Writing to System Logs

 
Thread Tools Search this Thread
Operating Systems Linux Red Hat Writing to System Logs
# 1  
Old 01-02-2013
Writing to System Logs

This isn't a RedHat specific question. The software in question might be used for any Linux distribution. Would it be advisable or inadvisable for my application, to be downloaded by many people I don't know, to write to the following logs in /var/log?

maillog or mail.log
messages
secure

Is there a reason not to do this, and if I do write to these logs, is ordinary file I/O good enough?

Thanks.

Brandon
# 2  
Old 01-02-2013
syslog generally keeps its destination files open:

Code:
[root@localhost log]# fuser maillog
maillog:              4648
[root@localhost log]# ps -efa | grep 4648
root      4648     1  0  2012 ?        00:00:01 syslogd -m 0
root     11294  9649  0 16:20 pts/0    00:00:00 grep 4648
[root@localhost log]#

Obviously two programs can't/shouldn't be writing to the same file. There are also syslog-specific reasons for not wanting to do it this way: What if I'm doing a remote syslog? If you're logging directly to files you don't get to take advantage of that and if you want to build that funtionality in yourself then your job is just that much harder. What if the sysadmin wants your logs to go to two different files? etc, etc.

These are the problems the syslog daemon was created to resolve: make a single program broker access to the logging system, then you can solve common problems in one place and in a way that doesn't lead to programs clobbering the work of others.

Most languages have syslog bindings anyways so there's very little reason to want to do it a different way.
# 3  
Old 01-02-2013
Could I write to all three of these logs with syslog, and would it work across most Linux distributions?
# 4  
Old 01-02-2013
You wouldn't be able to specify these particular files (the messages are routed to the destination files based on the facility/priority pair the program assigned to the message). However the files and the facility/priorities that write to them are pretty consistent across most distributions' default configurations, so you can usually be 90% sure of what file your log will end up in. For example, almost all distributions will route a "mail" facility message of any priority to the /var/log/maillog file, anything logged as "authpriv" to /var/log/secure etc. Linux distros don't have to do it that way, but they have adopted similar configurations just to stick with a common convention where possible.

Basically: by design, you won't be able to be sure that some mail-related message you generate will always end up in /var/log/maillog but if you log to the "mail" facility you can just know that /var/log/maillog is where it's going to end up on almost every major Linux distribution.

Last edited by thmnetwork; 01-02-2013 at 07:19 PM..
# 5  
Old 01-02-2013
It won't be a message related to the general purpose of the log, just a message that I want to put there. I assure you I have reason enough to do what I want to do. I just wonder about the difficulty/appropriateness of writing to these logs.
# 6  
Old 01-03-2013
Well you're not going to reliably write to the log files directly, so you might as well disregard that notion out of hand. If it's a message that's unrelated to mail (for example) and you want it grouped with other email messages, you can just log it with the "mail" facility and let the syslog daemon do with it whatever it does with "mail" logs in general, which means they'll generally end up in the same place.

It's honestly not that difficult. To syslog in python:

Code:
import syslog
syslog.openlog(logoption=syslog.LOG_PID, facility=syslog.LOG_MAIL)
syslog.syslog('Some mail-related log message...')

If you're using regular C then this will be a good reference.

Basically, the whole thing is over with by the third line no matter what language you're writing your program in.
# 7  
Old 01-03-2013
Thank you.

What I would write is beginning of day markers at midnight. My issue is that these logs never show the year. Ordinarily, this causes no confusion, since the year is quite obvious. For machines that may be down for years or months at a time, there could occasionaly be ambiguity as to the year of a log entry. Therefore, for reasons connected with my application, I am considering writing a 12:00 AM delimiter, which includes the year, to remove all doubt as to exactly what day, including year, every message belongs to.
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

If I ran perl script again,old logs should move with today date and new logs should generate.

Appreciate help for the below issue. Im using below code.....I dont want to attach the logs when I ran the perl twice...I just want to take backup with today date and generate new logs...What I need to do for the below scirpt.............. 1)if logs exist it should move the logs with extention... (1 Reply)
Discussion started by: Sanjeev G
1 Replies

2. AIX

AIX system logs files

hello, i just want to know logs files for these actions listed below : - User Account Creation - User Account Deletion - Failed and or Successful User Password Changes - Failed Login Activities for all User Users - System Reboot or and shutdown help appreciated... (6 Replies)
Discussion started by: Bolou
6 Replies

3. Solaris

Svc messages flooding the system logs every second

Hi all I have a newly installed Oracle X2-4 server running Solaris 10 x86 with the latest patches. I have one non-global zone configured running an Oracle DB instance. After configuring IPMP failover between two NICs on the server and rebooting I am seeing the /var/adm/messages being flooded... (7 Replies)
Discussion started by: notreallyhere
7 Replies

4. AIX

system logs

good evening all dear all where i can find the system logs in AIX 5.3 (1 Reply)
Discussion started by: thecobra151
1 Replies

5. Solaris

logs for system shutdown

I am working on a SUN T2000 machine with Solaris 10 running on it. When I checked the system this morning, I found it to be turned off. The lastreboot command showed that the system had been shut down the previous night. I want to find out how the system was shut down. I have run hardware health... (2 Replies)
Discussion started by: batman727
2 Replies

6. Shell Programming and Scripting

Grep yesterday logs from weblogic logs

Hi, I am trying to write a script which would go search and get the info from the logs based on yesterday timestamp and write yesterday logs in new file. The log file format is as follows: """"""""""""""""""""""""""... (3 Replies)
Discussion started by: harish.parker
3 Replies

7. AIX

System Logs

Dear Gurus I am running AIX with several users that are using the system, i would like to monitor the commands that are run by these users. Is there a log system that records the commands that are executed by the users??? Any kind of help will be appreciated. Regards Masquerder (6 Replies)
Discussion started by: masquerer
6 Replies

8. Shell Programming and Scripting

not able to redirect the logs of a singl date in one system

Hi All, I have around 15 servers. I need to check for the error in /var/adm/messages in 15 servers of current date everyday and log it in one server. rsh is configured in all servers. The command I am using to accomplish this in shell script is rsh <remote sever> grep 'Jun 17'... (2 Replies)
Discussion started by: partha_bhunia
2 Replies

9. Solaris

system logs' life

How can you control old system logs keep(or storage) time in Solaris ? Is there any method ? it depends on buffer size long or date long ? (1 Reply)
Discussion started by: xramm
1 Replies
Login or Register to Ask a Question