Every rule consists of two fields—selector field and action field. The selector field specifies a pattern of facilities and priority. Facility and priority is separated by a .
; facility specifies the subsystem that produced the message. Table 1 lists out facilities and Table 2 lists out priorities:
Table 1: Facility
Facility |
Description |
---|---|
Kernel |
Kernel messages |
User |
User level messages |
|
Mail messages |
Daemon |
System messages |
FTP |
FTP server messages |
The log severity can be controlled using the priority
option, and we can make it as verbose as we like. The trade off is always between size of logs and what to log.
Table 2: Priorities
Severity |
Description |
---|---|
0 |
Emergency, system unstable |
1 |
Alert: Immediate action |
2 |
Critical: The state of the system/application is critical |
3 |
Error condition: The system is throwing errors |
4 |
Warning |
7 |
Debug. Verbose logging of information |
Log kernel-related messages to a separate file, with the pattern as kernel subsystem and...