Tech Info 179: System messages on Linux systemd/journald based systems

Vertriebspartner finden

HELIOS Tech Info #179

Tue, 6 Jun 2017

System messages on Linux systemd/journald based systems

Several Linux distributions implement “systemd” as the default startup/init system. Along with “systemd” comes “journald” which is a daemon to collect and store system messages and tends to replace the traditional syslog/rsyslog daemon in the future.

The system messages written by “journald” are in a binary format, and the HELIOS services as of UB64 cannot read this format. This affects the following features:

  • the output of the “psyslog” utility
  • viewing system messages in HELIOS Admin
  • viewing system messages in the IT Monitor app, including the alarm feature

By default, most distributions include a traditional syslog daemon for compatibility. System messages are then stored in the binary journald format as well as in plain text files. The system message functionalities of the HELIOS services work fine on those using the plain text files.

However, some distributions do not include the syslog daemon compatibility by default. On those systems, the installation of a traditional syslog daemon is needed. All tested distributions include suitable packages that can be installed using the system's package manager. The required package is called “rsyslog” in most repositories.

Examples for installing “rsyslog” via command line:

Debian / Ubuntu:
# apt-get install rsyslog

Red Hat / CentOS:
# yum install rsyslog

OpenSUSE / SUSE Leap:
# zypper install rsyslog3

If you have no online repository access check your distribution CD/DVDs for the required packages and install these according to the distribution's manual.

After installing, restart “journald” to make it aware of the presence of a legacy daemon:

# systemctl restart systemd-journald

“journald” should forward all system messages to rsyslog automatically. You can simply try this out using the following command:

# psyslog -t me "testing rsyslog"

The message should be written to the “syslog” or “messages” files in “/var/log”. Verify using “psyslog” again:

# psyslog

The forward functionality of “journald” should be enabled by default. However, your Linux distribution may have custom defaults. Check for the “ForwardToSyslog” option in “/etc/systemd/journald.conf” and set it to “yes”, if needed.

We plan to support the binary system messages format of “journald” in a future release.