Editorial review of Local Logging section.

Sponsored by:	iXsystems

1 files changed, 62 insertions, 63 deletions

diff --git a/en_US.ISO8859-1/books/handbook/config/chapter.xml b/en_US.ISO8859-1/books/handbook/config/chapter.xml
index d1c380a591..294d6ffc95 100644
--- a/en_US.ISO8859-1/books/handbook/config/chapter.xml
+++ b/en_US.ISO8859-1/books/handbook/config/chapter.xml
@@ -1225,28 +1225,24 @@ ifconfig_fxp0_alias7="inet 202.0.75.20 netmask 255.255.255.255"</programlisting>
       <primary>&man.syslogd.8;</primary>
     </indexterm>
 
-    <para>System logging is an important aspect of system
-      administration.  It is used to detect hardware and software
-      issues and errors in the system.  It plays an important role
-      in security auditing and incident response.  System daemons
-      without a controlling terminal usually log information to a
-      system logging facility or other log file.</para>
-
-      <para>In the default &os; configuration, &man.syslogd.8; is
-	started at boot.  This is controlled by the variable
+    <para>Generating and reading system logs is an important aspect of system
+      administration.  The information in system logs can be used to detect hardware and software
+      issues as well as application and system configuration errors.  This information also plays an important role
+      in security auditing and incident response.  Most system daemons
+      and applications will generate log entries.</para>
+
+    <para>&os; provides a system logger,
+      <application>syslogd</application>, to manage logging.  By
+      default, <application>syslogd</application> is
+	started when the system boots.  This is controlled by the variable
 	<literal>syslogd_enable</literal> in
 	<filename>/etc/rc.conf</filename>.  There are numerous
-	application arguments that affect the behavior of
-	&man.syslogd.8;.  To change them, use
+	application arguments that can be set using
 	<literal>syslogd_flags</literal> in
 	<filename>/etc/rc.conf</filename>.  Refer to &man.syslogd.8;
-	for more information on the arguments, and &man.rc.conf.5;,
-	<xref linkend="configtuning-core-configuration"/> and
-	<xref linkend="configtuning-rcd"/> for more information about
-	<filename>/etc/rc.conf</filename> and the &man.rc.8;
-	subsystem.</para>
+	for more information on the available arguments.</para>
 
-    <para>This section describes how to configure and the &os;
+    <para>This section describes how to configure the &os;
       system logger for both local and remote logging and how to perform log rotation
       and log management.</para>
 
@@ -1255,24 +1251,23 @@ ifconfig_fxp0_alias7="inet 202.0.75.20 netmask 255.255.255.255"</programlisting>
 
       <indexterm><primary>syslog.conf</primary></indexterm>
 
-      <para>The configuration file, by default
+      <para>The configuration file,
 	<filename>/etc/syslog.conf</filename>, controls what
-	&man.syslogd.8; does with the log entries once they are
+	<application>syslogd</application> does with log entries as they are
 	received.  There are several parameters to control the
-	handling of incoming events, of which the most basic are
-	<firstterm>facility</firstterm> and
-	<firstterm>level</firstterm>.  The facility describes
+	handling of incoming events.
+	The <firstterm>facility</firstterm> describes
 	which subsystem generated the message, such as the kernel or a
-	daemon, and the level describes the severity of the event that
-	occurred.  This makes it possible to log the message to
-	different log files, or discard it, depending on the facility
+	daemon, and the <firstterm>level</firstterm> describes the severity of the event that
+	occurred.  This makes it possible to configure if and where a log message is
+	logged, depending on the facility
 	and level.  It is also possible to take action depending on
 	the application that sent the message, and in the case of
 	remote logging, the hostname of the machine generating
 	the logging event.</para>
 
-      <para>The configuration file for &man.syslogd.8; contains one
-	line per action, and the syntax for each line is a selector
+      <para>This configuration file contains one
+	line per action, where the syntax for each line is a selector
 	field followed by an action field.  The syntax of the selector
 	field is <replaceable>facility.level</replaceable> which will
 	match log messages from <replaceable>facility</replaceable>
@@ -1293,15 +1288,16 @@ ifconfig_fxp0_alias7="inet 202.0.75.20 netmask 255.255.255.255"</programlisting>
 #       separators. If you are sharing this file between systems, you
 #       may want to use only tabs as field separators here.
 #       Consult the syslog.conf(5) manpage.
-*.err;kern.warning;auth.notice;mail.crit                /dev/console <co xml:id="co-syslog-many-match"/>
+*.err;kern.warning;auth.notice;mail.crit                /dev/console
 *.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err   /var/log/messages
 security.*                                      /var/log/security
 auth.info;authpriv.info                         /var/log/auth.log
-mail.info                                       /var/log/maillog <co xml:id="co-syslog-one-match"/>
+mail.info                                       /var/log/maillog 
 lpr.info                                        /var/log/lpd-errs
 ftp.info                                        /var/log/xferlog
 cron.*                                          /var/log/cron
-*.=debug                                        /var/log/debug.log <co xml:id="co-syslog-comparison"/>
+!-devd
+*.=debug                                        /var/log/debug.log
 *.emerg                                         *
 # uncomment this to log all writes to /dev/console to /var/log/console.log
 #console.info                                   /var/log/console.log
@@ -1314,54 +1310,58 @@ cron.*                                          /var/log/cron
 # news.crit                                     /var/log/news/news.crit
 # news.err                                      /var/log/news/news.err
 # news.notice                                   /var/log/news/news.notice
-!ppp <co xml:id="co-syslog-prog-spec"/>
+# Uncomment this if you wish to see messages produced by devd
+# !devd
+# *.>=info  
+!ppp
 *.*                                             /var/log/ppp.log
 !*</programlisting>
 
-      <calloutlist>
-	<callout arearefs="co-syslog-many-match">
-	  <para>Match all messages with a level of
+      <para>In this example:</para>
+
+	<itemizedlist>
+	  <listitem>
+	  <para>Line 8 matches all messages with a level of
 	    <literal>err</literal> or higher, as well as
 	    <literal>kern.warning</literal>,
 	    <literal>auth.notice</literal> and
-	    <literal>mail.crit</literal>, and send these log messages
+	    <literal>mail.crit</literal>, and sends these log messages
 	    to the console
 	    (<filename>/dev/console</filename>).</para>
-	</callout>
+	  </listitem>
 
-	<callout arearefs="co-syslog-one-match">
-	  <para>Match all messages from the <literal>mail</literal>
-	    facility at level <literal>info</literal> or above, and
-	    log the messages to
+	<listitem>
+	  <para>Line 12 matches all messages from the <literal>mail</literal>
+	    facility at level <literal>info</literal> or above and
+	    logs the messages to
 	    <filename>/var/log/maillog</filename>.</para>
-	</callout>
+	  </listitem>
 
-	<callout arearefs="co-syslog-comparison">
-	  <para>This line uses a comparison flag, <literal>=</literal>
-	    to only match messages at level <literal>debug</literal>,
-	    and log them in
+	<listitem>
+	  <para>Line 17 uses a comparison flag (<literal>=</literal>)
+	    to only match messages at level <literal>debug</literal>
+	    and logs them to
 	    <filename>/var/log/debug.log</filename>.</para>
-	</callout>
+	  </listitem>
 
-	<callout arearefs="co-syslog-prog-spec">
-	  <para>Here is an example usage of a <emphasis>program
+	<listitem>
+	  <para>Line 33 is an example usage of a <emphasis>program
 	      specification</emphasis>.  This makes the rules
-	    following it only valid for the program in the program
-	    specification.  In this case, this and the following
-	    lines log all messages from &man.ppp.8;, but no other
-	    programs, to
+	    following it only valid for the specified program.
+	    In this case, only the
+	    messages generated by <application>ppp</application> are
+	    logged to
 	    <filename>/var/log/ppp.log</filename>.</para>
-	</callout>
-      </calloutlist>
+	  </listitem>
+	</itemizedlist>
 
-      <para>This example shows that there are plenty of levels and
-	subsystems.  The levels are, in order from most to least
-	critical: <literal>emerg</literal>, <literal>alert</literal>,
+      <para>The available levels, in order from most to least
+	critical are <literal>emerg</literal>, <literal>alert</literal>,
 	<literal>crit</literal>, <literal>err</literal>,
 	<literal>warning</literal>, <literal>notice</literal>,
 	<literal>info</literal>, and <literal>debug</literal>.</para>
 
-      <para>The facilities are, in no particular order:
+      <para>The facilities, in no particular order, are
 	<literal>auth</literal>, <literal>authpriv</literal>,
 	<literal>console</literal>, <literal>cron</literal>,
 	<literal>daemon</literal>, <literal>ftp</literal>,
@@ -1373,11 +1373,10 @@ cron.*                                          /var/log/cron
 	<literal>local7</literal>.  Be aware that other operating
 	systems might have different facilities.</para>
 
-      <para>With this knowledge, it is easy to add a new line to
-	<filename>/etc/syslog.conf</filename> to log everything from
-	the different daemons on level <literal>notice</literal> and
-	higher to <filename>/var/log/daemon.log</filename>.  Just add
-	the following:</para>
+      <para>To log everything
+	of level <literal>notice</literal> and
+	higher to <filename>/var/log/daemon.log</filename>, add
+	the following entry:</para>
 
       <programlisting>daemon.notice                                        /var/log/daemon.log</programlisting>