blob: 86be9d3331627d74f85c6fd2fe732eb2ff28d243 (
plain)
1 @version: 3.17
2 #
3 # /etc/syslog-ng: syslog-ng(8) configration file, based on a gentoo template
4 # use logger to test new rules:
5 # logger -p daemon.crit testmessage
6 # use loggen to produce log messages remotely
7
8
9 # on busy systems you may have to adjus flush_lines and suppress() to avoid
10 # heavy disc i/o
11 # to change default permissions/owner/group for newly created files add
12 # options like this: owner(root); group(sys); perm(0644);
13
14 options { chain_hostnames(off); flush_lines(0); stats_freq(0); create_dirs(on); };
15
16 #source where to read log
17 source src { unix-stream("/dev/log"); internal(); };
18 source kernsrc { file("/proc/kmsg"); };
19
20 #define templates
21 template t_debug { template("$DATE fac $FACILITY lvl $LEVEL prg $PROGRAM: $MSG\n"); };
22
23 #define destinations
24 destination authlog { file("/var/log/auth.log" suppress(5)); };
25 destination sudo { file("/var/log/sudo.log" suppress(5)); };
26 destination cron { file("/var/log/cron.log" suppress(5)); };
27 destination kern { file("/var/log/kern.log" suppress(5)); };
28 destination mail { file("/var/log/mail.log" suppress(5)); };
29
30 destination mailinfo { file("/var/log/mail.info" suppress(5)); };
31 destination mailwarn { file("/var/log/mail.warn" suppress(5)); };
32 destination mailerr { file("/var/log/mail.err" suppress(5)); };
33
34 #destination newscrit { file("/var/log/news/news.crit" suppress(5)); };
35 #destination newserr { file("/var/log/news/news.err" suppress(5)); };
36 #destination newsnotice { file("/var/log/news/news.notice" suppress(5)); };
37
38 destination debug { file("/var/log/debug" template(t_debug) suppress(5)); };
39 destination messages { file("/var/log/messages" suppress(5)); };
40 destination errors { file("/var/log/error.log" suppress(5)); };
41 destination console { usertty("root"); };
42 destination console_all { file("/dev/tty12" suppress(5)); };
43 destination xconsole { pipe("/dev/xconsole" suppress(5)); };
44
45 #create filters
46 filter f_authpriv { facility(auth, authpriv); };
47 filter f_cron { facility(cron); };
48 filter f_kern { facility(kern); };
49 filter f_mail { facility(mail); };
50 #filter f_debug { not facility(auth, authpriv, mail) and not program(sudo); };
51 filter f_debug { not facility(mail) and not program(sudo); };
52 filter f_messages { level(info..warn)
53 and not facility(auth, authpriv, mail) and not program(sudo); };
54 filter f_sudo { program(sudo); };
55 filter f_errors { level(err..emerg); };
56
57 filter f_emergency { level(emerg); };
58
59 filter f_info { level(info); };
60 filter f_notice { level(notice); };
61 filter f_warn { level(warn); };
62 filter f_crit { level(crit); };
63 filter f_err { level(err); };
64
65 # examples for text-matching (beware of performance issues)
66 #filter f_failed { match("failed"); };
67 #filter f_denied { match("denied"); };
68
69 #connect filter and destination
70 log { source(src); filter(f_authpriv); destination(authlog); };
71 log { source(src); filter(f_sudo); destination(sudo); };
72 log { source(src); filter(f_cron); destination(cron); };
73 log { source(kernsrc); filter(f_kern); destination(kern); };
74 log { source(src); filter(f_mail); destination(mail); };
75 log { source(src); filter(f_mail); filter(f_info); destination(mailinfo); };
76 log { source(src); filter(f_mail); filter(f_warn); destination(mailwarn); };
77 log { source(src); filter(f_mail); filter(f_err); destination(mailerr); };
78
79 #log { source(src); filter(f_debug); destination(debug); };
80 log { source(src); filter(f_messages); destination(messages); };
81 log { source(src); filter(f_errors); destination(errors); };
82 log { source(src); filter(f_emergency); destination(console); };
83
84 #default log
85 #log { source(src); destination(console_all); };
|
