]> git.ipfire.org Git - thirdparty/systemd.git/blob - man/journald.conf.xml
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge pull request #57 from pwithnall/wip/pwithnall/udev-virtualbox-rules
[thirdparty/systemd.git] / man / journald.conf.xml
1 <?xml version='1.0'?> <!--*-nxml-*-->
2 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
3 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
4 <!ENTITY % entities SYSTEM "custom-entities.ent" >
5 %entities;
6 ]>
7
8 <!--
9 This file is part of systemd.
10
11 Copyright 2010 Lennart Poettering
12
13 systemd is free software; you can redistribute it and/or modify it
14 under the terms of the GNU Lesser General Public License as published by
15 the Free Software Foundation; either version 2.1 of the License, or
16 (at your option) any later version.
17
18 systemd is distributed in the hope that it will be useful, but
19 WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 Lesser General Public License for more details.
22
23 You should have received a copy of the GNU Lesser General Public License
24 along with systemd; If not, see <http://www.gnu.org/licenses/>.
25 -->
26
27 <refentry id="journald.conf"
28 xmlns:xi="http://www.w3.org/2001/XInclude">
29 <refentryinfo>
30 <title>journald.conf</title>
31 <productname>systemd</productname>
32
33 <authorgroup>
34 <author>
35 <contrib>Developer</contrib>
36 <firstname>Lennart</firstname>
37 <surname>Poettering</surname>
38 <email>lennart@poettering.net</email>
39 </author>
40 </authorgroup>
41 </refentryinfo>
42
43 <refmeta>
44 <refentrytitle>journald.conf</refentrytitle>
45 <manvolnum>5</manvolnum>
46 </refmeta>
47
48 <refnamediv>
49 <refname>journald.conf</refname>
50 <refname>journald.conf.d</refname>
51 <refpurpose>Journal service configuration files</refpurpose>
52 </refnamediv>
53
54 <refsynopsisdiv>
55 <para><filename>&pkgsysconfdir;/journald.conf</filename></para>
56 <para><filename>&pkgsysconfdir;/journald.conf.d/*.conf</filename></para>
57 <para><filename>/run/systemd/journald.conf.d/*.conf</filename></para>
58 <para><filename>&rootlibexecdir;/journald.conf.d/*.conf</filename></para>
59 </refsynopsisdiv>
60
61 <refsect1>
62 <title>Description</title>
63
64 <para>These files configure various parameters of the systemd
65 journal service,
66 <citerefentry><refentrytitle>systemd-journald.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
67
68 </refsect1>
69
70 <xi:include href="standard-conf.xml" xpointer="main-conf" />
71
72 <refsect1>
73 <title>Options</title>
74
75 <para>All options are configured in the
76 <literal>[Journal]</literal> section:</para>
77
78 <variablelist>
79
80 <varlistentry>
81 <term><varname>Storage=</varname></term>
82
83 <listitem><para>Controls where to store journal data. One of
84 <literal>volatile</literal>,
85 <literal>persistent</literal>,
86 <literal>auto</literal> and
87 <literal>none</literal>. If
88 <literal>volatile</literal>, journal
89 log data will be stored only in memory, i.e. below the
90 <filename>/run/log/journal</filename> hierarchy (which is
91 created if needed). If <literal>persistent</literal>, data
92 will be stored preferably on disk, i.e. below the
93 <filename>/var/log/journal</filename> hierarchy (which is
94 created if needed), with a fallback to
95 <filename>/run/log/journal</filename> (which is created if
96 needed), during early boot and if the disk is not writable.
97 <literal>auto</literal> is similar to
98 <literal>persistent</literal> but the directory
99 <filename>/var/log/journal</filename> is not created if
100 needed, so that its existence controls where log data goes.
101 <literal>none</literal> turns off all storage, all log data
102 received will be dropped. Forwarding to other targets, such as
103 the console, the kernel log buffer, or a syslog socket will
104 still work however. Defaults to
105 <literal>auto</literal>.</para></listitem>
106 </varlistentry>
107
108 <varlistentry>
109 <term><varname>Compress=</varname></term>
110
111 <listitem><para>Takes a boolean value. If enabled (the
112 default), data objects that shall be stored in the journal and
113 are larger than a certain threshold are compressed before they
114 are written to the file system.</para></listitem>
115 </varlistentry>
116
117 <varlistentry>
118 <term><varname>Seal=</varname></term>
119
120 <listitem><para>Takes a boolean value. If enabled (the
121 default), and a sealing key is available (as created by
122 <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>'s
123 <option>--setup-keys</option> command), Forward Secure Sealing
124 (FSS) for all persistent journal files is enabled. FSS is
125 based on <ulink
126 url="https://eprint.iacr.org/2013/397">Seekable Sequential Key
127 Generators</ulink> by G. A. Marson and B. Poettering
128 (doi:10.1007/978-3-642-40203-6_7) and may be used to protect
129 journal files from unnoticed alteration.</para></listitem>
130 </varlistentry>
131
132 <varlistentry>
133 <term><varname>SplitMode=</varname></term>
134
135 <listitem><para>Controls whether to split up journal files per
136 user. One of <literal>uid</literal>, <literal>login</literal>
137 and <literal>none</literal>. If <literal>uid</literal>, all
138 users will get each their own journal files regardless of
139 whether they possess a login session or not, however system
140 users will log into the system journal. If
141 <literal>login</literal>, actually logged-in users will get
142 each their own journal files, but users without login session
143 and system users will log into the system journal. If
144 <literal>none</literal>, journal files are not split up by
145 user and all messages are instead stored in the single system
146 journal. Note that splitting up journal files by user is only
147 available for journals stored persistently. If journals are
148 stored on volatile storage (see above), only a single journal
149 file for all user IDs is kept. Defaults to
150 <literal>uid</literal>.</para></listitem>
151 </varlistentry>
152
153 <varlistentry>
154 <term><varname>RateLimitInterval=</varname></term>
155 <term><varname>RateLimitBurst=</varname></term>
156
157 <listitem><para>Configures the rate limiting that is applied
158 to all messages generated on the system. If, in the time
159 interval defined by <varname>RateLimitInterval=</varname>,
160 more messages than specified in
161 <varname>RateLimitBurst=</varname> are logged by a service,
162 all further messages within the interval are dropped until the
163 interval is over. A message about the number of dropped
164 messages is generated. This rate limiting is applied
165 per-service, so that two services which log do not interfere
166 with each other's limits. Defaults to 1000 messages in 30s.
167 The time specification for
168 <varname>RateLimitInterval=</varname> may be specified in the
169 following units: <literal>s</literal>, <literal>min</literal>,
170 <literal>h</literal>, <literal>ms</literal>,
171 <literal>us</literal>. To turn off any kind of rate limiting,
172 set either value to 0.</para></listitem>
173 </varlistentry>
174
175 <varlistentry>
176 <term><varname>SystemMaxUse=</varname></term>
177 <term><varname>SystemKeepFree=</varname></term>
178 <term><varname>SystemMaxFileSize=</varname></term>
179 <term><varname>RuntimeMaxUse=</varname></term>
180 <term><varname>RuntimeKeepFree=</varname></term>
181 <term><varname>RuntimeMaxFileSize=</varname></term>
182
183 <listitem><para>Enforce size limits on the journal files
184 stored. The options prefixed with <literal>System</literal>
185 apply to the journal files when stored on a persistent file
186 system, more specifically
187 <filename>/var/log/journal</filename>. The options prefixed
188 with <literal>Runtime</literal> apply to the journal files
189 when stored on a volatile in-memory file system, more
190 specifically <filename>/run/log/journal</filename>. The former
191 is used only when <filename>/var</filename> is mounted,
192 writable, and the directory
193 <filename>/var/log/journal</filename> exists. Otherwise, only
194 the latter applies. Note that this means that during early
195 boot and if the administrator disabled persistent logging,
196 only the latter options apply, while the former apply if
197 persistent logging is enabled and the system is fully booted
198 up. <command>journalctl</command> and
199 <command>systemd-journald</command> ignore all files with
200 names not ending with <literal>.journal</literal> or
201 <literal>.journal~</literal>, so only such files, located in
202 the appropriate directories, are taken into account when
203 calculating current disk usage.
204 </para>
205
206 <para><varname>SystemMaxUse=</varname> and
207 <varname>RuntimeMaxUse=</varname> control how much disk space
208 the journal may use up at maximum.
209 <varname>SystemKeepFree=</varname> and
210 <varname>RuntimeKeepFree=</varname> control how much disk
211 space systemd-journald shall leave free for other uses.
212 <command>systemd-journald</command> will respect both limits
213 and use the smaller of the two values.</para>
214
215 <para>The first pair defaults to 10% and the second to 15% of
216 the size of the respective file system. If the file system is
217 nearly full and either <varname>SystemKeepFree=</varname> or
218 <varname>RuntimeKeepFree=</varname> is violated when
219 systemd-journald is started, the value will be raised to
220 percentage that is actually free. This means that if there was
221 enough free space before and journal files were created, and
222 subsequently something else causes the file system to fill up,
223 journald will stop using more space, but it will not be
224 removing existing files to go reduce footprint either.</para>
225
226 <para><varname>SystemMaxFileSize=</varname> and
227 <varname>RuntimeMaxFileSize=</varname> control how large
228 individual journal files may grow at maximum. This influences
229 the granularity in which disk space is made available through
230 rotation, i.e. deletion of historic data. Defaults to one
231 eighth of the values configured with
232 <varname>SystemMaxUse=</varname> and
233 <varname>RuntimeMaxUse=</varname>, so that usually seven
234 rotated journal files are kept as history. Specify values in
235 bytes or use K, M, G, T, P, E as units for the specified sizes
236 (equal to 1024, 1024²,... bytes). Note that size limits are
237 enforced synchronously when journal files are extended, and no
238 explicit rotation step triggered by time is
239 needed.</para></listitem>
240 </varlistentry>
241
242 <varlistentry>
243 <term><varname>MaxFileSec=</varname></term>
244
245 <listitem><para>The maximum time to store entries in a single
246 journal file before rotating to the next one. Normally,
247 time-based rotation should not be required as size-based
248 rotation with options such as
249 <varname>SystemMaxFileSize=</varname> should be sufficient to
250 ensure that journal files do not grow without bounds. However,
251 to ensure that not too much data is lost at once when old
252 journal files are deleted, it might make sense to change this
253 value from the default of one month. Set to 0 to turn off this
254 feature. This setting takes time values which may be suffixed
255 with the units <literal>year</literal>,
256 <literal>month</literal>, <literal>week</literal>,
257 <literal>day</literal>, <literal>h</literal> or
258 <literal>m</literal> to override the default time unit of
259 seconds.</para></listitem>
260 </varlistentry>
261
262 <varlistentry>
263 <term><varname>MaxRetentionSec=</varname></term>
264
265 <listitem><para>The maximum time to store journal entries.
266 This controls whether journal files containing entries older
267 then the specified time span are deleted. Normally, time-based
268 deletion of old journal files should not be required as
269 size-based deletion with options such as
270 <varname>SystemMaxUse=</varname> should be sufficient to
271 ensure that journal files do not grow without bounds. However,
272 to enforce data retention policies, it might make sense to
273 change this value from the default of 0 (which turns off this
274 feature). This setting also takes time values which may be
275 suffixed with the units <literal>year</literal>,
276 <literal>month</literal>, <literal>week</literal>,
277 <literal>day</literal>, <literal>h</literal> or <literal>
278 m</literal> to override the default time unit of
279 seconds.</para></listitem>
280 </varlistentry>
281
282
283 <varlistentry>
284 <term><varname>SyncIntervalSec=</varname></term>
285
286 <listitem><para>The timeout before synchronizing journal files
287 to disk. After syncing, journal files are placed in the
288 OFFLINE state. Note that syncing is unconditionally done
289 immediately after a log message of priority CRIT, ALERT or
290 EMERG has been logged. This setting hence applies only to
291 messages of the levels ERR, WARNING, NOTICE, INFO, DEBUG. The
292 default timeout is 5 minutes. </para></listitem>
293 </varlistentry>
294
295 <varlistentry>
296 <term><varname>ForwardToSyslog=</varname></term>
297 <term><varname>ForwardToKMsg=</varname></term>
298 <term><varname>ForwardToConsole=</varname></term>
299 <term><varname>ForwardToWall=</varname></term>
300
301 <listitem><para>Control whether log messages received by the
302 journal daemon shall be forwarded to a traditional syslog
303 daemon, to the kernel log buffer (kmsg), to the system
304 console, or sent as wall messages to all logged-in users.
305 These options take boolean arguments. If forwarding to syslog
306 is enabled but nothing reads messages from the socket,
307 forwarding to syslog has no effect. By default, only
308 forwarding to wall is enabled. These settings may be
309 overridden at boot time with the kernel command line options
310 <literal>systemd.journald.forward_to_syslog=</literal>,
311 <literal>systemd.journald.forward_to_kmsg=</literal>,
312 <literal>systemd.journald.forward_to_console=</literal>, and
313 <literal>systemd.journald.forward_to_wall=</literal>. When
314 forwarding to the console, the TTY to log to can be changed
315 with <varname>TTYPath=</varname>, described
316 below.</para></listitem>
317 </varlistentry>
318
319 <varlistentry>
320 <term><varname>MaxLevelStore=</varname></term>
321 <term><varname>MaxLevelSyslog=</varname></term>
322 <term><varname>MaxLevelKMsg=</varname></term>
323 <term><varname>MaxLevelConsole=</varname></term>
324 <term><varname>MaxLevelWall=</varname></term>
325
326 <listitem><para>Controls the maximum log level of messages
327 that are stored on disk, forwarded to syslog, kmsg, the
328 console or wall (if that is enabled, see above). As argument,
329 takes one of
330 <literal>emerg</literal>,
331 <literal>alert</literal>,
332 <literal>crit</literal>,
333 <literal>err</literal>,
334 <literal>warning</literal>,
335 <literal>notice</literal>,
336 <literal>info</literal>,
337 <literal>debug</literal>,
338 or integer values in the range of 0..7 (corresponding to the
339 same levels). Messages equal or below the log level specified
340 are stored/forwarded, messages above are dropped. Defaults to
341 <literal>debug</literal> for <varname>MaxLevelStore=</varname>
342 and <varname>MaxLevelSyslog=</varname>, to ensure that the all
343 messages are written to disk and forwarded to syslog. Defaults
344 to
345 <literal>notice</literal> for <varname>MaxLevelKMsg=</varname>,
346 <literal>info</literal> for <varname>MaxLevelConsole=</varname>,
347 and <literal>emerg</literal> for
348 <varname>MaxLevelWall=</varname>.</para></listitem>
349 </varlistentry>
350
351 <varlistentry>
352 <term><varname>TTYPath=</varname></term>
353
354 <listitem><para>Change the console TTY to use if
355 <varname>ForwardToConsole=yes</varname> is used. Defaults to
356 <filename>/dev/console</filename>.</para></listitem>
357 </varlistentry>
358
359 </variablelist>
360
361 </refsect1>
362
363 <refsect1>
364 <title>Forwarding to traditional syslog daemons</title>
365
366 <para>
367 Journal events can be transferred to a different logging daemon
368 in two different ways. In the first method, messages are
369 immediately forwarded to a socket
370 (<filename>/run/systemd/journal/syslog</filename>), where the
371 traditional syslog daemon can read them. This method is
372 controlled by <varname>ForwardToSyslog=</varname> option. In a
373 second method, a syslog daemon behaves like a normal journal
374 client, and reads messages from the journal files, similarly to
375 <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
376 In this method, messages do not have to be read immediately,
377 which allows a logging daemon which is only started late in boot
378 to access all messages since the start of the system. In
379 addition, full structured meta-data is available to it. This
380 method of course is available only if the messages are stored in
381 a journal file at all. So it will not work if
382 <varname>Storage=none</varname> is set. It should be noted that
383 usually the <emphasis>second</emphasis> method is used by syslog
384 daemons, so the <varname>Storage=</varname> option, and not the
385 <varname>ForwardToSyslog=</varname> option, is relevant for them.
386 </para>
387 </refsect1>
388
389 <refsect1>
390 <title>See Also</title>
391 <para>
392 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
393 <citerefentry><refentrytitle>systemd-journald.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
394 <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
395 <citerefentry><refentrytitle>systemd.journal-fields</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
396 <citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
397 </para>
398 </refsect1>
399
400 </refentry>
Unnamed repository; edit this file 'description' to name the repository.