Re: where is mail.log

Sat, 30 Nov 2024 04:26:55 -0800 


On Friday, 29-11-2024 at 21:30 Bitfox wrote:
> On 2024-11-29 10:08, Greg Wooledge wrote:
> > On Thu, Nov 28, 2024 at 19:13:12 -0500, Dan Ritter wrote:
> >> Bitfox wrote:
> >> > My OS is debian 12 without GUI.
> >> >
> >> > After I installed postifx by apt, I can't find the path to mail.log.
> >> >
> >> > the log file in /var/log doesn't exist.
> >> >
> >> > do you know where is my mail.log now?
> >> 
> >> by default, it's in /var/log.
> > 
> > No.  As of bookworm, rsyslog is no longer installed by default, and
> > there are no human-readable log files by default.
> > 
> > https://www.debian.org/releases/bookworm/amd64/release-notes/ch-information.en.html#changes-to-system-logging
> 
> Update:
> 
> following Greg's help, I run 'apt install rsyslog' and 'service postfix 
> restart', now mail.log has been working.
> 
> 2024-11-29T18:27:50.514443+08:00 mgw postfix/postfix-script[61549]: 
> starting the Postfix mail system
> 2024-11-29T18:27:50.522266+08:00 mgw postfix/master[61551]: daemon 
> started -- version 3.7.11, configuration /etc/postfix
> 
> Thanks a lot.

Thank you for your update.  

And thanks to others pointing out that rsyslog has been removed since Bookworm. 
Now I know that I will want to install rsyslog in Trixie servers once Trixie 
moves to production.

I am slowly learning journald and journalctl because as others have reported 
"it has been chosen as the way of the future".

As you said, for now there are still programs which still use rsyslog files.

I was pleased to learn "fail2ban works with journald" as I like to use fail2ban 
with postfix to block those who try to use postfix as a mail relay. 

I read that journald does not allow for forwarding to remote logging servers. 
Many people suggest using journald to collect the log entires, and then rsyslog 
to do send them to a remote centralised log server. However I also found  that 
systemd-journal-remote.service, systemd-journal-remote.socket, and 
systemd-journal-remote are available, and have been available for quite some 
time.
https://www.digitalocean.com/community/tutorials/how-to-centralize-logs-with-journald-on-debian-10

Has anyone implemented remote logging with systemd-journal-remote and can say 
how well this works?

Checking with Synaptic found a package called "systemd-journal-remote" :
This package provides tools for sending and receiving remote journal logs:
 * systemd-journal-remote
 * systemd-journal-upload
 * systemd-journal-gatewayd


George.





> 
> 
























					Reply via email to