如何判断 syslog.conf 是否有拼写错误

Question

也许最简单的方法是使用syslogd的调试开关-d。您可以syslogd像这样手动调用。

首先禁用任何当前正在运行的syslogd：

$ sudo service syslogd stop

然后使用以下开关手动运行它：

$ sudo syslogd -d -f /etc/syslog.conf

例子

我没有syslogd可用的工作，但它与rsyslogd.我在这里调用rsyslogd：

 $ sudo rsyslogd -d -f /etc/rsyslog.conf
1647.845869757:7fab7df4b720: rsyslogd 4.6.3 startup, compatibility mode 0, module path ''
1647.846009627:7fab7df4b720: caller requested object 'net', not found (iRet -3003)
1647.846026890:7fab7df4b720: Requested to load module 'lmnet'
1647.846035733:7fab7df4b720: loading module '/lib64/rsyslog/lmnet.so'
1647.846155408:7fab7df4b720: module of type 2 being loaded.
1647.846167849:7fab7df4b720: source file conf.c requested reference for module 'lmnet', reference count now 1
1647.846178301:7fab7df4b720: rsyslog runtime initialized, version 4.6.3, current users 1
1647.846196912:7fab7df4b720: source file syslogd.c requested reference for module 'lmnet', reference count now 2
1647.848016526:7fab7df4b720: module of type 1 being loaded.

测试

然后您可以使用命令行工具logger将各种类型的消息模拟到syslogd.在这里我再次用作rsyslogd替身，因此消息传递会有所不同，但效果仍然相同。

发送测试消息
```
$ logger -t testmsg "hello world."
```

结果

2439.368194624:7f461fee9700: Message from UNIX socket: #3
2439.368226046:7f461fee9700: logmsg: flags 4, from 'grinchy', msg Aug 20 03:07:19 testmsg: hello world.
2439.368234458:7f461fee9700: Message has legacy syslog format.
2439.368247194:7f461fee9700: main Q: entry added, size now 1 entries
2439.368257698:7f461fee9700: wtpAdviseMaxWorkers signals busy
2439.368271525:7f461fee9700: main Q: EnqueueMsg advised worker start
2439.368283031:7f461fee9700: --------imuxsock calling select, active file descriptors (max 3): 3 
2439.368305014:7f46206ea700: main Q: entry deleted, state 0, size now 0 entries
2439.368329151:7f46206ea700: testing filter, f_pmask 127
2439.368340032:7f46206ea700: Called action, logging to builtin-file
2439.368354849:7f46206ea700: file to log to: /var/log/messages
2439.368361837:7f46206ea700: doWrite, pData->pStrm 0x7f462480a310, lenBuf 46
2439.368370439:7f46206ea700: strm 0x7f462480a310: file 5(messages) flush, buflen 46
2439.368413234:7f46206ea700: strm 0x7f462480a310: file 5 write wrote 46 bytes
2439.368424063:7f46206ea700: testing filter, f_pmask 0
2439.368431098:7f46206ea700: testing filter, f_pmask 0
2439.368437738:7f46206ea700: testing filter, f_pmask 0
2439.368444401:7f46206ea700: testing filter, f_pmask 1
2439.368450861:7f46206ea700: testing filter, f_pmask 0
2439.368457433:7f46206ea700: testing filter, f_pmask 0
2439.368464826:7f46206ea700: main Q:Reg/w0: worker IDLE, waiting for work.

日志文件的消息

Aug 20 03:07:12 grinchy testmsg: hello world.

另一个例子

示例消息

$ logger -p daemon.warn "this is only a test."

结果

2008.317255462:7f3d13a95700: Message from UNIX socket: #3
2008.317287162:7f3d13a95700: logmsg: flags 4, from 'grinchy', msg Aug 20 03:00:08 saml: this is only a test.
2008.317295844:7f3d13a95700: Message has legacy syslog format.
2008.317307482:7f3d13a95700: main Q: entry added, size now 1 entries
2008.317317586:7f3d13a95700: wtpAdviseMaxWorkers signals busy
2008.317328948:7f3d13a95700: main Q: EnqueueMsg advised worker start
2008.317339316:7f3d13a95700: --------imuxsock calling select, active file descriptors (max 3): 3 
2008.317362187:7f3d14296700: main Q: entry deleted, state 0, size now 0 entries
2008.317375008:7f3d14296700: testing filter, f_pmask 127
2008.317386832:7f3d14296700: Called action, logging to builtin-file
2008.317401184:7f3d14296700: file to log to: /var/log/messages
2008.317409775:7f3d14296700: doWrite, pData->pStrm 0x7f3d17506310, lenBuf 51
2008.317418935:7f3d14296700: strm 0x7f3d17506310: file 5(messages) flush, buflen 51
2008.317454814:7f3d14296700: strm 0x7f3d17506310: file 5 write wrote 51 bytes
2008.317466838:7f3d14296700: testing filter, f_pmask 0
2008.317474391:7f3d14296700: testing filter, f_pmask 0
2008.317481448:7f3d14296700: testing filter, f_pmask 0
2008.317488503:7f3d14296700: testing filter, f_pmask 1
2008.317495259:7f3d14296700: testing filter, f_pmask 0
2008.317502407:7f3d14296700: testing filter, f_pmask 0
2008.317509079:7f3d14296700: main Q:Reg/w0: worker IDLE, waiting for work.

这一行包含我们的消息

2008.317287162:7f3d13a95700: logmsg: flags 4，来自 'grinchy'，msg Aug 20 03:00:08 saml：这只是一个测试。

完成后，只需Ctrl+C即可终止它。

参考

Answer 1

也许最简单的方法是使用syslogd的调试开关-d。您可以syslogd像这样手动调用。

首先禁用任何当前正在运行的syslogd：

$ sudo service syslogd stop

然后使用以下开关手动运行它：

$ sudo syslogd -d -f /etc/syslog.conf

例子

我没有syslogd可用的工作，但它与rsyslogd.我在这里调用rsyslogd：

 $ sudo rsyslogd -d -f /etc/rsyslog.conf
1647.845869757:7fab7df4b720: rsyslogd 4.6.3 startup, compatibility mode 0, module path ''
1647.846009627:7fab7df4b720: caller requested object 'net', not found (iRet -3003)
1647.846026890:7fab7df4b720: Requested to load module 'lmnet'
1647.846035733:7fab7df4b720: loading module '/lib64/rsyslog/lmnet.so'
1647.846155408:7fab7df4b720: module of type 2 being loaded.
1647.846167849:7fab7df4b720: source file conf.c requested reference for module 'lmnet', reference count now 1
1647.846178301:7fab7df4b720: rsyslog runtime initialized, version 4.6.3, current users 1
1647.846196912:7fab7df4b720: source file syslogd.c requested reference for module 'lmnet', reference count now 2
1647.848016526:7fab7df4b720: module of type 1 being loaded.

测试

然后您可以使用命令行工具logger将各种类型的消息模拟到syslogd.在这里我再次用作rsyslogd替身，因此消息传递会有所不同，但效果仍然相同。

发送测试消息
```
$ logger -t testmsg "hello world."
```

结果

2439.368194624:7f461fee9700: Message from UNIX socket: #3
2439.368226046:7f461fee9700: logmsg: flags 4, from 'grinchy', msg Aug 20 03:07:19 testmsg: hello world.
2439.368234458:7f461fee9700: Message has legacy syslog format.
2439.368247194:7f461fee9700: main Q: entry added, size now 1 entries
2439.368257698:7f461fee9700: wtpAdviseMaxWorkers signals busy
2439.368271525:7f461fee9700: main Q: EnqueueMsg advised worker start
2439.368283031:7f461fee9700: --------imuxsock calling select, active file descriptors (max 3): 3 
2439.368305014:7f46206ea700: main Q: entry deleted, state 0, size now 0 entries
2439.368329151:7f46206ea700: testing filter, f_pmask 127
2439.368340032:7f46206ea700: Called action, logging to builtin-file
2439.368354849:7f46206ea700: file to log to: /var/log/messages
2439.368361837:7f46206ea700: doWrite, pData->pStrm 0x7f462480a310, lenBuf 46
2439.368370439:7f46206ea700: strm 0x7f462480a310: file 5(messages) flush, buflen 46
2439.368413234:7f46206ea700: strm 0x7f462480a310: file 5 write wrote 46 bytes
2439.368424063:7f46206ea700: testing filter, f_pmask 0
2439.368431098:7f46206ea700: testing filter, f_pmask 0
2439.368437738:7f46206ea700: testing filter, f_pmask 0
2439.368444401:7f46206ea700: testing filter, f_pmask 1
2439.368450861:7f46206ea700: testing filter, f_pmask 0
2439.368457433:7f46206ea700: testing filter, f_pmask 0
2439.368464826:7f46206ea700: main Q:Reg/w0: worker IDLE, waiting for work.

日志文件的消息

Aug 20 03:07:12 grinchy testmsg: hello world.

另一个例子

示例消息

$ logger -p daemon.warn "this is only a test."

结果

2008.317255462:7f3d13a95700: Message from UNIX socket: #3
2008.317287162:7f3d13a95700: logmsg: flags 4, from 'grinchy', msg Aug 20 03:00:08 saml: this is only a test.
2008.317295844:7f3d13a95700: Message has legacy syslog format.
2008.317307482:7f3d13a95700: main Q: entry added, size now 1 entries
2008.317317586:7f3d13a95700: wtpAdviseMaxWorkers signals busy
2008.317328948:7f3d13a95700: main Q: EnqueueMsg advised worker start
2008.317339316:7f3d13a95700: --------imuxsock calling select, active file descriptors (max 3): 3 
2008.317362187:7f3d14296700: main Q: entry deleted, state 0, size now 0 entries
2008.317375008:7f3d14296700: testing filter, f_pmask 127
2008.317386832:7f3d14296700: Called action, logging to builtin-file
2008.317401184:7f3d14296700: file to log to: /var/log/messages
2008.317409775:7f3d14296700: doWrite, pData->pStrm 0x7f3d17506310, lenBuf 51
2008.317418935:7f3d14296700: strm 0x7f3d17506310: file 5(messages) flush, buflen 51
2008.317454814:7f3d14296700: strm 0x7f3d17506310: file 5 write wrote 51 bytes
2008.317466838:7f3d14296700: testing filter, f_pmask 0
2008.317474391:7f3d14296700: testing filter, f_pmask 0
2008.317481448:7f3d14296700: testing filter, f_pmask 0
2008.317488503:7f3d14296700: testing filter, f_pmask 1
2008.317495259:7f3d14296700: testing filter, f_pmask 0
2008.317502407:7f3d14296700: testing filter, f_pmask 0
2008.317509079:7f3d14296700: main Q:Reg/w0: worker IDLE, waiting for work.

这一行包含我们的消息

2008.317287162:7f3d13a95700: logmsg: flags 4，来自 'grinchy'，msg Aug 20 03:00:08 saml：这只是一个测试。

完成后，只需Ctrl+C即可终止它。

如何判断 syslog.conf 是否有拼写错误

答案1

例子

测试

另一个例子

参考

相关内容