1 <?xml version='1.0'?> <!--*-nxml-*-->
2 <?xml-stylesheet type="text/xsl" href="http://docbook.sourceforge.net/release/xsl/current/xhtml/docbook.xsl"?>
3 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
4 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
7 This file is part of systemd.
9 Copyright 2010 Lennart Poettering
11 systemd is free software; you can redistribute it and/or modify it
12 under the terms of the GNU Lesser General Public License as published by
13 the Free Software Foundation; either version 2.1 of the License, or
14 (at your option) any later version.
16 systemd is distributed in the hope that it will be useful, but
17 WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 Lesser General Public License for more details.
21 You should have received a copy of the GNU Lesser General Public License
22 along with systemd; If not, see <http://www.gnu.org/licenses/>.
25 <refentry id="journald.conf">
27 <title>journald.conf</title>
28 <productname>systemd</productname>
32 <contrib>Developer</contrib>
33 <firstname>Lennart</firstname>
34 <surname>Poettering</surname>
35 <email>lennart@poettering.net</email>
41 <refentrytitle>journald.conf</refentrytitle>
42 <manvolnum>5</manvolnum>
46 <refname>journald.conf</refname>
47 <refpurpose>Journal service configuration file</refpurpose>
51 <para><filename>/etc/systemd/journald.conf</filename></para>
55 <title>Description</title>
57 <para>This file configures various parameters of the
58 systemd journal service,
59 <citerefentry><refentrytitle>systemd-journald.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
64 <title>Options</title>
66 <para>All options are configured in the
67 <literal>[Journal]</literal> section:</para>
72 <term><varname>Storage=</varname></term>
74 <listitem><para>Controls where to
75 store journal data. One of
76 <literal>volatile</literal>,
77 <literal>persistent</literal>,
78 <literal>auto</literal> and
79 <literal>none</literal>. If
80 <literal>volatile</literal>, journal
81 log data will be stored only in
82 memory, i.e. below the
83 <filename>/run/log/journal</filename>
84 hierarchy (which is created if
86 <literal>persistent</literal>, data will
87 be stored preferably on disk,
89 <filename>/var/log/journal</filename>
90 hierarchy (which is created if
91 needed), with a fallback to
92 <filename>/run/log/journal</filename>
93 (which is created if needed), during
94 early boot and if the disk is not
95 writable. <literal>auto</literal> is
97 <literal>persistent</literal> but the
99 <filename>/var/log/journal</filename>
100 is not created if needed, so that its
101 existence controls where log data
102 goes. <literal>none</literal> turns
103 off all storage, all log data received
104 will be dropped. Forwarding to other
105 targets, such as the console, the
106 kernel log buffer or a syslog daemon
107 will still work however. Defaults to
108 <literal>auto</literal>.</para></listitem>
112 <term><varname>Compress=</varname></term>
114 <listitem><para>Takes a boolean
115 value. If enabled (the default), data
116 objects that shall be stored in the
117 journal and are larger than a certain
118 threshold are compressed with the XZ
119 compression algorithm before they are
121 system.</para></listitem>
125 <term><varname>Seal=</varname></term>
127 <listitem><para>Takes a boolean
128 value. If enabled (the default), and a
129 sealing key is available (as created
131 <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>'s
132 <option>--setup-keys</option>
133 command), Forward Secure Sealing (FSS)
134 for all persistent journal files is
135 enabled. FSS is based on <ulink
136 url="https://eprint.iacr.org/2013/397">Seekable
137 Sequential Key Generators</ulink> by
138 G. A. Marson and B. Poettering
139 (doi:10.1007/978-3-642-40203-6_7)
140 and may be used to protect journal files
141 from unnoticed alteration.</para></listitem>
145 <term><varname>SplitMode=</varname></term>
147 <listitem><para>Controls whether to
148 split up journal files per user. One
149 of <literal>login</literal>,
150 <literal>uid</literal> and
151 <literal>none</literal>. If
152 <literal>login</literal>, each logged-in
153 user will get his own journal
154 files, but systemd user IDs will log
155 into the system journal. If
156 <literal>uid</literal>, any user ID
157 will get his own journal files
158 regardless of whether it belongs to a
159 system service or refers to a real
161 <literal>none</literal>, journal files
162 are not split up by user and all
163 messages are instead stored in the single
164 system journal. Note that splitting
165 up journal files by user is only
166 available for journals stored
167 persistently. If journals are stored
168 on volatile storage (see above), only a
169 single journal file for all user IDs
171 <literal>login</literal>.</para></listitem>
175 <term><varname>RateLimitInterval=</varname></term>
176 <term><varname>RateLimitBurst=</varname></term>
178 <listitem><para>Configures the rate
179 limiting that is applied to all
180 messages generated on the system. If,
181 in the time interval defined by
182 <varname>RateLimitInterval=</varname>,
183 more messages than specified in
184 <varname>RateLimitBurst=</varname> are
185 logged by a service, all further
186 messages within the interval are
187 dropped until the interval is over. A
188 message about the number of dropped
189 messages is generated. This rate
190 limiting is applied per-service, so
191 that two services which log do not
192 interfere with each other's
193 limits. Defaults to 200 messages in
194 10s. The time specification for
195 <varname>RateLimitInterval=</varname>
196 may be specified in the following
197 units: <literal>s</literal>,
198 <literal>min</literal>,
199 <literal>h</literal>,
200 <literal>ms</literal>,
201 <literal>us</literal>. To turn off any
202 kind of rate limiting, set either
203 value to 0.</para></listitem>
207 <term><varname>SystemMaxUse=</varname></term>
208 <term><varname>SystemKeepFree=</varname></term>
209 <term><varname>SystemMaxFileSize=</varname></term>
210 <term><varname>RuntimeMaxUse=</varname></term>
211 <term><varname>RuntimeKeepFree=</varname></term>
212 <term><varname>RuntimeMaxFileSize=</varname></term>
214 <listitem><para>Enforce size limits on
215 the journal files stored. The options
217 <literal>System</literal> apply to the
218 journal files when stored on a
219 persistent file system, more
221 <filename>/var/log/journal</filename>. The
222 options prefixed with
223 <literal>Runtime</literal> apply to
224 the journal files when stored on a
225 volatile in-memory file system, more
227 <filename>/run/log/journal</filename>. The
228 former is used only when
229 <filename>/var</filename> is mounted,
230 writable, and the directory
231 <filename>/var/log/journal</filename>
232 exists. Otherwise, only the latter
233 applies. Note that this means that
234 during early boot and if the
235 administrator disabled persistent
236 logging, only the latter options apply,
237 while the former apply if persistent
238 logging is enabled and the system is
240 up. <command>journalctl</command> and
241 <command>systemd-journald</command>
242 ignore all files with names not ending
243 with <literal>.journal</literal> or
244 <literal>.journal~</literal>, so only
245 such files, located in the appropriate
246 directories, are taken into account
247 when calculating current disk usage.
250 <para><varname>SystemMaxUse=</varname>
251 and <varname>RuntimeMaxUse=</varname>
252 control how much disk space the
253 journal may use up at maximum.
254 <varname>SystemKeepFree=</varname> and
255 <varname>RuntimeKeepFree=</varname>
256 control how much disk space
257 systemd-journald shall leave free for
259 <command>systemd-journald</command>
260 will respect both limits and use the
261 smaller of the two values.</para>
263 <para>The first pair defaults to 10%
264 and the second to 15% of the size of
265 the respective file system. If the
266 file system is nearly full and either
267 <varname>SystemKeepFree=</varname> or
268 <varname>RuntimeKeepFree=</varname> is
269 violated when systemd-journald is
270 started, the value will be raised to
271 percentage that is actually free. This
272 means that if before there was enough
273 free space and journal files were
274 created, and subsequently something
275 else causes the file system to fill
276 up, journald will stop using more
277 space, but it'll will not removing
278 existing files to go reduce footprint
281 <para><varname>SystemMaxFileSize=</varname>
283 <varname>RuntimeMaxFileSize=</varname>
284 control how large individual journal
285 files may grow at maximum. This
286 influences the granularity in which
287 disk space is made available through
288 rotation, i.e. deletion of historic
289 data. Defaults to one eighth of the
290 values configured with
291 <varname>SystemMaxUse=</varname> and
292 <varname>RuntimeMaxUse=</varname>, so
293 that usually seven rotated journal
294 files are kept as history. Specify
295 values in bytes or use K, M, G, T, P,
296 E as units for the specified sizes
297 (equal to 1024, 1024²,... bytes).
298 Note that size limits are enforced
299 synchronously when journal files are
300 extended, and no explicit rotation
301 step triggered by time is
302 needed.</para></listitem>
306 <term><varname>MaxFileSec=</varname></term>
308 <listitem><para>The maximum time to
309 store entries in a single journal
310 file before rotating to the next
311 one. Normally, time-based rotation
312 should not be required as size-based
313 rotation with options such as
314 <varname>SystemMaxFileSize=</varname>
315 should be sufficient to ensure that
316 journal files do not grow without
317 bounds. However, to ensure that not
318 too much data is lost at once when old
319 journal files are deleted, it might
320 make sense to change this value from
321 the default of one month. Set to 0 to
322 turn off this feature. This setting
323 takes time values which may be
324 suffixed with the units
325 <literal>year</literal>,
326 <literal>month</literal>,
327 <literal>week</literal>, <literal>day</literal>,
328 <literal>h</literal> or <literal>m</literal>
329 to override the default time unit of
330 seconds.</para></listitem>
334 <term><varname>MaxRetentionSec=</varname></term>
336 <listitem><para>The maximum time to
337 store journal entries. This
338 controls whether journal files
339 containing entries older then the
340 specified time span are
341 deleted. Normally, time-based deletion
342 of old journal files should not be
343 required as size-based deletion with
345 <varname>SystemMaxUse=</varname>
346 should be sufficient to ensure that
347 journal files do not grow without
348 bounds. However, to enforce data
349 retention policies, it might make sense
350 to change this value from the
351 default of 0 (which turns off this
352 feature). This setting also takes
353 time values which may be suffixed with
354 the units <literal>year</literal>,
355 <literal>month</literal>,
356 <literal>week</literal>, <literal>day</literal>,
357 <literal>h</literal> or <literal> m</literal>
358 to override the default time unit of
359 seconds.</para></listitem>
364 <term><varname>SyncIntervalSec=</varname></term>
366 <listitem><para>The timeout before
367 synchronizing journal files to
368 disk. After syncing, journal files are
369 placed in the OFFLINE state. Note that
370 syncing is unconditionally done
371 immediately after a log message of
372 priority CRIT, ALERT or EMERG has been
373 logged. This setting hence applies
374 only to messages of the levels ERR,
375 WARNING, NOTICE, INFO, DEBUG. The
376 default timeout is 5 minutes.
381 <term><varname>ForwardToSyslog=</varname></term>
382 <term><varname>ForwardToKMsg=</varname></term>
383 <term><varname>ForwardToConsole=</varname></term>
385 <listitem><para>Control whether log
386 messages received by the journal
387 daemon shall be forwarded to a
388 traditional syslog daemon, to the
389 kernel log buffer (kmsg), or to the
390 system console. These options take
391 boolean arguments. If forwarding to
392 syslog is enabled but no syslog daemon
393 is running, the respective option has
394 no effect. By default, only forwarding
395 to syslog is enabled. These settings
396 may be overridden at boot time with
397 the kernel command line options
398 <literal>systemd.journald.forward_to_syslog=</literal>,
399 <literal>systemd.journald.forward_to_kmsg=</literal>
401 <literal>systemd.journald.forward_to_console=</literal>.
402 When forwarding to the console, the
403 TTY to log to log to can be changed
404 with <varname>TTYPath=</varname>,
405 described below.</para></listitem>
409 <term><varname>MaxLevelStore=</varname></term>
410 <term><varname>MaxLevelSyslog=</varname></term>
411 <term><varname>MaxLevelKMsg=</varname></term>
412 <term><varname>MaxLevelConsole=</varname></term>
414 <listitem><para>Controls the maximum
415 log level of messages that are stored
416 on disk, forwarded to syslog, kmsg or
417 the console (if that is enabled, see
418 above). As argument, takes one of
419 <literal>emerg</literal>,
420 <literal>alert</literal>,
421 <literal>crit</literal>,
422 <literal>err</literal>,
423 <literal>warning</literal>,
424 <literal>notice</literal>,
425 <literal>info</literal>,
426 <literal>debug</literal> or integer
427 values in the range of 0..7 (corresponding
428 to the same levels). Messages equal or below
429 the log level specified are
430 stored/forwarded, messages above are
432 <literal>debug</literal> for
433 <varname>MaxLevelStore=</varname> and
434 <varname>MaxLevelSyslog=</varname>, to
435 ensure that the all messages are
436 written to disk and forwarded to
438 <literal>notice</literal> for
439 <varname>MaxLevelKMsg=</varname> and
440 <literal>info</literal> for
441 <varname>MaxLevelConsole=</varname>.</para></listitem>
445 <term><varname>TTYPath=</varname></term>
447 <listitem><para>Change the console TTY
449 <varname>ForwardToConsole=yes</varname>
451 <filename>/dev/console</filename>.</para></listitem>
459 <title>See Also</title>
461 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
462 <citerefentry><refentrytitle>systemd-journald.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
463 <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
464 <citerefentry><refentrytitle>systemd.journal-fields</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
465 <citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
~ianmdlvl / elogind.git / blob