]> git.proxmox.com Git - systemd.git/blame - man/journald.conf.d.html
projects / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Imported Upstream version 220
[systemd.git] / man / journald.conf.d.html
CommitLineData
f47781d8
MP		 1<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>journald.conf</title><meta name="generator" content="DocBook XSL Stylesheets V1.78.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><style>
2 a.headerlink {
3 color: #c60f0f;
4 font-size: 0.8em;
5 padding: 0 4px 0 4px;
6 text-decoration: none;
7 visibility: hidden;
8 }
9
10 a.headerlink:hover {
11 background-color: #c60f0f;
12 color: white;
13 }
14
15 h1:hover > a.headerlink, h2:hover > a.headerlink, h3:hover > a.headerlink, dt:hover > a.headerlink {
16 visibility: visible;
17 }
18 </style><a href="index.html">Index </a>·
19 <a href="systemd.directives.html">Directives </a>·
20 <a href="../python-systemd/index.html">Python </a>·
21 <a href="../libudev/index.html">libudev </a>·
e3bff60a 22 <a href="../libudev/index.html">gudev </a><span style="float:right">systemd 220</span><hr><div class="refentry"><a name="journald.conf"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>journald.conf, journald.conf.d — Journal service configuration files</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><p><code class="filename">/etc/systemd/journald.conf</code></p><p><code class="filename">/etc/systemd/journald.conf.d/*.conf</code></p><p><code class="filename">/run/systemd/journald.conf.d/*.conf</code></p><p><code class="filename">/usr/lib/systemd/journald.conf.d/*.conf</code></p></div><div class="refsect1"><a name="idm139651278486960"></a><h2 id="Description">Description<a class="headerlink" title="Permalink to this headline" href="#Description">¶</a></h2><p>These files configure various parameters of the systemd
e735f4d4 23 journal service,
e3bff60a
MP		 24 <a href="systemd-journald.service.html"><span class="citerefentry"><span class="refentrytitle">systemd-journald.service</span>(8)</span></a>.</p></div><div class="refsection"><a name="main-conf"></a><h2>Configuration Directories and Precedence</h2><p>Default configuration is defined during compilation, so a
25 configuration file is only needed when it is necessary to deviate
26 from those defaults. By default the configuration file in
27 <code class="filename">/etc/systemd/</code> contains commented out entries
28 showing the defaults as a guide to the administrator. This file
29 can be edited to create local overrides.
30 </p><p>When packages need to customize the configuration, they can
31 install configuration snippets in
32 <code class="filename">/usr/lib/systemd/*.conf.d/</code>. Files in
33 <code class="filename">/etc/</code> are reserved for the local
34 administrator, who may use this logic to override the
35 configuration files installed by vendor packages. The main
36 configuration file is read before any of the configuration
37 directories, and has the lowest precedence; entries in a file in
38 any configuration directory override entries in the single
39 configuration file. Files in the
40 <code class="filename">*.conf.d/</code> configuration subdirectories
41 are sorted by their filename in lexicographic order, regardless of
42 which of the subdirectories they reside in. If multiple files
43 specify the same option, the entry in the file with the
44 lexicographically latest name takes precedence. It is recommended
45 to prefix all filenames in those subdirectories with a two-digit
46 number and a dash, to simplify the ordering of the files.</p><p>To disable a configuration file supplied by the vendor, the
47 recommended way is to place a symlink to
f47781d8
MP		 48 <code class="filename">/dev/null</code> in the configuration directory in
49 <code class="filename">/etc/</code>, with the same filename as the vendor
e3bff60a 50 configuration file.</p></div><div class="refsect1"><a name="idm139651273530096"></a><h2 id="Options">Options<a class="headerlink" title="Permalink to this headline" href="#Options">¶</a></h2><p>All options are configured in the
e735f4d4
MP		 51 "<code class="literal">[Journal]</code>" section:</p><div class="variablelist"><dl class="variablelist"><dt id="Storage="><span class="term"><code class="varname">Storage=</code></span><a class="headerlink" title="Permalink to this term" href="#Storage=">¶</a></dt><dd><p>Controls where to store journal data. One of
52 "<code class="literal">volatile</code>",
53 "<code class="literal">persistent</code>",
54 "<code class="literal">auto</code>" and
55 "<code class="literal">none</code>". If
56 "<code class="literal">volatile</code>", journal
57 log data will be stored only in memory, i.e. below the
58 <code class="filename">/run/log/journal</code> hierarchy (which is
59 created if needed). If "<code class="literal">persistent</code>", data
60 will be stored preferably on disk, i.e. below the
61 <code class="filename">/var/log/journal</code> hierarchy (which is
62 created if needed), with a fallback to
63 <code class="filename">/run/log/journal</code> (which is created if
64 needed), during early boot and if the disk is not writable.
65 "<code class="literal">auto</code>" is similar to
66 "<code class="literal">persistent</code>" but the directory
67 <code class="filename">/var/log/journal</code> is not created if
68 needed, so that its existence controls where log data goes.
69 "<code class="literal">none</code>" turns off all storage, all log data
70 received will be dropped. Forwarding to other targets, such as
e3bff60a 71 the console, the kernel log buffer, or a syslog socket will
e735f4d4
MP		 72 still work however. Defaults to
73 "<code class="literal">auto</code>".</p></dd><dt id="Compress="><span class="term"><code class="varname">Compress=</code></span><a class="headerlink" title="Permalink to this term" href="#Compress=">¶</a></dt><dd><p>Takes a boolean value. If enabled (the
74 default), data objects that shall be stored in the journal and
75 are larger than a certain threshold are compressed before they
76 are written to the file system.</p></dd><dt id="Seal="><span class="term"><code class="varname">Seal=</code></span><a class="headerlink" title="Permalink to this term" href="#Seal=">¶</a></dt><dd><p>Takes a boolean value. If enabled (the
77 default), and a sealing key is available (as created by
78 <a href="journalctl.html"><span class="citerefentry"><span class="refentrytitle">journalctl</span>(1)</span></a>'s
79 <code class="option">--setup-keys</code> command), Forward Secure Sealing
80 (FSS) for all persistent journal files is enabled. FSS is
81 based on <a class="ulink" href="https://eprint.iacr.org/2013/397" target="_top">Seekable Sequential Key
82 Generators</a> by G. A. Marson and B. Poettering
83 (doi:10.1007/978-3-642-40203-6_7) and may be used to protect
84 journal files from unnoticed alteration.</p></dd><dt id="SplitMode="><span class="term"><code class="varname">SplitMode=</code></span><a class="headerlink" title="Permalink to this term" href="#SplitMode=">¶</a></dt><dd><p>Controls whether to split up journal files per
85 user. One of "<code class="literal">uid</code>", "<code class="literal">login</code>"
86 and "<code class="literal">none</code>". If "<code class="literal">uid</code>", all
87 users will get each their own journal files regardless of
88 whether they possess a login session or not, however system
89 users will log into the system journal. If
90 "<code class="literal">login</code>", actually logged-in users will get
91 each their own journal files, but users without login session
92 and system users will log into the system journal. If
93 "<code class="literal">none</code>", journal files are not split up by
94 user and all messages are instead stored in the single system
95 journal. Note that splitting up journal files by user is only
96 available for journals stored persistently. If journals are
97 stored on volatile storage (see above), only a single journal
98 file for all user IDs is kept. Defaults to
99 "<code class="literal">uid</code>".</p></dd><dt id="RateLimitInterval="><span class="term"><code class="varname">RateLimitInterval=</code>, </span><span class="term"><code class="varname">RateLimitBurst=</code></span><a class="headerlink" title="Permalink to this term" href="#RateLimitInterval=">¶</a></dt><dd><p>Configures the rate limiting that is applied
100 to all messages generated on the system. If, in the time
101 interval defined by <code class="varname">RateLimitInterval=</code>,
102 more messages than specified in
103 <code class="varname">RateLimitBurst=</code> are logged by a service,
104 all further messages within the interval are dropped until the
105 interval is over. A message about the number of dropped
106 messages is generated. This rate limiting is applied
107 per-service, so that two services which log do not interfere
108 with each other's limits. Defaults to 1000 messages in 30s.
109 The time specification for
110 <code class="varname">RateLimitInterval=</code> may be specified in the
111 following units: "<code class="literal">s</code>", "<code class="literal">min</code>",
112 "<code class="literal">h</code>", "<code class="literal">ms</code>",
113 "<code class="literal">us</code>". To turn off any kind of rate limiting,
114 set either value to 0.</p></dd><dt id="SystemMaxUse="><span class="term"><code class="varname">SystemMaxUse=</code>, </span><span class="term"><code class="varname">SystemKeepFree=</code>, </span><span class="term"><code class="varname">SystemMaxFileSize=</code>, </span><span class="term"><code class="varname">RuntimeMaxUse=</code>, </span><span class="term"><code class="varname">RuntimeKeepFree=</code>, </span><span class="term"><code class="varname">RuntimeMaxFileSize=</code></span><a class="headerlink" title="Permalink to this term" href="#SystemMaxUse=">¶</a></dt><dd><p>Enforce size limits on the journal files
115 stored. The options prefixed with "<code class="literal">System</code>"
116 apply to the journal files when stored on a persistent file
117 system, more specifically
118 <code class="filename">/var/log/journal</code>. The options prefixed
119 with "<code class="literal">Runtime</code>" apply to the journal files
120 when stored on a volatile in-memory file system, more
121 specifically <code class="filename">/run/log/journal</code>. The former
122 is used only when <code class="filename">/var</code> is mounted,
123 writable, and the directory
124 <code class="filename">/var/log/journal</code> exists. Otherwise, only
125 the latter applies. Note that this means that during early
126 boot and if the administrator disabled persistent logging,
127 only the latter options apply, while the former apply if
128 persistent logging is enabled and the system is fully booted
129 up. <span class="command"><strong>journalctl</strong></span> and
130 <span class="command"><strong>systemd-journald</strong></span> ignore all files with
131 names not ending with "<code class="literal">.journal</code>" or
132 "<code class="literal">.journal~</code>", so only such files, located in
133 the appropriate directories, are taken into account when
134 calculating current disk usage.
135 </p><p><code class="varname">SystemMaxUse=</code> and
136 <code class="varname">RuntimeMaxUse=</code> control how much disk space
137 the journal may use up at maximum.
138 <code class="varname">SystemKeepFree=</code> and
139 <code class="varname">RuntimeKeepFree=</code> control how much disk
140 space systemd-journald shall leave free for other uses.
141 <span class="command"><strong>systemd-journald</strong></span> will respect both limits
142 and use the smaller of the two values.</p><p>The first pair defaults to 10% and the second to 15% of
143 the size of the respective file system. If the file system is
144 nearly full and either <code class="varname">SystemKeepFree=</code> or
145 <code class="varname">RuntimeKeepFree=</code> is violated when
146 systemd-journald is started, the value will be raised to
147 percentage that is actually free. This means that if there was
148 enough free space before and journal files were created, and
149 subsequently something else causes the file system to fill up,
150 journald will stop using more space, but it will not be
e3bff60a
MP		 151 removing existing files to go reduce footprint either.</p><p><code class="varname">SystemMaxFileSize=</code> and
152 <code class="varname">RuntimeMaxFileSize=</code> control how large
153 individual journal files may grow at maximum. This influences
154 the granularity in which disk space is made available through
155 rotation, i.e. deletion of historic data. Defaults to one
156 eighth of the values configured with
e735f4d4 157 <code class="varname">SystemMaxUse=</code> and
e3bff60a
MP		 158 <code class="varname">RuntimeMaxUse=</code>, so that usually seven
159 rotated journal files are kept as history. Specify values in
160 bytes or use K, M, G, T, P, E as units for the specified sizes
161 (equal to 1024, 1024²,... bytes). Note that size limits are
162 enforced synchronously when journal files are extended, and no
163 explicit rotation step triggered by time is
e735f4d4
MP		 164 needed.</p></dd><dt id="MaxFileSec="><span class="term"><code class="varname">MaxFileSec=</code></span><a class="headerlink" title="Permalink to this term" href="#MaxFileSec=">¶</a></dt><dd><p>The maximum time to store entries in a single
165 journal file before rotating to the next one. Normally,
166 time-based rotation should not be required as size-based
167 rotation with options such as
168 <code class="varname">SystemMaxFileSize=</code> should be sufficient to
169 ensure that journal files do not grow without bounds. However,
170 to ensure that not too much data is lost at once when old
171 journal files are deleted, it might make sense to change this
172 value from the default of one month. Set to 0 to turn off this
173 feature. This setting takes time values which may be suffixed
174 with the units "<code class="literal">year</code>",
175 "<code class="literal">month</code>", "<code class="literal">week</code>",
176 "<code class="literal">day</code>", "<code class="literal">h</code>" or
177 "<code class="literal">m</code>" to override the default time unit of
178 seconds.</p></dd><dt id="MaxRetentionSec="><span class="term"><code class="varname">MaxRetentionSec=</code></span><a class="headerlink" title="Permalink to this term" href="#MaxRetentionSec=">¶</a></dt><dd><p>The maximum time to store journal entries.
179 This controls whether journal files containing entries older
180 then the specified time span are deleted. Normally, time-based
181 deletion of old journal files should not be required as
182 size-based deletion with options such as
183 <code class="varname">SystemMaxUse=</code> should be sufficient to
184 ensure that journal files do not grow without bounds. However,
185 to enforce data retention policies, it might make sense to
186 change this value from the default of 0 (which turns off this
187 feature). This setting also takes time values which may be
188 suffixed with the units "<code class="literal">year</code>",
189 "<code class="literal">month</code>", "<code class="literal">week</code>",
190 "<code class="literal">day</code>", "<code class="literal">h</code>" or "<code class="literal">
191 m</code>" to override the default time unit of
192 seconds.</p></dd><dt id="SyncIntervalSec="><span class="term"><code class="varname">SyncIntervalSec=</code></span><a class="headerlink" title="Permalink to this term" href="#SyncIntervalSec=">¶</a></dt><dd><p>The timeout before synchronizing journal files
193 to disk. After syncing, journal files are placed in the
194 OFFLINE state. Note that syncing is unconditionally done
195 immediately after a log message of priority CRIT, ALERT or
196 EMERG has been logged. This setting hence applies only to
197 messages of the levels ERR, WARNING, NOTICE, INFO, DEBUG. The
198 default timeout is 5 minutes. </p></dd><dt id="ForwardToSyslog="><span class="term"><code class="varname">ForwardToSyslog=</code>, </span><span class="term"><code class="varname">ForwardToKMsg=</code>, </span><span class="term"><code class="varname">ForwardToConsole=</code>, </span><span class="term"><code class="varname">ForwardToWall=</code></span><a class="headerlink" title="Permalink to this term" href="#ForwardToSyslog=">¶</a></dt><dd><p>Control whether log messages received by the
199 journal daemon shall be forwarded to a traditional syslog
200 daemon, to the kernel log buffer (kmsg), to the system
201 console, or sent as wall messages to all logged-in users.
202 These options take boolean arguments. If forwarding to syslog
e3bff60a
MP		 203 is enabled but nothing reads messages from the socket,
204 forwarding to syslog has no effect. By default, only
205 forwarding to wall is enabled. These settings may be
206 overridden at boot time with the kernel command line options
e735f4d4
MP		 207 "<code class="literal">systemd.journald.forward_to_syslog=</code>",
208 "<code class="literal">systemd.journald.forward_to_kmsg=</code>",
e3bff60a 209 "<code class="literal">systemd.journald.forward_to_console=</code>", and
e735f4d4
MP		 210 "<code class="literal">systemd.journald.forward_to_wall=</code>". When
211 forwarding to the console, the TTY to log to can be changed
212 with <code class="varname">TTYPath=</code>, described
213 below.</p></dd><dt id="MaxLevelStore="><span class="term"><code class="varname">MaxLevelStore=</code>, </span><span class="term"><code class="varname">MaxLevelSyslog=</code>, </span><span class="term"><code class="varname">MaxLevelKMsg=</code>, </span><span class="term"><code class="varname">MaxLevelConsole=</code>, </span><span class="term"><code class="varname">MaxLevelWall=</code></span><a class="headerlink" title="Permalink to this term" href="#MaxLevelStore=">¶</a></dt><dd><p>Controls the maximum log level of messages
214 that are stored on disk, forwarded to syslog, kmsg, the
215 console or wall (if that is enabled, see above). As argument,
216 takes one of
217 "<code class="literal">emerg</code>",
218 "<code class="literal">alert</code>",
219 "<code class="literal">crit</code>",
220 "<code class="literal">err</code>",
221 "<code class="literal">warning</code>",
222 "<code class="literal">notice</code>",
223 "<code class="literal">info</code>",
224 "<code class="literal">debug</code>",
225 or integer values in the range of 0..7 (corresponding to the
226 same levels). Messages equal or below the log level specified
227 are stored/forwarded, messages above are dropped. Defaults to
228 "<code class="literal">debug</code>" for <code class="varname">MaxLevelStore=</code>
229 and <code class="varname">MaxLevelSyslog=</code>, to ensure that the all
230 messages are written to disk and forwarded to syslog. Defaults
231 to
232 "<code class="literal">notice</code>" for <code class="varname">MaxLevelKMsg=</code>,
233 "<code class="literal">info</code>" for <code class="varname">MaxLevelConsole=</code>,
234 and "<code class="literal">emerg</code>" for
235 <code class="varname">MaxLevelWall=</code>.</p></dd><dt id="TTYPath="><span class="term"><code class="varname">TTYPath=</code></span><a class="headerlink" title="Permalink to this term" href="#TTYPath=">¶</a></dt><dd><p>Change the console TTY to use if
236 <code class="varname">ForwardToConsole=yes</code> is used. Defaults to
e3bff60a
MP		 237 <code class="filename">/dev/console</code>.</p></dd></dl></div></div><div class="refsect1"><a name="idm139651273443536"></a><h2 id="Forwarding to traditional syslog daemons">Forwarding to traditional syslog daemons<a class="headerlink" title="Permalink to this headline" href="#Forwarding%20to%20traditional%20syslog%20daemons">¶</a></h2><p>
238 Journal events can be transferred to a different logging daemon
239 in two different ways. In the first method, messages are
240 immediately forwarded to a socket
241 (<code class="filename">/run/systemd/journal/syslog</code>), where the
242 traditional syslog daemon can read them. This method is
243 controlled by <code class="varname">ForwardToSyslog=</code> option. In a
244 second method, a syslog daemon behaves like a normal journal
245 client, and reads messages from the journal files, similarly to
246 <a href="journalctl.html"><span class="citerefentry"><span class="refentrytitle">journalctl</span>(1)</span></a>.
247 In this method, messages do not have to be read immediately,
248 which allows a logging daemon which is only started late in boot
249 to access all messages since the start of the system. In
250 addition, full structured meta-data is available to it. This
251 method of course is available only if the messages are stored in
252 a journal file at all. So it will not work if
253 <code class="varname">Storage=none</code> is set. It should be noted that
254 usually the <span class="emphasis"><em>second</em></span> method is used by syslog
255 daemons, so the <code class="varname">Storage=</code> option, and not the
256 <code class="varname">ForwardToSyslog=</code> option, is relevant for them.
257 </p></div><div class="refsect1"><a name="idm139651273438176"></a><h2 id="See Also">See Also<a class="headerlink" title="Permalink to this headline" href="#See%20Also">¶</a></h2><p>
e735f4d4
MP		 258 <a href="systemd.html"><span class="citerefentry"><span class="refentrytitle">systemd</span>(1)</span></a>,
259 <a href="systemd-journald.service.html"><span class="citerefentry"><span class="refentrytitle">systemd-journald.service</span>(8)</span></a>,
260 <a href="journalctl.html"><span class="citerefentry"><span class="refentrytitle">journalctl</span>(1)</span></a>,
261 <a href="systemd.journal-fields.html"><span class="citerefentry"><span class="refentrytitle">systemd.journal-fields</span>(7)</span></a>,
262 <a href="systemd-system.conf.html"><span class="citerefentry"><span class="refentrytitle">systemd-system.conf</span>(5)</span></a>
263 </p></div></div></body></html>
systemd for Proxmox projects