我有以下 syslog-ng 配置
@version: 4.6
#
# Syslog-ng default configuration file for Gentoo Linux
# https://bugs.gentoo.org/426814
@include "scl.conf"
options {
threaded(yes);
chain_hostnames(no);
# The default action of syslog-ng is to log a STATS line
# to the file every 10 minutes. That's pretty ugly after a while.
# Change it to every 12 hours so you get a nice daily update of
# how many messages syslog-ng missed (0).
stats(freq(43200));
# The default action of syslog-ng is to log a MARK line
# to the file every 20 minutes. That's seems high for most
# people so turn it down to once an hour. Set it to zero
# if you don't want the functionality at all.
mark_freq(3600);
};
source src { system(); internal(); };
destination messages { file("/var/log/messages"); };
destination kern { file("/var/log/kern.log"); };
destination auth { file("/var/log/auth.log"); };
destination mail { file("/var/log/mail.log"); };
filter kern_f { level(debug..emerg) and facility(kern); };
filter auth_f { level(debug..emerg) and facility(auth) and facility(authpriv); };
filter mail_f { level(debug..emerg) and facility(mail); };
filter default_f { level(debug..emerg) and not (facility(mail)) and not (facility(auth)) and not (facility(kern)); };
# By default messages are logged to tty12...
destination console_all { file("/dev/tty12"); };
# ...if you intend to use /dev/console for programs like xconsole
# you can comment out the destination line above that references /dev/tty12
# and uncomment the line below.
#destination console_all { file("/dev/console"); };
log { source(src); filter(default_f); destination(messages); };
log { source(src); filter(auth_f); destination(auth); };
log { source(src); filter(kern_f); destination(kern); };
log { source(src); filter(mail_f); destination(mail); };
log { source(src); destination(console_all); };
但是我的 kern.log 现在只显示以下日志:
Jun 7 21:48:03 ash kernel: Loading firmware: rtl_nic/rtl8168h-2.fw
Jun 7 21:48:03 ash kernel: Generic FE-GE Realtek PHY r8169-0-700:00: at
tached PHY driver (mii_bus:phy_addr=r8169-0-700:00, irq=MAC)
Jun 7 21:48:03 ash kernel: r8169 0000:07:00.0 enp7s0: Link is Down
Jun 7 21:48:03 ash kernel: warning: `grep' uses wireless extensions whi
ch will stop working for Wi-Fi 7 hardware; use nl80211
Jun 7 21:48:04 ash kernel: (udev-worker) (887) used greatest stack dept
h: 11720 bytes left
Jun 7 21:48:04 ash kernel: iwlwifi 0000:00:14.3: Registered PHC clock:
iwlwifi-PTP, with index: 0
Jun 7 21:48:07 ash kernel: wlp0s20f3: authenticate with **:**:**:**:**:** (local address=**:**:**:**:**:**)
Jun 7 21:48:07 ash kernel: wlp0s20f3: send auth to **:**:**:**:**:** (t
ry 1/3)
Jun 7 21:48:07 ash kernel: wlp0s20f3: authenticated
Jun 7 21:48:07 ash kernel: wlp0s20f3: associate with **:**:**:**:**:**
(try 1/3)
Jun 7 21:48:07 ash kernel: wlp0s20f3: RX AssocResp from **:**:**:**:**:** (capab=0x1111 status=0 aid=5)
Jun 7 21:48:07 ash kernel: wlp0s20f3: associated
Jun 7 21:48:13 ash kernel: Bluetooth: RFCOMM TTY layer initialized
Jun 7 21:48:13 ash kernel: Bluetooth: RFCOMM socket layer initialized
Jun 7 21:48:13 ash kernel: Bluetooth: RFCOMM ver 1.11
使用时sysklogd我曾经获取过所有的信息日志但是切换到后syslog-ng我没有看到这种情况发生?
发生这种情况有什么原因吗?
编辑1:
系统内核详细信息:
Linux ash 6.9.3-gentoo #1 SMP PREEMPT_DYNAMIC Mon Jun 3 21:46:01 IST 2024 x86_64 Intel(R) Core(TM) i5-10300H CPU @ 2.50GHz GenuineIntel GNU/Linux
编辑2:
在 grub 配置中将默认内核日志级别更改为 6,启动后记录表明日志级别已明确设置:
dmesg -l info
[ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-6.9.3-gentoo root=PARTUUID=4a5f5d65-81be-e24d-bedc-aeb2f0b24295 ro loglevel=6 i8042.nopnp mmio_stale_data=full libata.noacpi=1 resume=PARTUUID=c302ea25-d8e2-064e-8ebd-c79276fad2cc drm.edid_firmware=edid/1920x1080_BOE08E8.bin nvidia-drm.modeset=1
但问题仍然存在,我没有看到任何与信息日志级别相对应的内核日志。
令人惊讶的是,日志级别实际上没有设置,
如果我执行cat /proc/sys/kernel/printk,我会看到以下输出,
1 4 1 7
上述输出中第一个整数表示的默认日志级别仍为 1。