Setting up Drizzle and the Syslog for each other

The UNIX syslog is well-known way for applications to emit potentially interesting messages. A message is merely a string of characters with a some associated metadata. That metadata includes an "identity", a "facility", and a "priority". A daemon process running on the host reads a configuration file, and then collects and processes the messages as they are generated. It can discard them, append them to a text file, or send them them over the network to other syslog daemons.

The "identity" is just a short string of characters, and identifies the source of the events. Traditionally, it is the name of the program. The default syslog identity for the Drizzle server is "drizzled". It is set with the "syslog-ident" option, and can be read, but not changed, via a server variable of the same name.

The syslog "facility" and "priority" values are selected from a predefined list. If you read the UNIX man page syslog(3) or examine the contents of /usr/include/syslog.h, you will find the facilities and priorities defined for your system.

The default syslog facility for the Drizzle server is "local0". It is set with the "syslog-facility" option, and can be examined but not changed, via a server variable of the same name. The Drizzle server has two priority settings. The priority of the query log messages is set with "syslog-logging-priority", and defaults to "info". The priority of the error message messages is set with "syslog-errmsg-priority", and defaults to "warning". These can be read, but not changed, via server variables.

The details of configuring syslog are very specific to your operating system distribution, local operations doctrine, and personal whims. You should carefully read the documentation your distribution's syslog daemon, and understand how it is currently configured.

Create some new empty logfiles, /var/log/drizzled/query.log and /var/log/drizzled/error.log and then configure syslog to send local0.info messages to that query.log and local0.warn messages to that error.log. You may also want to reconfigure such those events do not go to the "catch all" destinations, such as the /var/log/messages and /var/log/syslog files. Also, remember to configure logrotate to manage the the new files.

On a modern Ubuntu system, you do all that like so:

Run the following commands

mkdir -p /var/log/drizzled
touch /var/log/drizzled/query.log
touch /var/log/drizzled/error.log

Create a file named /etc/rsyslog.d/90-drizzled.conf with the following contents:

local0.=info  -/var/log/drizzle/query.log
local0.=warning  /var/log/drizzle/error.log

Find the file named /etc/syslog.d/50-default.conf and change the following lines

Change the line

*.*;auth,authpriv.none -/var/log/syslog

to

*.*;local0.none,auth,authpriv.none -/var/log/syslog

Change the lines

*.=info;*.=notice;*.=warn;\
    auth,authpriv.none;\
    cron,daemon.none;\
    mail,news.none  -/var/log/messages

to

*.=info;*.=notice;*.=warn;\
    local0.none;\
    auth,authpriv.none;\
    cron,daemon.none;\
    mail,news.none  -/var/log/messages

Start drizzle the way you are used to, but add some new options to the command line or to the configuration file.

/sbin/drizzled ${other_options} \
    --syslog-logging-enable \
    --syslog-errmsg-enable

Open up some new terminal windows and run "tail -f" against the new log files, and then connect to the drizzle server you just started, and run some queries. You will see the queries show up in the query log, and if there are any errors, error messages show up in the error log.