Now that the new watchdog hook is in Drupal core, and slated for release with Drupal 6, we can do some neat tricks in syslog to route Drupal event messages.
This article details some examples on how syslog can be used with Drupal.
Under UNIX like systems, the configuration for syslog should be in /etc/syslog.conf. By editing this file and adding the appropriate entries, we can control how Drupal messages are routed.
Here is an example where you have a live site and a test site on the same site, and want the messages from each to go to different files. The trick here is to set each site with a different facility, so the live site goes to LOCAL0 while the test site goes to LOCAL7.
# Drupal live site goes to /var/log/drupal-live
# By default, all messages goes to the drupal log file
# critical and higher go to the console
# Info messges get logged to the drupal-info file
# Alert gets written to the terminals of root and user kbahey
# Drupal development sites goes to local7
# Test site debug messages go into their own file, to prevent clutter
In a large setup with multiple servers, we want the messages from all servers to go to a central monitoring stations.
# Everything to local1 goes to the monitoring server
Things can get more interesting when you also use named pipes to route the output to other programs.
Check your man page for syslog.conf for more information.