chiark / gitweb /
sd-rtnl: log if kernel buffer is overrun as we currently can't handle that case
[elogind.git] / man / journald.conf.xml
1 <?xml version='1.0'?> <!--*-nxml-*-->
2 <?xml-stylesheet type="text/xsl" href="http://docbook.sourceforge.net/release/xsl/current/xhtml/docbook.xsl"?>
3 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
4         "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
5
6 <!--
7   This file is part of systemd.
8
9   Copyright 2010 Lennart Poettering
10
11   systemd is free software; you can redistribute it and/or modify it
12   under the terms of the GNU Lesser General Public License as published by
13   the Free Software Foundation; either version 2.1 of the License, or
14   (at your option) any later version.
15
16   systemd is distributed in the hope that it will be useful, but
17   WITHOUT ANY WARRANTY; without even the implied warranty of
18   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19   Lesser General Public License for more details.
20
21   You should have received a copy of the GNU Lesser General Public License
22   along with systemd; If not, see <http://www.gnu.org/licenses/>.
23 -->
24
25 <refentry id="journald.conf">
26         <refentryinfo>
27                 <title>journald.conf</title>
28                 <productname>systemd</productname>
29
30                 <authorgroup>
31                         <author>
32                                 <contrib>Developer</contrib>
33                                 <firstname>Lennart</firstname>
34                                 <surname>Poettering</surname>
35                                 <email>lennart@poettering.net</email>
36                         </author>
37                 </authorgroup>
38         </refentryinfo>
39
40         <refmeta>
41                 <refentrytitle>journald.conf</refentrytitle>
42                 <manvolnum>5</manvolnum>
43         </refmeta>
44
45         <refnamediv>
46                 <refname>journald.conf</refname>
47                 <refpurpose>Journal service configuration file</refpurpose>
48         </refnamediv>
49
50         <refsynopsisdiv>
51                 <para><filename>/etc/systemd/journald.conf</filename></para>
52         </refsynopsisdiv>
53
54         <refsect1>
55                 <title>Description</title>
56
57                 <para>This file configures various parameters of the
58                 systemd journal service,
59                 <citerefentry><refentrytitle>systemd-journald.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
60
61         </refsect1>
62
63         <refsect1>
64                 <title>Options</title>
65
66                 <para>All options are configured in the
67                 <literal>[Journal]</literal> section:</para>
68
69                 <variablelist>
70
71                         <varlistentry>
72                                 <term><varname>Storage=</varname></term>
73
74                                 <listitem><para>Controls where to
75                                 store journal data. One of
76                                 <literal>volatile</literal>,
77                                 <literal>persistent</literal>,
78                                 <literal>auto</literal> and
79                                 <literal>none</literal>. If
80                                 <literal>volatile</literal>, journal
81                                 log data will be stored only in
82                                 memory, i.e. below the
83                                 <filename>/run/log/journal</filename>
84                                 hierarchy (which is created if
85                                 needed). If
86                                 <literal>persistent</literal>, data will
87                                 be stored preferably on disk,
88                                 i.e. below the
89                                 <filename>/var/log/journal</filename>
90                                 hierarchy (which is created if
91                                 needed), with a fallback to
92                                 <filename>/run/log/journal</filename>
93                                 (which is created if needed), during
94                                 early boot and if the disk is not
95                                 writable. <literal>auto</literal> is
96                                 similar to
97                                 <literal>persistent</literal> but the
98                                 directory
99                                 <filename>/var/log/journal</filename>
100                                 is not created if needed, so that its
101                                 existence controls where log data
102                                 goes. <literal>none</literal> turns
103                                 off all storage, all log data received
104                                 will be dropped. Forwarding to other
105                                 targets, such as the console, the
106                                 kernel log buffer or a syslog daemon
107                                 will still work however.  Defaults to
108                                 <literal>auto</literal>.</para></listitem>
109                         </varlistentry>
110
111                         <varlistentry>
112                                 <term><varname>Compress=</varname></term>
113
114                                 <listitem><para>Takes a boolean
115                                 value. If enabled (the default), data
116                                 objects that shall be stored in the
117                                 journal and are larger than a certain
118                                 threshold are compressed with the XZ
119                                 compression algorithm before they are
120                                 written to the file
121                                 system.</para></listitem>
122                         </varlistentry>
123
124                         <varlistentry>
125                                 <term><varname>Seal=</varname></term>
126
127                                 <listitem><para>Takes a boolean
128                                 value. If enabled (the default), and a
129                                 sealing key is available (as created
130                                 by
131                                 <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>'s
132                                 <option>--setup-keys</option>
133                                 command), Forward Secure Sealing (FSS)
134                                 for all persistent journal files is
135                                 enabled. FSS is based on <ulink
136                                 url="https://eprint.iacr.org/2013/397">Seekable
137                                 Sequential Key Generators</ulink> by
138                                 G. A. Marson and B. Poettering
139                                 (doi:10.1007/978-3-642-40203-6_7)
140                                 and may be used to protect journal files
141                                 from unnoticed alteration.</para></listitem>
142                         </varlistentry>
143
144                         <varlistentry>
145                                 <term><varname>SplitMode=</varname></term>
146
147                                 <listitem><para>Controls whether to
148                                 split up journal files per user. One
149                                 of <literal>uid</literal>,
150                                 <literal>login</literal> and
151                                 <literal>none</literal>.  If
152                                 <literal>uid</literal>, all users will
153                                 get each their own journal files
154                                 regardless of whether they possess a
155                                 login session or not, however system
156                                 users will log into the system
157                                 journal. If <literal>login</literal>,
158                                 actually logged-in users will get each
159                                 their own journal files, but users
160                                 without login session and system users
161                                 will log into the system journal. If
162                                 <literal>none</literal>, journal files
163                                 are not split up by user and all
164                                 messages are instead stored in the
165                                 single system journal. Note that
166                                 splitting up journal files by user is
167                                 only available for journals stored
168                                 persistently. If journals are stored
169                                 on volatile storage (see above), only
170                                 a single journal file for all user IDs
171                                 is kept. Defaults to
172                                 <literal>uid</literal>.</para></listitem>
173                         </varlistentry>
174
175                         <varlistentry>
176                                 <term><varname>RateLimitInterval=</varname></term>
177                                 <term><varname>RateLimitBurst=</varname></term>
178
179                                 <listitem><para>Configures the rate
180                                 limiting that is applied to all
181                                 messages generated on the system. If,
182                                 in the time interval defined by
183                                 <varname>RateLimitInterval=</varname>,
184                                 more messages than specified in
185                                 <varname>RateLimitBurst=</varname> are
186                                 logged by a service, all further
187                                 messages within the interval are
188                                 dropped until the interval is over. A
189                                 message about the number of dropped
190                                 messages is generated. This rate
191                                 limiting is applied per-service, so
192                                 that two services which log do not
193                                 interfere with each other's
194                                 limits. Defaults to 1000 messages in
195                                 30s. The time specification for
196                                 <varname>RateLimitInterval=</varname>
197                                 may be specified in the following
198                                 units: <literal>s</literal>,
199                                 <literal>min</literal>,
200                                 <literal>h</literal>,
201                                 <literal>ms</literal>,
202                                 <literal>us</literal>. To turn off any
203                                 kind of rate limiting, set either
204                                 value to 0.</para></listitem>
205                         </varlistentry>
206
207                         <varlistentry>
208                                 <term><varname>SystemMaxUse=</varname></term>
209                                 <term><varname>SystemKeepFree=</varname></term>
210                                 <term><varname>SystemMaxFileSize=</varname></term>
211                                 <term><varname>RuntimeMaxUse=</varname></term>
212                                 <term><varname>RuntimeKeepFree=</varname></term>
213                                 <term><varname>RuntimeMaxFileSize=</varname></term>
214
215                                 <listitem><para>Enforce size limits on
216                                 the journal files stored. The options
217                                 prefixed with
218                                 <literal>System</literal> apply to the
219                                 journal files when stored on a
220                                 persistent file system, more
221                                 specifically
222                                 <filename>/var/log/journal</filename>. The
223                                 options prefixed with
224                                 <literal>Runtime</literal> apply to
225                                 the journal files when stored on a
226                                 volatile in-memory file system, more
227                                 specifically
228                                 <filename>/run/log/journal</filename>. The
229                                 former is used only when
230                                 <filename>/var</filename> is mounted,
231                                 writable, and the directory
232                                 <filename>/var/log/journal</filename>
233                                 exists. Otherwise, only the latter
234                                 applies. Note that this means that
235                                 during early boot and if the
236                                 administrator disabled persistent
237                                 logging, only the latter options apply,
238                                 while the former apply if persistent
239                                 logging is enabled and the system is
240                                 fully booted
241                                 up. <command>journalctl</command> and
242                                 <command>systemd-journald</command>
243                                 ignore all files with names not ending
244                                 with <literal>.journal</literal> or
245                                 <literal>.journal~</literal>, so only
246                                 such files, located in the appropriate
247                                 directories, are taken into account
248                                 when calculating current disk usage.
249                                 </para>
250
251                                 <para><varname>SystemMaxUse=</varname>
252                                 and <varname>RuntimeMaxUse=</varname>
253                                 control how much disk space the
254                                 journal may use up at maximum.
255                                 <varname>SystemKeepFree=</varname> and
256                                 <varname>RuntimeKeepFree=</varname>
257                                 control how much disk space
258                                 systemd-journald shall leave free for
259                                 other uses.
260                                 <command>systemd-journald</command>
261                                 will respect both limits and use the
262                                 smaller of the two values.</para>
263
264                                 <para>The first pair defaults to 10%
265                                 and the second to 15% of the size of
266                                 the respective file system. If the
267                                 file system is nearly full and either
268                                 <varname>SystemKeepFree=</varname> or
269                                 <varname>RuntimeKeepFree=</varname> is
270                                 violated when systemd-journald is
271                                 started, the value will be raised to
272                                 percentage that is actually free. This
273                                 means that if there was enough
274                                 free space before and journal files were
275                                 created, and subsequently something
276                                 else causes the file system to fill
277                                 up, journald will stop using more
278                                 space, but it will not be removing
279                                 existing files to go reduce footprint
280                                 either.</para>
281
282                                 <para><varname>SystemMaxFileSize=</varname>
283                                 and
284                                 <varname>RuntimeMaxFileSize=</varname>
285                                 control how large individual journal
286                                 files may grow at maximum. This
287                                 influences the granularity in which
288                                 disk space is made available through
289                                 rotation, i.e. deletion of historic
290                                 data. Defaults to one eighth of the
291                                 values configured with
292                                 <varname>SystemMaxUse=</varname> and
293                                 <varname>RuntimeMaxUse=</varname>, so
294                                 that usually seven rotated journal
295                                 files are kept as history. Specify
296                                 values in bytes or use K, M, G, T, P,
297                                 E as units for the specified sizes
298                                 (equal to 1024, 1024²,... bytes).
299                                 Note that size limits are enforced
300                                 synchronously when journal files are
301                                 extended, and no explicit rotation
302                                 step triggered by time is
303                                 needed.</para></listitem>
304                         </varlistentry>
305
306                         <varlistentry>
307                                 <term><varname>MaxFileSec=</varname></term>
308
309                                 <listitem><para>The maximum time to
310                                 store entries in a single journal
311                                 file before rotating to the next
312                                 one. Normally, time-based rotation
313                                 should not be required as size-based
314                                 rotation with options such as
315                                 <varname>SystemMaxFileSize=</varname>
316                                 should be sufficient to ensure that
317                                 journal files do not grow without
318                                 bounds. However, to ensure that not
319                                 too much data is lost at once when old
320                                 journal files are deleted, it might
321                                 make sense to change this value from
322                                 the default of one month. Set to 0 to
323                                 turn off this feature. This setting
324                                 takes time values which may be
325                                 suffixed with the units
326                                 <literal>year</literal>,
327                                 <literal>month</literal>,
328                                 <literal>week</literal>, <literal>day</literal>,
329                                 <literal>h</literal> or <literal>m</literal>
330                                 to override the default time unit of
331                                 seconds.</para></listitem>
332                         </varlistentry>
333
334                         <varlistentry>
335                                 <term><varname>MaxRetentionSec=</varname></term>
336
337                                 <listitem><para>The maximum time to
338                                 store journal entries. This
339                                 controls whether journal files
340                                 containing entries older then the
341                                 specified time span are
342                                 deleted. Normally, time-based deletion
343                                 of old journal files should not be
344                                 required as size-based deletion with
345                                 options such as
346                                 <varname>SystemMaxUse=</varname>
347                                 should be sufficient to ensure that
348                                 journal files do not grow without
349                                 bounds. However, to enforce data
350                                 retention policies, it might make sense
351                                 to change this value from the
352                                 default of 0 (which turns off this
353                                 feature). This setting also takes
354                                 time values which may be suffixed with
355                                 the units <literal>year</literal>,
356                                 <literal>month</literal>,
357                                 <literal>week</literal>, <literal>day</literal>,
358                                 <literal>h</literal> or <literal> m</literal>
359                                 to override the default time unit of
360                                 seconds.</para></listitem>
361                         </varlistentry>
362
363
364                         <varlistentry>
365                                 <term><varname>SyncIntervalSec=</varname></term>
366
367                                 <listitem><para>The timeout before
368                                 synchronizing journal files to
369                                 disk. After syncing, journal files are
370                                 placed in the OFFLINE state. Note that
371                                 syncing is unconditionally done
372                                 immediately after a log message of
373                                 priority CRIT, ALERT or EMERG has been
374                                 logged. This setting hence applies
375                                 only to messages of the levels ERR,
376                                 WARNING, NOTICE, INFO, DEBUG. The
377                                 default timeout is 5 minutes.
378                                 </para></listitem>
379                         </varlistentry>
380
381                         <varlistentry>
382                                 <term><varname>ForwardToSyslog=</varname></term>
383                                 <term><varname>ForwardToKMsg=</varname></term>
384                                 <term><varname>ForwardToConsole=</varname></term>
385                                 <term><varname>ForwardToWall=</varname></term>
386
387                                 <listitem><para>Control whether log
388                                 messages received by the journal
389                                 daemon shall be forwarded to a
390                                 traditional syslog daemon, to the
391                                 kernel log buffer (kmsg), to the
392                                 system console, or sent as wall
393                                 messages to all logged-in users. These
394                                 options take boolean arguments. If
395                                 forwarding to syslog is enabled but no
396                                 syslog daemon is running, the
397                                 respective option has no effect. By
398                                 default, only forwarding wall is
399                                 enabled. These settings may be
400                                 overridden at boot time with the
401                                 kernel command line options
402                                 <literal>systemd.journald.forward_to_syslog=</literal>,
403                                 <literal>systemd.journald.forward_to_kmsg=</literal>,
404                                 <literal>systemd.journald.forward_to_console=</literal>
405                                 and
406                                 <literal>systemd.journald.forward_to_wall=</literal>.
407                                 When forwarding to the console, the
408                                 TTY to log to can be changed with
409                                 <varname>TTYPath=</varname>, described
410                                 below.</para></listitem>
411                         </varlistentry>
412
413                         <varlistentry>
414                                 <term><varname>MaxLevelStore=</varname></term>
415                                 <term><varname>MaxLevelSyslog=</varname></term>
416                                 <term><varname>MaxLevelKMsg=</varname></term>
417                                 <term><varname>MaxLevelConsole=</varname></term>
418                                 <term><varname>MaxLevelWall=</varname></term>
419
420                                 <listitem><para>Controls the maximum
421                                 log level of messages that are stored
422                                 on disk, forwarded to syslog, kmsg,
423                                 the console or wall (if that is
424                                 enabled, see above). As argument,
425                                 takes one of
426                                 <literal>emerg</literal>,
427                                 <literal>alert</literal>,
428                                 <literal>crit</literal>,
429                                 <literal>err</literal>,
430                                 <literal>warning</literal>,
431                                 <literal>notice</literal>,
432                                 <literal>info</literal>,
433                                 <literal>debug</literal> or integer
434                                 values in the range of 0..7 (corresponding
435                                 to the same levels). Messages equal or below
436                                 the log level specified are
437                                 stored/forwarded, messages above are
438                                 dropped. Defaults to
439                                 <literal>debug</literal> for
440                                 <varname>MaxLevelStore=</varname> and
441                                 <varname>MaxLevelSyslog=</varname>, to
442                                 ensure that the all messages are
443                                 written to disk and forwarded to
444                                 syslog. Defaults to
445                                 <literal>notice</literal> for
446                                 <varname>MaxLevelKMsg=</varname>,
447                                 <literal>info</literal> for
448                                 <varname>MaxLevelConsole=</varname> and
449                                 <literal>emerg</literal> for
450                                 <varname>MaxLevelWall=</varname>.</para></listitem>
451                         </varlistentry>
452
453                         <varlistentry>
454                                 <term><varname>TTYPath=</varname></term>
455
456                                 <listitem><para>Change the console TTY
457                                 to use if
458                                 <varname>ForwardToConsole=yes</varname>
459                                 is used. Defaults to
460                                 <filename>/dev/console</filename>.</para></listitem>
461                         </varlistentry>
462
463                 </variablelist>
464
465         </refsect1>
466
467         <refsect1>
468                   <title>See Also</title>
469                   <para>
470                           <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
471                           <citerefentry><refentrytitle>systemd-journald.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
472                           <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
473                           <citerefentry><refentrytitle>systemd.journal-fields</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
474                           <citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
475                   </para>
476         </refsect1>
477
478 </refentry>