# nginx syslogd configuration



## digrouz (Dec 27, 2011)

Hello,

I would like to configure my syslogd server to:

Stop logging nginx to /var/log/messages
Log access to /var/log/nginx/access.log
Log errors to /var/log/nginx/error.log

How can I achieve that?

Here is my /etc/syslogd.conf:

```
# $FreeBSD: releng/9.0/etc/syslog.conf 194005 2009-06-11 15:07:02Z avg $
#
#       Spaces ARE valid field separators in this file. However,
#       other *nix-like systems still insist on using tabs as field
#       separators. If you are sharing this file between systems, you
#       may want to use only tabs as field separators here.
#       Consult the syslog.conf(5) manpage.
*.err;kern.warning;auth.notice;mail.crit                /dev/console
*.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err   /var/log/messages
security.*                                      /var/log/security
auth.info;authpriv.info                         /var/log/auth.log
mail.info                                       /var/log/maillog
lpr.info                                        /var/log/lpd-errs
ftp.info                                        /var/log/xferlog
cron.*                                          /var/log/cron
*.=debug                                        /var/log/debug.log
*.emerg                                         *
# uncomment this to log all writes to /dev/console to /var/log/console.log
#console.info                                   /var/log/console.log
# uncomment this to enable logging of all log messages to /var/log/all.log
# touch /var/log/all.log and chmod it to mode 600 before it will work
#*.*                                            /var/log/all.log
# uncomment this to enable logging to a remote loghost named loghost
#*.*                                            @loghost
# uncomment these if you're running inn
# news.crit                                     /var/log/news/news.crit
# news.err                                      /var/log/news/news.err
# news.notice                                   /var/log/news/news.notice
!nginx
*.*                                             /var/log/nginx/access.log
!ppp
*.*                                             /var/log/ppp.log
!*
```


----------



## fefo (Dec 27, 2011)

Why don't you just change nginx.conf?


```
error_log  /var/log/nginx/error.log;

http {
..
..
access_log  /var/log/nginx/access.log;
..
..
};
```


----------



## digrouz (Dec 27, 2011)

just to understand how to do it with syslogd


----------



## DutchDaemon (Dec 28, 2011)

If nginx does not allow you to specify your own syslog facility (like e.g. local7.*) it probably only supports logging to  the daemon.notice facility (which goes to /var/log/messages) or to append to a log file of your own choice. Another option would be sysutils/syslog-ng which allows you to filter syslog messages using e.g. strings.


----------



## digrouz (Dec 28, 2011)

I see, so the method of fefo seems to be better..?


----------



## DutchDaemon (Dec 29, 2011)

Yes, simply defining a log file is the easiest way. You can still rotate those logfiles using newsyslog.conf(5), unless nginx has a setting to prune/rename/discard them.


----------

