Syslog是一款用于系统监控的优秀软件，基本上在大部分的发行版中都包含有这款软件。然而，Syslog的默认设置极其糟糕。它将记录系统中所有信息，不管这些信息有没有用，而且将它们统统存放在一个奇怪的位置。在这里我将介绍一个很好的Syslog配置，这个配置适用于绝大部分系统。在这个配置中我已经注释了调试信息，因为这些调试信息很快就能在你的log文件中填入大量数据。而且我建议只有当你要处理某些问题的时候才打开这些注释。
    Syslog的规则分成三部分：设备名，优先级和log文件存储路径。下面第一列列出了所有的设备名。下面第二列列出了所有的优先级。
auth               Debug
authpriv           Info
daemon             Notice
cron               Warning
ftp                Error
lpr                Critical
kern               Alert
mail               Emergency
news
syslog
user
uucp
local0-local7
如果你想知道往哪里添加规则，配置文件通常在/etc/syslog.conf。当然，在/etc/sysconfig/syslog文件添加也行。如果你想知道配置文件到底在哪里,参考你的linux系统文档。

一旦你对配置文件做了修改，你必须重启syslog守护程序，你可以用下面命令重启守护程序：
/etc/init.d/syslogd restart

在绝大多数linux系统下，程序可能的两个路径如下：
/etc/init.d/syslogd
/etc/init.d/sysklogd


我已经将local0-local7日志设备的用列说明包含在额外添加的行里。你可以随便使用它们，除了在某些用列中，local7用来记录引导日志。
#############################################
# Easier logging
#############################################
### General Logging
#*.info;*.notoice                                       /log/all.info
#*.warning                                              /log/all.warning
#*.debug                                                /log/all.debug
*.err;*.crit;*.emerg                                    /log/all.err
### Email Logging
#mail.info;mail.notice                                  /log/maillog/maillog.info # Enabling this will make REALLY HUGE log files
mail.warning                                            /log/maillog/maillog.warning
#mail.debug                                             /log/maillog/maillog.debug
mail.err;mail.crit;mail.emerg                           /log/maillog/maillog.err
### FTP Logging
ftp.info;ftp.notice                                     /log/ftplog/ftplog.info
ftp.warning                                             /log/ftplog/ftplog.warning
#ftp.debug                                              /log/ftplog/ftplog.debug
ftp.err;ftp.crit;ftp.emerg                              /log/ftplog/ftplog.err
### Cron Logging
cron.info;cron.notice                                   /log/cron/cron.info
cron.warning                                            /log/cron/cron.warning
#cron.debug                                             /log/cron/cron.debug
cron.err;cron.crit;cron.emerg                           /log/cron/cron.err
### Authpriv Logging
authpriv.info;authpriv.notice                           /log/secure/secure.info
authpriv.warning                                        /log/secure/secure.warning
#authpriv.debug                                         /log/secure/secure.debug
authpriv.err;authpriv.crit;authpriv.emerg               /log/secure/secure.err
### Authentication Logging
auth.info;auth.notice                                   /log/auth/auth.info
auth.warning                                            /log/auth/auth.warning
#auth.debug                                             /log/auth/auth.debug
auth.err;auth.crit;auth.emerg                           /log/auth/auth.err
### Kernel Logging
kern.info;kern.notice                                   /log/kernel/kernel.info
kern.warning                                            /log/kernel/kernel.warning
#kern.debug                                             /log/kernel/kernel.debug
kern.err;kern.crit;kern.emerg                           /log/kernel/kernel.err
### Boot Logging
local7.info;local7.notice                               /log/boot/boot.info
local7.warning                                          /log/boot/boot.warning
#local7.debug                                           /log/boot/boot.debug
local7.err;local7.crit;local7.emerg                     /log/boot/boot.err
### User Logging
user.info;user.notice                                   /log/user/user.info
user.warning                                            /log/user/user.warning
#user.debug                                             /log/user/user.debug
user.err;user.crit;user.emerg                           /log/user/user.err
### Daemon Logging
daemon.info;daemon.notice                               /log/daemon/daemon.info
daemon.warning                                          /log/daemon/daemon.warning
#daemon.debug                                           /log/daemon/daemon.debug
daemon.err;daemon.crit;daemon.emerg                     /log/daemon/daemon.err
### Apache logging using local0
#local0.info;local0.notice                               /log/httpd/httpd.info
#local0.warning                                          /log/httpd/httpd.warning
#local0.debug                                            /log/httpd/httpd.debug
#local0.err;local0.crit;local0.emerg                     /log/httpd/httpd.err
### Clamav logging using local1
#local1.info;local1.notice                               /log/clamav/clamav.info
#local1.warning                                          /log/clamav/clamav.warning
#local1.debug                                            /log/clamav/clamav.debug
#local1.err;local1.crit;local1.emerg

原文地址：
http://www.howtoforge.org/syslog-better-logging-tutorial

配置指南Syslog