rsyslog的还本溯源

日志的分离
1）初学syslog
       void openlog(const char *ident, int option, int facility);
       void syslog(int priority, const char *format, ...);
       void closelog(void);
  facility
       The  facility argument is used to specify what type of program is logging
       the message.  This lets the configuration file specify that messages from
       different facilities will be handled differently.

LOG_AUTH       security/authorization  messages (DEPRECATED Use LOG_AUTH-
                      PRIV instead)

LOG_AUTHPRIV   security/authorization messages (private)

LOG_CRON       clock daemon (cron and at)

LOG_DAEMON     system daemons without separate facility value

LOG_FTP        ftp daemon

LOG_KERN       kernel messages (these can’t be generated from  user  pro-
                      cesses)

LOG_LOCAL0 through LOG_LOCAL7
                      reserved for local use

2）进学rsyslog

3) 退学syslog-ng

Jul  9 11:25:40 localhost rsyslogd-3000: unknown facility name "test" [try http://www.rsyslog.com/e/3000 ]
Jul  9 11:25:40 localhost rsyslogd: the last error occured in /etc/rsyslog.conf, line 58:"test.*                                           /var/log/test"
Jul  9 11:25:40 localhost rsyslogd: warning: selector line without actions will be discarded
Jul  9 11:25:40 localhost rsyslogd-2124: CONFIG ERROR: could not interpret master config file ‘/etc/rsyslog.conf‘. [try http://www.rsyslog.com/e/2124 ]

1 unknown facility name "testprogram"

facility
       The  facility argument is used to specify what type of program is logging
       the message.  This lets the configuration file specify that messages from
       different facilities will be handled differently.

rsyslog的还本溯源,布布扣,bubuko.com