Log with syslog
Logging is the process of issuing one-line messages or warnings that will be either displayed to a human, archived to a file, or both. The mechanism that sendmail uses to produce these logging lines is called syslog(3). The sendmail program is concerned only with issuing its messages and warnings. Once they are issued, the syslog facility takes over and disposes of them in a manner described in the file /etc/syslog.conf. Statements in this file determine whether a logged line is written to a device (such as /dev/console), appended to a file, forwarded to another host, or displayed on a logged-in user’s screen.
In the following discussion of syslog and syslog.conf, we will describe the BSD 4.4 version. Some versions of Unix, such as Ultrix, use the 4.2 version of syslog, but because syslog is public domain, we recommend you upgrade and will not cover that old version here.
syslog(3)
The
syslog(3) facility uses two items of information
to determine how to handle messages: facility
and level. The facility is the category of
program issuing a message. The syslog facility
can handle many categories, but only one, mail, is
used by sendmail. The level is the degree of
severity of the warnings. The sendmail program
issues messages with syslog(3) at various levels
depending on how serious the message or warning is.
When sendmail first starts to run, it opens its connection to the syslog facility with the following C-language line:
openlog("sendmail", LOG_PID, LOG_MAIL); ...Get Sendmail, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
