How to fix empty system log (“syslog”) on Linux

If your system log (“syslog”) file is empty something is probably wrong. Under normal conditions the system writes to this log all the time and you can easily verify this by executing the following command.

$ cat /var/log/syslog

If everything is working as expected a lot of log messages should be printed on screen. If the syslog however is empty this might be caused by faulty file permissions (wrong owner). You can also try to post a test message to the log yourself to ensure nothing actually gets written to the log.

$ logger This is a test message
$ cat /var/log/syslog
Nov 13 19:58:12 MyComputer root: This is a test message

The result should now look something like the above if the syslog is actually working. If the file however is still empty then you need to verify the file permissions using the ls command:

$ ls -l /var/log/syslog
 -rw-r--r-- 1 root adm 21874 Nov 13 19:35 /var/log/syslog

Here you want to make sure the owner is syslog and the group is adm. If the owner is something other than syslog (as in this example where the owner is root) you could easily solve this by simply change the owner of the file so the “syslog” user can write to the syslog-file:

$ chown syslog:adm /var/log/syslog

Now you can once again run the ls command to make sure file permissions (ownership) is as expected:

$ ls -l /var/log/syslog
-rw-r--r-- 1 syslog adm 21874 Nov 13 19:35 /var/log/syslog

 

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s