Shell scripting: Write message to a syslog / log file

last updated in Categories Debian Linux, Linux, RedHat/Fedora Linux, Shell scripting, Solaris, Suse Linux, Tips, Ubuntu Linux, UNIX

syslog is the protocol as well as application to send message to Linux system logfile located at /var/log directory.

Sysklogd provides two system utilities which provide support for system logging and kernel message trapping.

Usually most program and apps use C or syslog application / library sending syslog messages.

But how do you send message from a shell prompt or shell script?

logger command

Use logger command which is a shell command interface to the syslog system log module. It makes or writes one line entries in the system log file from the command line.

Log message System rebooted for hard disk upgrade
$ logger System rebooted for hard disk upgrade

You can see message in /var/log/message file
# tail -f /var/log/message
Output:

Jan 26 20:53:31 dell6400 logger: System rebooted for hard disk upgrade

You can use logger command from a shell script. Consider following example:

#!/bin/bash
HDBS="db1 db2 db3 db4"
BAK="/sout/email"
[ ! -d $BAK ] && mkdir -p $BAK || :
/bin/rm $BAK/*
NOW=$(date +"%d-%m-%Y")
ATTCH="/sout/backup.$NOW.tgz"
[ -f $ATTCH ] && /bin/rm $ATTCH  || :
MTO="you@yourdomain.com"
for db in $HDBS
do
 FILE="$BAK/$db.$NOW-$(date +"%T").gz"
 mysqldump -u admin -p'password' $db | gzip -9 > $FILE
done
tar -jcvf $ATTCH $BAK
 mutt -s "DB $NOW" -a $ATTCH $MTO <<EOF
DBS $(date)
EOF
[ "$?" != "0" ] &&  logger "$0 - MySQL Backup failed" || :

Last line will log a message in /var/log/message file if backup failed.

Other usage

To log a message contained in the /var/log/myapp.log file, use:
$ logger -f /var/log/myapp.log

Log the message to standard error (screen), as well as the system log:
$ logger -s "Hard disk full"

Refer to the man page for more options:
man logger
man syslogd

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

17 comment

  1. If you want to log to a remote Syslog server, the logger command will not work as it logs only to the syslogd on the localhost. log4sh is a logging framework for shell scripts that *can* log to a remote Syslog server as long as netcat is installed.

  2. the following code is not writing either of the messagesto /var/log/messages.What is wrong in the code?

    My file is saved at /usr/local/sbin location.example is the name of my file.

    if [ -e /usr/local/sbin/example ]; then
    logger File exists
    else
    logger File does not exist
    fi

    I have added the above code in /etc/rc.local file.

    Thankyou in advance

  4. Hi,

    I like the script very much, but I cannot figure out some parts.. 🙁
    Could you explain what “|| : ” means at the and of three lines, please.
    It must be POSIX mode, but what is it doing?

    Now I know what “&&” and “II” do.

    Thanks,
    Ge

  6. To the poster above who’s rc.local script doesn’t work – if it works when you execute rc.local yourself, then its probably because the PATH isn’t set at that point, and you’ll need to specify the full path to logger.

  7. I have this plist file that watches the “WatchDirectory” in my home directory for any changes to files or added files, scripts runs, or files deleted. If a change occurs, it calls the /usr/bin/logger command which basically writes to the /var/log/system.log file. All it writes though is very vague every time, nothing specific: for example

    “Jul 21 19:34:41 TonyMAC Tony[16512]: path modified”

    Do you know how I can have it write more specific messages like, “a file was deleted”, a script was ran or even a simple – “the change happened in this directory” to the /var/log/system.log file Thanks in advance.

    Label
    logger
    ProgramArguments

    /usr/bin/logger
    path modified

    WatchPaths

    /Users/Tony/WatchDirectory

  8. According to manual, the -f switch is used to write specified file to the standard logfile (most probably messages.log), instead of what i understood from your post, choosing a logfile to write to.
    By the way, how can i tell logger to write to my file, instead of messages.log?

  10. Hello,

    I have custom log files in my home directory /home/user1/logs Can I use syslogd to forward these logs to another remote server ? I was able to forward logs from /var/log/

    Please advice. Thanks

  11. When I want to clear my /var/log/messages this works for me

    do this as root

    (optional backup your messages)
    tar -czvf /home/hunkingbigmessagefile.tgz /var/log/messages

    (the following is all required to clear a single log file)
    cat /dev/null > /var/log/messages

  12. what will be configuration if my livux machine is syslog client.

    how will i configure it to send syslog messages to any syslog server

  13. Is it possible to format the logger output in bash?
    Jan 26 20:53:31 dell6400 logger: System rebooted for hard disk upgrade

    to
    Jan 26 20:53:31 dell6400 MYAPPLICATION: System rebooted for hard disk upgrade

  14. If you want to format the logger output:

    from Jan 26 20:53:31 dell6400 logger: System rebooted for hard disk upgrade
    to
    Jan 26 20:53:31 dell6400 MYAPPLICATION[PID]: System rebooted for hard disk upgrade

    you have to use

    logger -t MYAPPLICATION -i

    Have a question? Post it on our forum!