Manipulating journalctl output
Suvayu Ali
fatkasuvayu+linux at gmail.com
Fri Jan 3 01:12:28 UTC 2014
On Thu, Jan 02, 2014 at 04:52:01PM +0000, Tom H wrote:
> On Thu, Jan 2, 2014 at 10:32 AM, Suvayu Ali <fatkasuvayu+linux at gmail.com> wrote:
> > On Thu, Jan 02, 2014 at 03:20:38AM +0000, Tom H wrote:
> >> On Thu, Jan 2, 2014 at 3:00 AM, Tom H <tomh0665 at gmail.com> wrote:
> >>> On Wed, Jan 1, 2014 at 7:57 PM, Suvayu Ali <fatkasuvayu+linux at gmail.com> wrote:
> >>>>
> >>>> 2. I would like to filter logs that typically go into /var/log/secure
> >>>> (or other similar files); how do I do that?
> >>>
> >>> SYSLOG_FACILITY=authpriv
> >>
> >> Sorry. Just thought that I'd try it and it turms out that it takes the
> >> facility as a number not as a name, so "SYSLOG_FACILITY=10".
> >
> > Thank you! This will be very helpful. Where is this documented? I
> > could not find this information in journalctl(1) or
> > systemd.jounal-fields(7); did I miss some other docs?
>
> That SYSLOG_FACILITY has to be a number is from systemd.jounal-fields(7).
No, I mean which number corresponds to what facility. I don't even know
where to find a comprehensive list of all the facilities.
Okay I think while writing the email I found the list of facilities in
logger(1); but I still do not know where I can find the mapping between
these facilities with the numbers accepted by SYSLOG_FACILITY.
--
Suvayu
Open source is the future. It sets us free.
More information about the users
mailing list