If I’m using Arch or another minimal distro, is it a good idea to install a syslog daemon? Or can I go without?

  • Mactan@lemmy.ml
    link
    fedilink
    arrow-up
    3
    ·
    4 months ago

    wish I knew how to use the journal, seems like there isn’t any good way to just search the previous session’s logs without a mountain of fuss or having to guess file names

    • MummifiedClient5000@feddit.dk
      link
      fedilink
      English
      arrow-up
      7
      ·
      4 months ago

      Check that you actually have persistent storage enabled. (See man journald.conf and search for Storage)

      Read up on the numerous parameters to journalctl. (man journalctl)

      journalctl --boot -2 will show logs from previous boot.

      journalctl --since "-2 weeks" --unit=sshd last two weeks worth of sshd logs.

      • patatahooligan@lemmy.world
        link
        fedilink
        arrow-up
        3
        ·
        4 months ago

        I think there’s a minor mistake in your command. jounalctl --boot -1 is the previous boot. The counting starts at --boot 0 for the current one.

      • DeltaWingDragon@sh.itjust.worksOP
        link
        fedilink
        arrow-up
        1
        arrow-down
        2
        ·
        4 months ago

        What if I’m on another minimal distro, like Artix, that doesn’t use systemd? Journald is a systemd thing, and I’m not going to install systemd on top of a perfectly good init system.

        • eyeon@lemmy.world
          link
          fedilink
          arrow-up
          2
          ·
          4 months ago

          If adopt systems then the question is easy to answer: no, journald does everything you need.

          without adopting systemd… well. Are you evaluating going without any log handling at all and maybe just dumping logs ephemerally to tty0? DIYing all log stuff like your init scripts DIY things?

          Personally if I had to go without journald I’d probably go back to using syslog-ng. But I guess there’s an argument for shipping straight into something like opentelemetry-collector if you’re willing to put in a lot of work.