See below for configuring other distributions.
Syslog is FreeBSD's live notification utility for system messages.
When something noteworthy happens on the system, like a user SU-ing to root, then syslog will echo this onto the console screen.
By default, system messages go to the /var/log/messages
file and this can be a useful place to look for various events, including system messages on bootup.
Like everything under Unix, there are various tweaks and configurations which can be performed to syslog to customise its behaviour to one's own taste.
Here are some I have used..
Oi, I was typing something there..!
First a fix for a not-uncommon occurrence. You're in the middle of a vi (or some other editor) session and right in the middle of your file, the console splurges some system message or other. There's your beautifully typed (but not yet saved) work, defaced! Actually the file is still as it was before the system message appeared and the message hasn't been inserted into the file itself.
One way to deal with this is to save and exit the file and then relaunch the vi session again. However a quicker solution is to press CTRL L
, which will redraw the screen without that nasty rude message. Nice.
System messages print out to the console on tty0 only, by default. This is the first screen you see when BSD boots up and is the default console screen. One way of avoiding interruptions from console messages is to switch to tty1 or above. Do this by pressing ALT F2
(tty1), ALT F3
It is possible to disable or redirect this syslog behaviour, although personally I prefer to leave it running in its default state and to use other work arounds.
At work, I prefer to do most of my work with Windows XP Pro, leaving the server jobs to FreeBSD. I use IMAP
to pull off the daily reports for root
, using redirected mail
on all five of my Unix servers. Takes a few minutes every morning, but it's worth the time to keep on top of any problems which might crop up.
Another way of keeping an eye on the Unix boxes without being logged in all the time, is to run a syslog facility on a workstation. For a freebie syslog facility you can't go past the excellent Kiwi Syslog Service Manager from New Zealand based Kiwi Enterprises
I've been using Kiwi Syslog for several years now to monitor activity on my Wireless Access Points and have since widened its scope by monitoring certain activity on my Unix servers as well. In real time I can see when users FTP or SSH into a system and when student workstations request Ghost images from the Samba shares.
Configuring FreeBSD to forward some of these messages is pretty straightforward. Edit /etc/syslog.conf
and duplicate any lines for any services you wish to be logged live. Instead of pointing to a filename, the service is logged to the IP of the system running the graphical syslog service using the @IP Address
So in the example below, SSH logins and SUs to root
as well as FTP login information is also sent to the syslog service on computer 192.168.0.101..
So in addition to these system messages being sent to their default log files, the administrator receives visual real-time updates on the Kiwi Syslog Server..
For Mint, the config file is /etc/rsyslog.d/50-default.conf, but it works the same as with FreeBSD.
There is also a /etc/rsyslog.conf, but the above file is normally used for customising the service.
After configuring the file, restart syslog. To restart the syslog service, type the following..