If I’m using Arch or another minimal distro, is it a good idea to install a syslog daemon? Or can I go without?

    • LemmyHead@lemmy.ml
      5·
      2 months ago

      I also don’t like the duplication of logs in journald and syslog, so I always disable forwarding to syslog

    • DeltaWingDragon@sh.itjust.worksOP
      22·
      2 months ago

      What if I’m on another minimal distro, like Artix, that doesn’t use systemd? Journald is a systemd thing, and I’m not going to install systemd on top of a perfectly good init system.

      • nous@programming.devEnglish
        3·
        2 months ago

        Use whatever that distro recommends then - which as far as I can tell seems to be svlogd for runit based systems. Though you should consult their documentation and make your own decision on which logger to use.

  • nerdovic@discuss.tchncs.deDeutsch
    8·
    2 months ago

    Whatever floats your boat, but if something goes wrong you don’t really have anything to figure out what’s going on.

  • FuckBigTech347@lemmygrad.ml
    4·
    2 months ago

    It’s not necessary, but a good thing to have if something goes wrong and you want to debug/monitor something. It’s really up to you and your needs.

  • Mactan@lemmy.ml
    3·
    2 months ago

    wish I knew how to use the journal, seems like there isn’t any good way to just search the previous session’s logs without a mountain of fuss or having to guess file names

    • MummifiedClient5000@feddit.dkEnglish
      8·
      2 months ago

      Check that you actually have persistent storage enabled. (See man journald.conf and search for Storage)

      Read up on the numerous parameters to journalctl. (man journalctl)

      journalctl --boot -2 will show logs from previous boot.

      journalctl --since "-2 weeks" --unit=sshd last two weeks worth of sshd logs.

      • patatahooligan@lemmy.world
        3·
        2 months ago

        I think there’s a minor mistake in your command. jounalctl --boot -1 is the previous boot. The counting starts at --boot 0 for the current one.

      • DeltaWingDragon@sh.itjust.worksOP
        12·
        2 months ago

        What if I’m on another minimal distro, like Artix, that doesn’t use systemd? Journald is a systemd thing, and I’m not going to install systemd on top of a perfectly good init system.

        • eyeon@lemmy.world
          2·
          2 months ago

          If adopt systems then the question is easy to answer: no, journald does everything you need.

          without adopting systemd… well. Are you evaluating going without any log handling at all and maybe just dumping logs ephemerally to tty0? DIYing all log stuff like your init scripts DIY things?

          Personally if I had to go without journald I’d probably go back to using syslog-ng. But I guess there’s an argument for shipping straight into something like opentelemetry-collector if you’re willing to put in a lot of work.

  • bloodfart@lemmy.ml
    3·
    2 months ago

    It’s often more useful for minimal installations to keep the system log daemon running so that you can see when things happen and stop them from happening.

    Especially now that even very low power embedded systems run multiple cpu cores at multi-ghz clocks, interface with gigabytes of memory, hundreds of gigabytes of attached storage and communicate through multi-gigabit network links, lots of stuff can be happening that is unwanted or simply unnecessary without any external indications.

    What are you trying to accomplish by not running a syslog daemon?

      • bloodfart@lemmy.ml
        2·
        2 months ago

        If it’s a race from boot to login prompt then making sure the installer never has to dial out and retrieve packages would be a bigger savings. Making sure the installer is on the fastest bus possible would be huge too. I think one nvme installing to another one would be fastest (assuming enough lanes).

        Don’t take the wheelie bars off your dragster to save weight, wheelies are slow.

    • Markaos@lemmy.one
      112·
      2 months ago

      On non-corpo linux syslog can be disabled

      systemctl disable --now systemd-journald

      I’d prefer to just symlink/mount /var/log to a memory filesystem instead

      Set Storage=volatile in /etc/systemd/journald.conf

        • Markaos@lemmy.one
          101·
          2 months ago

          Then what’s the meaning of this whole part?

          On non-corpo linux syslog can be disabled if you want, though I’d prefer to just symlink/mount /var/log to a memory filesystem instead.

          Is it just a random tidbit that could be replaced with a blueberry muffin recipe without any change of meaning of the whole comment? Because it sure won’t help OP at all with their Arch-specific question, so it’s either that, or it provides contrast to the “corpo Linux”, which is how I interpreted it.

          And here’s the remaining part of your comment I left out, just to make sure people won’t lose the context between two three sentence long comments (for those without any attention span, it comes before the previous quoted part):

          If you’re on arch you use redhat’s garbage.