Linux Today: Linux News On Internet Time.

O'Reilly Network: Tools of the Trade: Part 3

Jul 29, 2001, 16:35 (0 Talkback[s])
(Other stories by Carl Constantine)

The O'Reilly Network continues its look at basic security tools with snort and syslog:

Have you ever looked in your /var/log directory and wondered, "Where'd all those log files come from?" Chances are they were created by syslog, the system logging facility. syslog actually consists of a couple different tools that were originally part of the BSD distributions.

syslog has been ported to Linux and many other Unix operating systems (Solaris, HP-UX, etc.) and keeps all the same functionality of the original program. In some cases, a few functions have been added but nothing has been removed. I would consider syslog to be more of a "system" rather than a tool.

There are four parts to syslog; a syslogd daemon process, a klogd daemon process, a programming interface syslog.h, and a configuration file /etc/syslog.conf which is the key to the whole system. The programming interface is used by many other programs, such as Tripwire, to log activity on your system. Unless you're writing a security tool, or want to incorporate syslog in some other application you are writing, you won't use the programming interface."

Complete Story

Related Stories: