system [1]

Syslog-ng OSE can automatically collect the system-specific log messages of the host on a number of platforms using the system() driver.

Important Information

If the system() driver is included in the syslog-ng OSE configuration file, syslog-ng OSE automatically adds the following sources to the syslog-ng OSE configuration. It automatically links to the default logs destination of the given platform through a compatible driver. For example:

Linux

unix-dgram("/dev/log"); file("/proc/kmsg" program-override("kernel") flags(kernel));

Solaris 8

sun-streams("/dev/log");

...

pre macOS 10.15 Catalina

file("/var/log/system.log" follow-freq(1));

macOS 10.15 Catalina and later

darwin-oslog();

Testing

@version: 4.2
@include "scl.conf"

options {
	frac-digits(6); 
};

source s_local0 {
	system();
};

source s_local1 {	
	darwin-oslog()
};

source s_local2 {
	darwin-oslog-stream();
};

log {
	source(s_local0);
	# This one is the same as s_local0 actually
	#source(s_local1);
	# This one gives a live macOS OSLog stream that contains much, much more log events, like debug messages, and not persistent messages
	# Take care, can lead to huge system load!
	#source(s_local2);
	
	destination {
		file(
			"/var/log/messages" 
		
			flags(no-multi-line syslog-protocol)
			flush-lines(1)
			flush-timeout(1)
		);
	};
	
	flags(flow-control);
};

Previousprogram() Destination Driver NextCollecting local logs pre macOS 10.15 Catalina

Last updated 1 year ago