If syslogd applet compiled with FEATURE_SYSLOGD_CFG=y, then it supports restricted syslog.conf.
The config resembles rsyslog.conf in RULES part:
LINE = DELIM [RULE | COMMENT]
COMMENT = #.*
DELIM = SPACE TAB
RULE = SELECTOR [;SELECTOR]* DELIM* ACTION DELIM*
SELECTOR = FACILITY [,FACILITY]* .[[!]=] PRIORITY
FACILITY = * | kern | user ... (see syslog.h)
PRIORITY = * | emerg | alert ... (see syslog.h)
ACTION = FILE
"mark" facility is NOT supported.
"none" priority is supported.
In FACILITY and PRIORITY "*" stands for "any".
FILE is a regular file or tty device.
Here is an example:
#syslog.conf
kern,user.* /var/log/messages #all messages of kern and user facilities
kern.!err /var/log/critical #all messages of kern facility with priorities lower than err (warn, notice ...)
*.*;auth,authpriv.none /var/log/noauth #all messages except ones with auth and authpriv facilities
kern,user.*;kern.!=notice;*.err;syslog.none /var/log/OMG #some whicked rule just as an example =)
*.* /dev/null #this prevents from logging to default log file (-O FILE or /var/log/messages)
Even in the case of match with some rule another rules will be tried too.
1. 查看/usr/include/sys/syslog.h和/etc/syslog.conf,理解syslog日志的配置方法
选择syslog.conf中未经试用的facility,作为自己的应用的日志名。笔者在syslog.conf中添加了下面一条记录,该条记录表示把local1这个应用日志名(facility)对应的日志,写入右方的日志文件中。
包含头文件 #include在需要打印日志的地方,调用syslog函数
The config resembles rsyslog.conf in RULES part:
LINE = DELIM [RULE | COMMENT]
COMMENT = #.*
DELIM = SPACE TAB
RULE = SELECTOR [;SELECTOR]* DELIM* ACTION DELIM*
SELECTOR = FACILITY [,FACILITY]* .[[!]=] PRIORITY
FACILITY = * | kern | user ... (see syslog.h)
PRIORITY = * | emerg | alert ... (see syslog.h)
ACTION = FILE
"mark" facility is NOT supported.
"none" priority is supported.
In FACILITY and PRIORITY "*" stands for "any".
FILE is a regular file or tty device.
Here is an example:
#syslog.conf
kern,user.* /var/log/messages #all messages of kern and user facilities
kern.!err /var/log/critical #all messages of kern facility with priorities lower than err (warn, notice ...)
*.*;auth,authpriv.none /var/log/noauth #all messages except ones with auth and authpriv facilities
kern,user.*;kern.!=notice;*.err;syslog.none /var/log/OMG #some whicked rule just as an example =)
*.* /dev/null #this prevents from logging to default log file (-O FILE or /var/log/messages)
Even in the case of match with some rule another rules will be tried too.
If there was no match with any of the rules, logging to default log file or shared memory will be performed.