How to fix empty system log (“syslog”) on Linux

If your system log (“syslog”) file is empty something is probably wrong. Under normal conditions the system writes to this log all the time and you can easily verify this by executing the following command.

$ cat /var/log/syslog

If everything is working as expected a lot of log messages should be printed on screen. If the syslog however is empty this might be caused by faulty file permissions (wrong owner). You can also try to post a test message to the log yourself to ensure nothing actually gets written to the log.

$ logger This is a test message
$ cat /var/log/syslog
Nov 13 19:58:12 MyComputer root: This is a test message

The result should now look something like the above if the syslog is actually working. If the file however is still empty then you need to verify the file permissions using the ls command:

$ ls -l /var/log/syslog
 -rw-r--r-- 1 root adm 21874 Nov 13 19:35 /var/log/syslog

Here you want to make sure the owner is syslog and the group is adm. If the owner is something other than syslog (as in this example where the owner is root) you could easily solve this by simply change the owner of the file so the “syslog” user can write to the syslog-file:

$ chown syslog:adm /var/log/syslog

Now you can once again run the ls command to make sure file permissions (ownership) is as expected:

$ ls -l /var/log/syslog
-rw-r--r-- 1 syslog adm 21874 Nov 13 19:35 /var/log/syslog