this post was submitted on 24 Aug 2024
34 points (94.7% liked)

Linux

48314 readers
114 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

If I'm using Arch or another minimal distro, is it a good idea to install a syslog daemon? Or can I go without?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 7 points 2 months ago (2 children)

Check that you actually have persistent storage enabled. (See man journald.conf and search for Storage)

Read up on the numerous parameters to journalctl. (man journalctl)

journalctl --boot -2 will show logs from previous boot.

journalctl --since "-2 weeks" --unit=sshd last two weeks worth of sshd logs.

[–] patatahooligan 3 points 2 months ago (1 children)

I think there's a minor mistake in your command. jounalctl --boot -1 is the previous boot. The counting starts at --boot 0 for the current one.

[–] [email protected] 2 points 2 months ago

You're right ofcourse.

[–] [email protected] -1 points 2 months ago (1 children)

What if I'm on another minimal distro, like Artix, that doesn't use systemd? Journald is a systemd thing, and I'm not going to install systemd on top of a perfectly good init system.

[–] eyeon 2 points 2 months ago

If adopt systems then the question is easy to answer: no, journald does everything you need.

without adopting systemd.. well. Are you evaluating going without any log handling at all and maybe just dumping logs ephemerally to tty0? DIYing all log stuff like your init scripts DIY things?

Personally if I had to go without journald I'd probably go back to using syslog-ng. But I guess there's an argument for shipping straight into something like opentelemetry-collector if you're willing to put in a lot of work.