1 00:00:06,620 --> 00:00:11,195 Okay, so apart from systemd Journald, you still need to know a bit 2 00:00:11,195 --> 00:00:15,769 about R syslog as well, because on many distributions you'll still find it. 3 00:00:17,129 --> 00:00:21,210 R syslog D is a service that works with facility, priority and destination. 4 00:00:22,370 --> 00:00:25,510 The facility is the item that R syslogd should be looking for. 5 00:00:26,730 --> 00:00:30,744 The priority indicates the severity of the log event, and the 6 00:00:30,744 --> 00:00:34,759 destination defines the location where the message should be written to. 7 00:00:35,299 --> 00:00:38,380 And in most cases, the destination would be a file. 8 00:00:39,079 --> 00:00:45,070 Let me show you what the configuration looks like so that you know where to find your log information on an R syslog system. 9 00:00:46,109 --> 00:00:51,085 To start it, I'm using sudo systemctl status on r syslog and that's 10 00:00:51,085 --> 00:00:56,060 showing that our syslog is active and it is running, and that's good. 11 00:00:57,640 --> 00:01:02,270 Then I need sudo vim on etcr 12 00:01:02,270 --> 00:01:06,900 syslog conf that's the main configuration file. 13 00:01:07,939 --> 00:01:14,519 Now, there is a section about modules that you can easily skip. You need to be looking for the rules, and these rules are right here. 14 00:01:15,659 --> 00:01:21,969 So what do we see? We see here the line that explains that everything that is related 15 00:01:21,969 --> 00:01:28,280 to the facility with all priorities will be sent to the dev console. That's for your kernel. 16 00:01:29,400 --> 00:01:31,840 Now more interesting is the line that we have here. 17 00:01:33,359 --> 00:01:38,666 Star.info all facilities that log with the priority of info, but not mill and not 18 00:01:38,666 --> 00:01:43,973 authprif and not cron is sent to Varlock messages authpriv, that is authentication related is 19 00:01:43,973 --> 00:01:49,280 sent to Varlock secure, and so on and so on and so on. 20 00:01:51,140 --> 00:01:57,045 Now, obviously this is the default configuration on my distribution. You might find something else. The result 21 00:01:57,045 --> 00:02:02,950 will be written to the var log directory where you can see many files have been created. 22 00:02:03,560 --> 00:02:07,079 And I'm going to show you what one of them looks like. 23 00:02:08,120 --> 00:02:14,949 That is the var log messages file on this Centos system. It's the main log file. So I 24 00:02:14,949 --> 00:02:21,779 need sudo less on var log messages. You do need administrator privileges to get access to it. 25 00:02:23,039 --> 00:02:29,590 Uppercase g brings you to the bottom and there you can see all the messages that have been logged. 26 00:02:30,310 --> 00:02:34,704 Now, this is an ordinary file, a text file. So you can 27 00:02:34,704 --> 00:02:39,099 use your usual stuff for text file management to find information. 28 00:02:39,699 --> 00:02:43,620 There is no easy way to show priority of error only if 29 00:02:43,620 --> 00:02:47,540 you want to see priority of error only in a specific file. 30 00:02:48,199 --> 00:02:52,289 You need to tweak the r syslog configuration in order to do so.