This time I will take a short look at the log levels of ASL.
It turns out that just writing something to the ASL does not guarantee that the information will actually be stored. This was of course clear from the fact that each message is written at a certain log level, and it should be obvious that we can control the level below which information is actually stored.
When developing in xcode, the messages send to ASL will appear in the console window. Since I do write a lot of messages at level "Debug" I am quite used to seeing this info. Besides, I could be sure that I did indeed write these messages to the ASL.
When using my app outside of Xcode though, I did not see my "Debug" level messages (nor did I see the "Info" level messages).
I assumed that it would be possible to control the level of detail in the ASL from somewhere else. And indeed when reading the "man asl" pages I found that the information that is written to the ASL is controlled from no less than 4 places!
5 Actually if I include my own mechanism for controlling the log messages...
The first level is within the source code itself. We can specify using:
asl_set_filter(nil, filter_bit_pattern)
which levels should be recorded. By default the
asl_add_log_file(nil, STDERR_FILENO)
records all information up to and including the debug level. So that is not where my messages were blocked.
Next up is the 'master' filter. This master filter can be set using the "syslog" command in a terminal window. By using the option "-c 0" it shows if the master filter is in use and at which level it is set. Typing this into a terminal yielded:
MacPro:~ user$ syslog -c 0
Master filter mask: Off
MacPro:~ user$ syslog -c 1726
Process 1726 syslog filter mask: Off
So that was not the culprit either. There was now one place left: the /etc/asl.conf file. Looking into this file showed:
MacPro:~ user$ more /etc/asl.conf
##
# configuration file for syslogd and aslmanager
##
# authpriv messages are root/admin readable
? [= Facility authpriv] access 0 80
# remoteauth critical, alert, and emergency messages are root/admin readable
? [= Facility remoteauth] [<= Level critical] access 0 80
# broadcast emergency messages
? [= Level emergency] broadcast
# save kernel [PID 0] and launchd [PID 1] messages
? [<= PID 1] store
# ignore "internal" facility
? [= Facility internal] ignore
# save everything from emergency to notice
? [<= Level notice] store
# Rules for /var/log/system.log
> system.log mode=0640 format=bsd rotate=seq compress file_max=5M all_max=50M
? [= Sender kernel] file system.log
? [<= Level notice] file system.log
? [= Facility auth] [<= Level info] file system.log
? [= Facility authpriv] [<= Level info] file system.log
# Facility com.apple.alf.logging gets saved in appfirewall.log
? [= Facility com.apple.alf.logging] file appfirewall.log file_max=5M all_max=50M
MacPro:~ user$
If you like to change the asl.conf file, be sure to find out how in the man pages, just type "man asl.conf" into a terminal window.
Happy coding...
Did this help?, then please help out a small independent.
If you decide that you want to make a small donation, you can do so by clicking this
link: a cup of coffee ($2) or use the popup on the right hand side for different amounts.
Payments will be processed by PayPal, receiver will be sales at balancingrock dot nl
Bitcoins will be gladly accepted at: 1GacSREBxPy1yskLMc9de2nofNv2SNdwqH
We don't get the world we wish for... we get the world we pay for.
No comments:
Post a Comment