man: update journald rate limit defaults

[elogind.git] / man / journald.conf.xml

diff --git a/man/journald.conf.xml b/man/journald.conf.xml
index 6e43914f23e32893f4a5abe591a2f2319a0e3720..5cd09a217ef710ddc7641e85f99f0188a5f1e97a 100644 (file)
--- a/man/journald.conf.xml
+++ b/man/journald.conf.xml
@@ -54,8 +54,8 @@
         <refsect1>
                 <title>Description</title>
 
         <refsect1>
                 <title>Description</title>
 

-                <para>This files configures various parameters of the
-                systemd journal service
+                <para>This file configures various parameters of the
+                systemd journal service,

                 <citerefentry><refentrytitle>systemd-journald.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
 
         </refsect1>
                 <citerefentry><refentrytitle>systemd-journald.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
 
         </refsect1>


@@ -77,13 +77,13 @@
                                 <literal>persistent</literal>,
                                 <literal>auto</literal> and
                                 <literal>none</literal>. If
                                 <literal>persistent</literal>,
                                 <literal>auto</literal> and
                                 <literal>none</literal>. If

-                                <literal>volatile</literal> journal
+                                <literal>volatile</literal>, journal

                                 log data will be stored only in
                                 memory, i.e. below the
                                 <filename>/run/log/journal</filename>
                                 hierarchy (which is created if
                                 needed). If
                                 log data will be stored only in
                                 memory, i.e. below the
                                 <filename>/run/log/journal</filename>
                                 hierarchy (which is created if
                                 needed). If

-                                <literal>persistent</literal> data will
+                                <literal>persistent</literal>, data will

                                 be stored preferably on disk,
                                 i.e. below the
                                 <filename>/var/log/journal</filename>
                                 be stored preferably on disk,
                                 i.e. below the
                                 <filename>/var/log/journal</filename>


@@ -112,7 +112,7 @@
                                 <term><varname>Compress=</varname></term>
 
                                 <listitem><para>Takes a boolean
                                 <term><varname>Compress=</varname></term>
 
                                 <listitem><para>Takes a boolean

-                                value. If enabled (the default) data
+                                value. If enabled (the default), data

                                 objects that shall be stored in the
                                 journal and are larger than a certain
                                 threshold are compressed with the XZ
                                 objects that shall be stored in the
                                 journal and are larger than a certain
                                 threshold are compressed with the XZ


@@ -125,20 +125,20 @@
                                 <term><varname>Seal=</varname></term>
 
                                 <listitem><para>Takes a boolean
                                 <term><varname>Seal=</varname></term>
 
                                 <listitem><para>Takes a boolean

-                                value. If enabled (the default) and a
+                                value. If enabled (the default), and a

                                 sealing key is available (as created
                                 by
                                 <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>'s
                                 <option>--setup-keys</option>
                                 sealing key is available (as created
                                 by
                                 <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>'s
                                 <option>--setup-keys</option>

-                                command), forward secure sealing (FSS)
+                                command), Forward Secure Sealing (FSS)

                                 for all persistent journal files is
                                 enabled. FSS is based on <ulink
                                 for all persistent journal files is
                                 enabled. FSS is based on <ulink

-                                url="http://eprint.iacr.org/2013/397">Seekable
+                                url="https://eprint.iacr.org/2013/397">Seekable

                                 Sequential Key Generators</ulink> by
                                 Sequential Key Generators</ulink> by

-                                G. A. Marson and B. Poettering and
-                                may be used to protect journal files
-                                from unnoticed
-                                alteration.</para></listitem>
+                                G. A. Marson and B. Poettering
+                                (doi:10.1007/978-3-642-40203-6_7)
+                                and may be used to protect journal files
+                                from unnoticed alteration.</para></listitem>

                         </varlistentry>
 
                         <varlistentry>
                         </varlistentry>
 
                         <varlistentry>


@@ -149,23 +149,23 @@
                                 of <literal>login</literal>,
                                 <literal>uid</literal> and
                                 <literal>none</literal>. If
                                 of <literal>login</literal>,
                                 <literal>uid</literal> and
                                 <literal>none</literal>. If

-                                <literal>login</literal> each logged
-                                in user will get his own journal
+                                <literal>login</literal>, each logged-in
+                                user will get his own journal

                                 files, but systemd user IDs will log
                                 into the system journal. If
                                 files, but systemd user IDs will log
                                 into the system journal. If

-                                <literal>uid</literal> any user ID
+                                <literal>uid</literal>, any user ID

                                 will get his own journal files
                                 will get his own journal files

-                                regardless whether it belongs to a
+                                regardless of whether it belongs to a

                                 system service or refers to a real
                                 logged in user. If
                                 system service or refers to a real
                                 logged in user. If

-                                <literal>none</literal> journal files
-                                are not split up per-user and all
-                                messages are stored in the single
+                                <literal>none</literal>, journal files
+                                are not split up by user and all
+                                messages are instead stored in the single

                                 system journal. Note that splitting
                                 system journal. Note that splitting

-                                up journal files per-user is only
-                                available of journals are stored
+                                up journal files by user is only
+                                available for journals stored

                                 persistently. If journals are stored
                                 persistently. If journals are stored

-                                on volatile storage (see above) only a
+                                on volatile storage (see above), only a

                                 single journal file for all user IDs
                                 is kept. Defaults to
                                 <literal>login</literal>.</para></listitem>
                                 single journal file for all user IDs
                                 is kept. Defaults to
                                 <literal>login</literal>.</para></listitem>


@@ -177,21 +177,21 @@
 
                                 <listitem><para>Configures the rate
                                 limiting that is applied to all
 
                                 <listitem><para>Configures the rate
                                 limiting that is applied to all

-                                messages generated on the system. If
+                                messages generated on the system. If,

                                 in the time interval defined by
                                 in the time interval defined by

-                                <varname>RateLimitInterval=</varname>
+                                <varname>RateLimitInterval=</varname>,

                                 more messages than specified in
                                 <varname>RateLimitBurst=</varname> are
                                 more messages than specified in
                                 <varname>RateLimitBurst=</varname> are

-                                logged by a service all further
+                                logged by a service, all further

                                 messages within the interval are
                                 messages within the interval are

-                                dropped, until the interval is over. A
+                                dropped until the interval is over. A

                                 message about the number of dropped
                                 messages is generated. This rate
                                 limiting is applied per-service, so
                                 that two services which log do not
                                 interfere with each other's
                                 message about the number of dropped
                                 messages is generated. This rate
                                 limiting is applied per-service, so
                                 that two services which log do not
                                 interfere with each other's

-                                limits. Defaults to 200 messages in
-                                10s. The time specification for
+                                limits. Defaults to 1000 messages in
+                                30s. The time specification for

                                 <varname>RateLimitInterval=</varname>
                                 may be specified in the following
                                 units: <literal>s</literal>,
                                 <varname>RateLimitInterval=</varname>
                                 may be specified in the following
                                 units: <literal>s</literal>,


@@ -227,13 +227,13 @@
                                 <filename>/run/log/journal</filename>. The
                                 former is used only when
                                 <filename>/var</filename> is mounted,
                                 <filename>/run/log/journal</filename>. The
                                 former is used only when
                                 <filename>/var</filename> is mounted,

-                                writable and the directory
+                                writable, and the directory

                                 <filename>/var/log/journal</filename>
                                 <filename>/var/log/journal</filename>

-                                exists. Otherwise only the latter
+                                exists. Otherwise, only the latter

                                 applies. Note that this means that
                                 during early boot and if the
                                 administrator disabled persistent
                                 applies. Note that this means that
                                 during early boot and if the
                                 administrator disabled persistent

-                                logging only the latter options apply,
+                                logging, only the latter options apply,

                                 while the former apply if persistent
                                 logging is enabled and the system is
                                 fully booted
                                 while the former apply if persistent
                                 logging is enabled and the system is
                                 fully booted


@@ -250,21 +250,35 @@
                                 <para><varname>SystemMaxUse=</varname>
                                 and <varname>RuntimeMaxUse=</varname>
                                 control how much disk space the
                                 <para><varname>SystemMaxUse=</varname>
                                 and <varname>RuntimeMaxUse=</varname>
                                 control how much disk space the

-                                journal may use up at
-                                maximum. Defaults to 10% of the size
-                                of the respective file
-                                system. <varname>SystemKeepFree=</varname>
-                                and
+                                journal may use up at maximum.
+                                <varname>SystemKeepFree=</varname> and

                                 <varname>RuntimeKeepFree=</varname>
                                 <varname>RuntimeKeepFree=</varname>

-                                control how much disk space the
-                                journal shall always leave free for
-                                other uses if less than the disk space
-                                configured in
-                                <varname>SystemMaxUse=</varname> and
-                                <varname>RuntimeMaxUse=</varname> is
-                                available. Defaults to 15% of the size
-                                of the respective file
-                                system. <varname>SystemMaxFileSize=</varname>
+                                control how much disk space
+                                systemd-journald shall leave free for
+                                other uses.
+                                <command>systemd-journald</command>
+                                will respect both limits and use the
+                                smaller of the two values.</para>
+
+                                <para>The first pair defaults to 10%
+                                and the second to 15% of the size of
+                                the respective file system. If the
+                                file system is nearly full and either
+                                <varname>SystemKeepFree=</varname> or
+                                <varname>RuntimeKeepFree=</varname> is
+                                violated when systemd-journald is
+                                started, the value will be raised to
+                                percentage that is actually free. This
+                                means that if there was enough
+                                free space before and journal files were
+                                created, and subsequently something
+                                else causes the file system to fill
+                                up, journald will stop using more
+                                space, but it will not be removing
+                                existing files to go reduce footprint
+                                either.</para>
+
+                                <para><varname>SystemMaxFileSize=</varname>

                                 and
                                 <varname>RuntimeMaxFileSize=</varname>
                                 control how large individual journal
                                 and
                                 <varname>RuntimeMaxFileSize=</varname>
                                 control how large individual journal


@@ -282,10 +296,10 @@
                                 E as units for the specified sizes
                                 (equal to 1024, 1024²,... bytes).
                                 Note that size limits are enforced
                                 E as units for the specified sizes
                                 (equal to 1024, 1024²,... bytes).
                                 Note that size limits are enforced

-                                synchronously when journal files
-                                are extended, and no explicit
-                                rotation step triggered by
-                                time is needed.</para></listitem>
+                                synchronously when journal files are
+                                extended, and no explicit rotation
+                                step triggered by time is
+                                needed.</para></listitem>

                         </varlistentry>
 
                         <varlistentry>
                         </varlistentry>
 
                         <varlistentry>


@@ -293,23 +307,26 @@
 
                                 <listitem><para>The maximum time to
                                 store entries in a single journal
 
                                 <listitem><para>The maximum time to
                                 store entries in a single journal

-                                file, before rotating to the next
-                                one. Normally time-based rotation
+                                file before rotating to the next
+                                one. Normally, time-based rotation

                                 should not be required as size-based
                                 rotation with options such as
                                 <varname>SystemMaxFileSize=</varname>
                                 should be sufficient to ensure that
                                 should not be required as size-based
                                 rotation with options such as
                                 <varname>SystemMaxFileSize=</varname>
                                 should be sufficient to ensure that

-                                journal files don't grow without
+                                journal files do not grow without

                                 bounds. However, to ensure that not
                                 too much data is lost at once when old
                                 bounds. However, to ensure that not
                                 too much data is lost at once when old

-                                journal files are deleted it might
+                                journal files are deleted, it might

                                 make sense to change this value from
                                 the default of one month. Set to 0 to
                                 turn off this feature. This setting
                                 takes time values which may be
                                 make sense to change this value from
                                 the default of one month. Set to 0 to
                                 turn off this feature. This setting
                                 takes time values which may be

-                                suffixed with the units year, month,
-                                week, day, h, m to override the
-                                default time unit of
+                                suffixed with the units
+                                <literal>year</literal>,
+                                <literal>month</literal>,
+                                <literal>week</literal>, <literal>day</literal>,
+                                <literal>h</literal> or <literal>m</literal>
+                                to override the default time unit of

                                 seconds.</para></listitem>
                         </varlistentry>
 
                                 seconds.</para></listitem>
                         </varlistentry>
 


@@ -321,31 +338,42 @@
                                 controls whether journal files
                                 containing entries older then the
                                 specified time span are
                                 controls whether journal files
                                 containing entries older then the
                                 specified time span are

-                                deleted. Normally time-based deletion
+                                deleted. Normally, time-based deletion

                                 of old journal files should not be
                                 required as size-based deletion with
                                 options such as
                                 <varname>SystemMaxUse=</varname>
                                 should be sufficient to ensure that
                                 of old journal files should not be
                                 required as size-based deletion with
                                 options such as
                                 <varname>SystemMaxUse=</varname>
                                 should be sufficient to ensure that

-                                journal files don't grow without
+                                journal files do not grow without

                                 bounds. However, to enforce data
                                 bounds. However, to enforce data

-                                retention policies it might make sense
+                                retention policies, it might make sense

                                 to change this value from the
                                 default of 0 (which turns off this
                                 feature). This setting also takes
                                 time values which may be suffixed with
                                 to change this value from the
                                 default of 0 (which turns off this
                                 feature). This setting also takes
                                 time values which may be suffixed with

-                                the units year, month, week, day, h, m
+                                the units <literal>year</literal>,
+                                <literal>month</literal>,
+                                <literal>week</literal>, <literal>day</literal>,
+                                <literal>h</literal> or <literal> m</literal>

                                 to override the default time unit of
                                 to override the default time unit of

-                                seconds. </para></listitem>
+                                seconds.</para></listitem>

                         </varlistentry>
 
 
                         <varlistentry>
                                 <term><varname>SyncIntervalSec=</varname></term>
 
                         </varlistentry>
 
 
                         <varlistentry>
                                 <term><varname>SyncIntervalSec=</varname></term>
 

-                                <listitem><para>The timeout before syncing journal
-                                data to disk. After syncing journal files have
-                                OFFLINE state. Default timeout is 5 minutes.
+                                <listitem><para>The timeout before
+                                synchronizing journal files to
+                                disk. After syncing, journal files are
+                                placed in the OFFLINE state. Note that
+                                syncing is unconditionally done
+                                immediately after a log message of
+                                priority CRIT, ALERT or EMERG has been
+                                logged. This setting hence applies
+                                only to messages of the levels ERR,
+                                WARNING, NOTICE, INFO, DEBUG. The
+                                default timeout is 5 minutes.

                                 </para></listitem>
                         </varlistentry>
 
                                 </para></listitem>
                         </varlistentry>
 


@@ -353,25 +381,32 @@
                                 <term><varname>ForwardToSyslog=</varname></term>
                                 <term><varname>ForwardToKMsg=</varname></term>
                                 <term><varname>ForwardToConsole=</varname></term>
                                 <term><varname>ForwardToSyslog=</varname></term>
                                 <term><varname>ForwardToKMsg=</varname></term>
                                 <term><varname>ForwardToConsole=</varname></term>

+                                <term><varname>ForwardToWall=</varname></term>

 
                                 <listitem><para>Control whether log
                                 messages received by the journal
                                 daemon shall be forwarded to a
                                 traditional syslog daemon, to the
 
                                 <listitem><para>Control whether log
                                 messages received by the journal
                                 daemon shall be forwarded to a
                                 traditional syslog daemon, to the

-                                kernel log buffer (kmsg), or to the
-                                system console. These options take
-                                boolean arguments. If forwarding to
-                                syslog is enabled but no syslog daemon
-                                is running the respective option has
-                                no effect. By default only forwarding
-                                to syslog is enabled. These settings
-                                may be overridden at boot time with
-                                the kernel command line options
+                                kernel log buffer (kmsg), to the
+                                system console, or sent as wall
+                                messages to all logged-in users. These
+                                options take boolean arguments. If
+                                forwarding to syslog is enabled but no
+                                syslog daemon is running, the
+                                respective option has no effect. By
+                                default, only forwarding to syslog and
+                                wall is enabled. These settings may be
+                                overridden at boot time with the
+                                kernel command line options

                                 <literal>systemd.journald.forward_to_syslog=</literal>,
                                 <literal>systemd.journald.forward_to_syslog=</literal>,

-                                <literal>systemd.journald.forward_to_kmsg=</literal>
+                                <literal>systemd.journald.forward_to_kmsg=</literal>,
+                                <literal>systemd.journald.forward_to_console=</literal>

                                 and
                                 and

-                                <literal>systemd.journald.forward_to_console=</literal>.
-                                </para></listitem>
+                                <literal>systemd.journald.forward_to_wall=</literal>.
+                                When forwarding to the console, the
+                                TTY to log to can be changed
+                                with <varname>TTYPath=</varname>,
+                                described below.</para></listitem>

                         </varlistentry>
 
                         <varlistentry>
                         </varlistentry>
 
                         <varlistentry>


@@ -379,12 +414,14 @@
                                 <term><varname>MaxLevelSyslog=</varname></term>
                                 <term><varname>MaxLevelKMsg=</varname></term>
                                 <term><varname>MaxLevelConsole=</varname></term>
                                 <term><varname>MaxLevelSyslog=</varname></term>
                                 <term><varname>MaxLevelKMsg=</varname></term>
                                 <term><varname>MaxLevelConsole=</varname></term>

+                                <term><varname>MaxLevelWall=</varname></term>

 
                                 <listitem><para>Controls the maximum
                                 log level of messages that are stored
 
                                 <listitem><para>Controls the maximum
                                 log level of messages that are stored

-                                on disk, forwarded to syslog, kmsg or
-                                the console (if that is enabled, see
-                                above). As argument, takes one of
+                                on disk, forwarded to syslog, kmsg,
+                                the console or wall (if that is
+                                enabled, see above). As argument,
+                                takes one of

                                 <literal>emerg</literal>,
                                 <literal>alert</literal>,
                                 <literal>crit</literal>,
                                 <literal>emerg</literal>,
                                 <literal>alert</literal>,
                                 <literal>crit</literal>,


@@ -405,9 +442,11 @@
                                 written to disk and forwarded to
                                 syslog. Defaults to
                                 <literal>notice</literal> for
                                 written to disk and forwarded to
                                 syslog. Defaults to
                                 <literal>notice</literal> for

-                                <varname>MaxLevelKMsg=</varname> and
+                                <varname>MaxLevelKMsg=</varname>,

                                 <literal>info</literal> for
                                 <literal>info</literal> for

-                                <varname>MaxLevelConsole=</varname>.</para></listitem>
+                                <varname>MaxLevelConsole=</varname> and
+                                <literal>emerg</literal> for
+                                <varname>MaxLevelWall=</varname>.</para></listitem>

                         </varlistentry>
 
                         <varlistentry>
                         </varlistentry>
 
                         <varlistentry>