How to use the command 'logger' (with examples)
The logger
command is a utility used to add entries to the system log, which is typically stored in a file like /var/log/syslog
on Unix-like operating systems. This command allows users to write custom messages to the system log, acting as an interface between shell scripts and the syslog system logging service. It is particularly useful for debugging, status reporting, and tracking the execution of scripts or system events.
Use case 1: Log a message to syslog
Code:
logger "System started successfully"
Motivation:
In many scenarios, it is essential to document specific events within a system to leave a trace that administrators can review later. For instance, when a system starts up successfully, logging this event helps in troubleshooting future issues by verifying that the system started without errors.
Explanation:
logger
: This is the base command that is used to send messages to thesyslog
."System started successfully"
: This is the message that will be logged. It can be any text string that describes the event or status you wish to record.
Example output:
Upon executing the command, the message “System started successfully” will be appended to the /var/log/syslog
file with a timestamp and other metadata, such as the user and process ID.
Use case 2: Take input from stdin
and log to syslog
Code:
echo "Disk space running low" | logger
Motivation:
By using a shell command like echo
to pipe input into logger
, you can dynamically create log entries based on real-time data or output from other processes. This is particularly useful in scripts where the message to be logged is generated at runtime and not known beforehand.
Explanation:
echo "Disk space running low"
:echo
is used to generate a string output which simulates a warning message. This acts as the input or text that we want to log.| logger
: The pipe (|
) takes the standard output from the preceding command (echo
) and redirects it as input to thelogger
command, so that it can be logged.
Example output:
The message “Disk space running low” will appear in the /var/log/syslog
, annotated with details such as the timestamp and the user executing the command.
Use case 3: Send the output to a remote syslog server running at a given port
Code:
echo "Backup completed" | logger --server 192.168.1.100 --port 1514
Motivation:
In environments with centralized logging systems, sending log entries to a remote syslog server helps consolidate logs from multiple devices, aiding in comprehensive monitoring and quick analysis of system events. This setup is beneficial in network administration where system logs from all devices need to be reviewed centrally.
Explanation:
echo "Backup completed"
: This generates a specific log message indicating the completion of a backup task.| logger
: The pipe takes the output fromecho
and feeds it into thelogger
.--server 192.168.1.100
: This specifies the IP address of the remote syslog server where the log message should be sent.--port 1514
: This specifies the port on the remote server that is listening for syslog messages. By default, syslog listens on port 514, but here the custom port 1514 is defined.
Example output:
The message “Backup completed” is transmitted to the remote server at 192.168.1.100 on port 1514, and it will be handled according to that server’s logging configuration.
Use case 4: Use a specific tag for every line logged
Code:
echo "User login failed" | logger --tag SEC_ALERT
Motivation:
Tags help in identifying and filtering log entries with specific characteristics or origins. By adding a meaningful tag, such as SEC_ALERT
, you can easily sort and review security-related events. This use case is effective in security monitoring where logs with security alerts need to be quickly identified among other logs.
Explanation:
echo "User login failed"
: This is the message indicating a failed login attempt, a significant event in system security.| logger
: The|
pipe directs the output fromecho
intologger
.--tag SEC_ALERT
: This option adds a custom tag to the log entry. Instead of using the default tag, which is the username, it specifiesSEC_ALERT
to symbolize that the message is related to security.
Example output:
The log in /var/log/syslog
will include an entry with the line “User login failed” tagged with SEC_ALERT
, making it easy to search for this tag when looking through the logs.
Use case 5: Log messages with a given priority
Code:
echo "Temperature exceeds threshold" | logger --priority user.warning
Motivation:
In environments where logs are extensively monitored, assigning priorities to log messages ensures that critical events get the attention they require. Using priorities helps system administrators to take immediate actions on warnings or errors, as high-priority messages can trigger alerts in monitoring systems.
Explanation:
echo "Temperature exceeds threshold"
: This message acts as an alert concerning a critical environmental condition.| logger
: Streams the output fromecho
intologger
.--priority user.warning
: Sets the priority level of the message. Here,user.warning
is chosen, indicating a warning condition that could escalate into a more severe problem if not addressed.
Example output:
The syslog
will contain an entry with “Temperature exceeds threshold” marked with the user.warning
priority, which could cause the monitoring systems to alert administrators of the situation.
Conclusion
The logger
command offers a powerful interface for sending logs to the system logger in various contexts and configurations. Its flexibility, from local logging to remote server communication, and its ability to specify tags and priorities, makes it a versatile tool in system administration, enhancing the monitoring and auditing capabilities of system operations.