Log files often help System Administrators in finding out important information about System related issues. In RHEL there are a lot of log files under /var/log like messages ,maillog,faillog,cups and cron etc. Here we will discuss how can we decide the location of log files and forward appropriate messages to these locations.

In RHEL /etc/syslog.conf is the file responsible for deciding log file location.Open this file and you’ll see it. syslogd is the daemon associated with it and after every change you made to this file you need to restart this daemon.Now you can make entry in this file as we have done in following examples-

  • mail.err   /var/log/mailerr will redirect mail error messages to /var/log/mailerr.
  • *.crit    /var/log/critical will redirect all critical messages to /var/log/critical.
  • kern.* @viny.example.com   will send all kernel messages to a remote host viny.example.com

The first part in this example is known as Facility and the second is called Priority. Following are some important facilities you can use-

  • authpriv-Security/authorization messages
  • cron
  • kern-kernel messages
  • lpr-Line printer messages
  • mail-Mail messages
  • syslog-Syslog internal messages

Ann following are some important priorities-

  • debug
  • info
  • notice
  • warning
  • err
  • crit
  • alert
  • emerg