On 03/02/2016 02:17 AM, Per Jessen wrote:
Billy.Zheng(zw963) wrote:
It's seem like dmesg is not work for `logger' command.
could you explain how to view logger output with dmesg command ?
I still not understood the difference about dmesg vs syslog. and when to use either of each.
"man dmesg" - print or control the kernel ring buffer.
A syslog daemon writes all kinds of messages to persistent storage, e.g. logfiles.
I would add to that: syslog is a network protocol, any device on the network can send syslog messages to a logging host. I have my routers, my main router, my wifi router, any voip device all send their syslog messages to may main network host. The kernel ring buffer logs kernel activity, that is activity internal to a single machine, and to the kernel at that. As the 'logger' command illustrates, syslog is, with few exceptions, an application level protocol. The kernel ring buffer is solely about kernel activity. Yes, kernel activity my be triggered by application level or outside world actions; system calls or inserting a pluggable device such as a USB stick. In addition, there's nothing to say that the kernel can't send syslog messages (as it does when I insert a usb stick, as I've just demonstrated to myself with "tail -f /var/log/messages" and inserting a usb drive and getting the same info). However, to the best of my knowledge, syslog can't send to the ring buffer. Hmm: if syslog could send to the ring buffer that would be an attack surface; a rouge/hijacked network device could send syslog messages with buffer overflow to the kernel of a host. If that were possible we have a very serious structural flaw! -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org