Anyone know of a tutorial or a book that shows you how to interpret syslog error messages.

Joe

What do you mean?

They generally mean exactly what they say...

I guess I'm a bit confused. What are you trying to interpret?

Well, I believe that they mean exactly what they say but I don't always know what they say. I don't have a particular message that I'm thinking of, I was just wondering if there was some sort of documentation on how to interpret what the messages mean.

Joe

Maybe the source for whatever's logging the message, if you know C (or whatever language is being used). Grep through the source for some incriminating part of the message (note that some parts of it can be held in constants and others in variables -- you rarely if ever see syslog(LOG_WARN, "this is the full log message");, it's usually a printf-like call with some parts put in as strings).

Then look back through the source for what caused the log message. That's the definitive answer, anyway.

Of course, if this is the kernel log, then it's a bit different -- you'd search the kernel source for something like printk(KERN_WARNING "message");, again realizing that parts are constants, parts are variables, and even the printk may be part of another macro (so they may use LOG_INFO(...) instead of printk(KERN_INFO, ...), for example).

Ok, I understand. The applications send the errors to syslog and syslog just directs them to the proper places. If I have to troubleshoot using syslog messaged I should go to the application's source code and see what the error message was designed for.
That's very helpful.

Thank you

Joe