logger is a command-line tool used in Linux and Unix operating systems in order to add logs to the local /var/log/syslog file or remote Syslog server. logger provides different options for adding logs like setting priority, specifying a remote system or explicitly defining the Syslog port.

logger Help and Usage Information

logger command is installed by default in most of the Linux distributions. So there is no need to install it explicitly. We can print the help and usage information with the -h option like below. The most used options of the logger command will be listed with some description.

$ logger -h

Alternatively for more detailed help and usage information we can look and use the man page of the logger command like below.

$ man logger

logger Command Syntax

logger command has simple syntax where first options provided and then the log or message we want to send Syslog.

logger OPTIONS LOG

•  `OPTIONS` are single or more options to set some attributes like remote server, port, log facility etc.
• `LOG` is the log message we want to add or send. Surrounding with double quotes will make is more reliable.

Linux Syslog

Syslog mechanism is an important part of the Linux logging. Most of the Linux distributions like Ubuntu, Debian, CentOS, Mint, RedHat, Suse stores the log files under the /var/log directory. There are different types of logs under this directory like auth, MySQL, apache, etc. Syslog is a generic log file and the system used to store logs related to the system, services, etc. The syslog file can be viewed with the tail command like below.

$ tail /var/log/syslog

Print Logs From Syslog

Before starting to add a log to the syslog file printing the current syslog file will be very beneficial. We can use different commands to print the syslog file. tail is a command used to print the last 10 lines of the given file. Alternatively, we can provide the line count we want to print explicitly. In the following example, we will print 30 lines from the /var/log/syslog. We will use the -n option in order to specify the line count.

$ tail -n 30 /var/log/syslog

Add Log To Syslog File

Let’s start with a simple example of the logger command. We will just add a single line to the syslog file without providing any option to the logger command. In the following example, we will add the line “This is just a simple log line” to syslog file. Then we will list by using the tail command.

$ logger "This is just a simple log line"

We can see that the log is added to the end of the file which is listed in the bottom. There is also some information about the log like below.

• `Feb 26 01:20:47` is the time stamp or date information about the log when it is added to the syslog file.
• `poftut-com` is the name of the system.
• `ismail` is the user or logger name.

Specify Log Priority or Facility

Generally, logs are prioritized by the log creating resources. This also called a facility used to categorize the logs. We can provide priority or facility by using the -p or --priority long-form option. If we do not provide the priority of facility the default one is user.notice. In the following example, we will set the lof priority as local3.info.

$ logger -p "local3.info" "This is just a simple log line"

Specify Remote Syslog Server IP Address

By default, the logger command will put the given logline into the local system /var/log/syslog file. But this is not the case always. In enterprise environments, the logs should be collected and managed in a central log server. We can use the logger command in order to send the given log into the remote server by providing the IP address or hostname. We will use the -n or --server option to send the remote log server.

 $ logger -n 192.168.1.10 "This is just a simple log line"

Use TCP As Syslog Protocol

Syslog uses the UDP protocol by default. UDP provides faster, low resource and easy transmission of log files. But UDP do not provide complete reliability where TCP comes in. We can change the default transmission protocol UDP into TCP by using the -T or --tcp option.

 $ logger -n 192.168.1.10 -T "This is just a simple log line"

Specify Remote Syslog Server Port Number

When sending a log from the local to the remote system the default port of the syslog is 514 for both UDP and TCP protocols. We can change the port number explicitly by using the -P or --port option by providing the port number.

 $ logger -n 192.168.1.10  -P 1514 "This is just a simple log line"

Redirect Command Output As Log

Linux provides a lot of tools that log their actions precisely. We can use logger command in order to send these commands output as a log. e will just use the bash shell backticks to surround command. Below we will log the command who into the syslog.

$ logger `who`

The last line of the syslog provides the output of the who command which contains username, console number, and date of the currently logged in user.

Log Specified File

We can put a text files contents line by line into the syslog file. We will use the -f option and provide the file we want to log. In this example, we will log the file named hostnames.

$ logger -f hostnames

Set or Limit Log Size

Logs are used to create simple information. So when there are some lines with a lot of data they should be translated or set limit. We can set a limit for the character count of the log lines by using the --size option and the character count we want to set. In the following example, we will set the count or limit as 10.

$ logger --size 10 123456789012345678901234567

Ignore Blank or Empty Lines

While reading log lines from a file there may be some blank or empty lines. Logging empty or blank lines are not efficient so we can ignore the blank or empty lines by using the -e option like below.

$ logger -e -f hostnames