If I’m using Arch or another minimal distro, is it a good idea to install a syslog daemon? Or can I go without?

    • LemmyHead@lemmy.ml
      link
      fedilink
      arrow-up
      3
      ·
      4 months ago

      I also don’t like the duplication of logs in journald and syslog, so I always disable forwarding to syslog

  • nerdovic@discuss.tchncs.de
    link
    fedilink
    Deutsch
    arrow-up
    5
    ·
    4 months ago

    Whatever floats your boat, but if something goes wrong you don’t really have anything to figure out what’s going on.

  • FuckBigTech347@lemmygrad.ml
    link
    fedilink
    arrow-up
    4
    ·
    4 months ago

    It’s not necessary, but a good thing to have if something goes wrong and you want to debug/monitor something. It’s really up to you and your needs.

  • bloodfart@lemmy.ml
    link
    fedilink
    arrow-up
    3
    ·
    4 months ago

    It’s often more useful for minimal installations to keep the system log daemon running so that you can see when things happen and stop them from happening.

    Especially now that even very low power embedded systems run multiple cpu cores at multi-ghz clocks, interface with gigabytes of memory, hundreds of gigabytes of attached storage and communicate through multi-gigabit network links, lots of stuff can be happening that is unwanted or simply unnecessary without any external indications.

    What are you trying to accomplish by not running a syslog daemon?

  • Mactan@lemmy.ml
    link
    fedilink
    arrow-up
    1
    ·
    4 months ago

    wish I knew how to use the journal, seems like there isn’t any good way to just search the previous session’s logs without a mountain of fuss or having to guess file names

    • MummifiedClient5000@feddit.dk
      link
      fedilink
      English
      arrow-up
      2
      ·
      4 months ago

      Check that you actually have persistent storage enabled. (See man journald.conf and search for Storage)

      Read up on the numerous parameters to journalctl. (man journalctl)

      journalctl --boot -2 will show logs from previous boot.

      journalctl --since "-2 weeks" --unit=sshd last two weeks worth of sshd logs.

  • ssm@lemmy.sdf.org
    link
    fedilink
    arrow-up
    5
    arrow-down
    22
    ·
    4 months ago

    If you’re on arch you use redhat’s garbage. On non-corpo linux syslog can be disabled if you want, though I’d prefer to just symlink/mount /var/log to a memory filesystem instead.

    • Markaos@lemmy.one
      link
      fedilink
      arrow-up
      8
      arrow-down
      2
      ·
      4 months ago

      On non-corpo linux syslog can be disabled

      systemctl disable --now systemd-journald

      I’d prefer to just symlink/mount /var/log to a memory filesystem instead

      Set Storage=volatile in /etc/systemd/journald.conf

      • ssm@lemmy.sdf.org
        link
        fedilink
        arrow-up
        1
        arrow-down
        3
        ·
        4 months ago

        Like how you cropped my message to make it seem like I was implying you couldn’t disable logging on systemd

        • Markaos@lemmy.one
          link
          fedilink
          arrow-up
          4
          ·
          4 months ago

          Then what’s the meaning of this whole part?

          On non-corpo linux syslog can be disabled if you want, though I’d prefer to just symlink/mount /var/log to a memory filesystem instead.

          Is it just a random tidbit that could be replaced with a blueberry muffin recipe without any change of meaning of the whole comment? Because it sure won’t help OP at all with their Arch-specific question, so it’s either that, or it provides contrast to the “corpo Linux”, which is how I interpreted it.

          And here’s the remaining part of your comment I left out, just to make sure people won’t lose the context between two three sentence long comments (for those without any attention span, it comes before the previous quoted part):

          If you’re on arch you use redhat’s garbage.