Ubuntu – syslog not showing log levels in messages


Here is sample output of my syslog messages in /var/log/syslog:

Nov 15 20:20:48 ubuntu winbindd[915]: [2011/11/15 20:20:48.940063,  0] winbindd/idmap_tdb.c:287(idmap_tdb_open_db)
Nov 15 20:20:48 ubuntu winbindd[915]:   Upgrade of IDMAP_VERSION from -1 to 2 is not possible with incomplete configuration

How do I see what was the level of message, like info, warn, error etc.?

I am using Ubuntu 10.04 LTS with rsyslog package version 5.8.1-1ubuntu2.

Best Answer

That is the default traditional format.

To output log levels in messages (technically known as priorities), you should change the default template used by rsyslog:

  1. open with admin privileges the file /etc/rsyslog.conf and add the following lines

    $template precise,"%syslogpriority%,%syslogfacility%,%timegenerated%,%HOSTNAME%,%syslogtag%,%msg%\n"
    $ActionFileDefaultTemplate precise

    after the line

    $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
  2. restart the daemon, with the command:

    sudo service rsyslog restart

Now you should see lines like the following:

6,5,Nov 18 10:17:02,acer,rsyslogd:, [origin software="rsyslogd" swVersion="5.8.1" x-pid="7064" x-info="http://www.rsyslog.com"] exiting on signal 15.

where the first two numbers (6 and 5) represent respectively the priority and the facility, where the priority is given by

7 - debug
6 - info
5 - notice
4 - warning, warn
3 - err, error
2 - crit, 
1 - alert, 
0 - emerg, panic

and the facilities can be seen in the syslog(3) man page.