filters the messages written by syslog().

#include <syslog.h>
int setlogmask(int mask_priority);
Returns previous log priority mask

The macro LOG_MASK() (defined in<syslog.h>) converts thelevel values of Table 37-2
to bit values suitable for passing to setlogmask(). For example, to discard all messages
except those with priorities of LOG_ERR and above, we would make the following call:
LOG_MASK的作用就是把表37-2中的宏变量转为位值，从而可以传递给函数setlogmask;

setlogmask(LOG_MASK(LOG_EMERG) | LOG_MASK(LOG_ALERT) |
 LOG_MASK(LOG_CRIT) | LOG_MASK(LOG_ERR));

The /etc/syslog.conf configuration file controls the operation of the syslogd daemon.

*.err /dev/tty10
auth.notice root
*.debug;mail.none;news.none -/var/log/messages

The first rule says that messages from all facilities (*) with a level of err (LOG_ERR) or higher should be sent to the/dev/tty10 console device. 

第一条说从所用facilities的信息，同时level为err或者更高的，这些信息应该发送到/dev/tty10/console

The second rule says that authorization facility (LOG_AUTH) messages with alevel of notice (LOG_NOTICE) or higher should be sent to any consoles or terminals whereroot is logged in. 

This particular rule would allow a logged-in root user to immediately see messages about failedsu attempts, for example.

例如，这条特殊的规则允许一个root用户直接看到su失败的信息。

The last rule demonstrates several of the more advanced features of rule syntax. A rule can contain multiple selectors separated by semicolons. The first selector specifiesall messages, using the * wildcard for facility and debug for level,
meaning all messages of level debug (the lowest level) and higher. (On Linux, some other UNIX implementations, it is possible to specify level as *, with the same meaning asdebug. However, this feature is not available to allsyslog implementations.)

最后一个规则展示了更高级的用法。一个规则可以包括多个selector，这些selector用分号“；”分开，第一个selector用*指定所有的消息，设置level为debug,意味着所用level为debug或者更高的消息。

 Normally, a rule that contains multiple selectors matches messages corresponding to any of the selectors, but specifying alevel of none has the effect of excludingall messages belonging to the correspondingfacility. Thus, this rule sends
all messages except those for the mail andnews facilities to the file/var/log/messages.

一般来说，一个规则含有多个selector的规则可以匹配许多消息，只要这些消息匹配其中任意一个selector.但是某个selector制定level为none,你们属于这个facility的消息都被排除。 所以最后一个规则发送所有的消息到/var/log/messages除了mail facility和news facility。
The hyphen (-) preceding the name of this file specifies that a sync to the disk does not occur on each write to the file (refer to Section 13.3). This means that writes are faster, but some data may be lost if the system crashes soon after the write.
符号(-)指定把消息数据同步到磁盘，如果不指定的话在每次写入到文件时并不都会写入到磁盘。这样做写入速度会加快，但是如果写入不久系统崩溃的话一些数据可能也会丢失。
Whenever we change the syslog.conf file, we must ask the daemon to reinitialize itself from this file in the usual fashion:

$ killall -HUP syslogd Send SIGHUP to syslogd

每当我们更改syslog.conf文件，我们必须让daemon重新初始化自身，用下面的命令。