blob: 486a4ab5e7e6e89c763616788aeec4079f5e009d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
@version:3.19
@include "scl.conf"
# syslog-ng configuration file.
#
# See syslog-ng(8) and syslog-ng.conf(5) for more information.
#
# Note: It also sources additional configuration files (*.conf)
# located in /etc/syslog-ng/conf.d/.
#
# Options
#
options {
# Create destination directories if missing.
create_dirs(yes);
# The default action of syslog-ng is to log a MARK line to the file every
# 20 minutes. That's seems high for most people so turn it down to once an
# hour. Set it to zero if you don't want the functionality at all.
mark_freq(3600);
# The default action of syslog-ng is to log a STATS line to the file every
# 10 minutes. That's pretty ugly after a while. Change it to every 12 hours
# so you get a nice daily update of how many messages syslog-ng missed (0).
stats_freq(43200);
# Time to wait before a died connection is re-established (default is 60).
time_reopen(5);
# Disable DNS usage.
# syslog-ng blocks on DNS queries, so enabling DNS may lead to a DoS attack.
use_dns(no);
dns-cache(no);
# Default owner, group, and permissions for log files.
owner(root);
group(adm);
perm(0640);
# Default permissions for created directories.
dir_perm(0755);
};
#
# Templates
#
template t_file {
template("${YEAR}-${MONTH}-${DAY} ${HOUR}:${MIN}:${SEC} ${LEVEL} ${MSGHDR}${MSG}\n");
};
#
# Sources
#
source s_sys {
# Standard system log source.
system();
# Messages generated by syslog-ng.
internal();
};
#
# Destinations
#
destination d_auth { file("/var/log/auth.log" template(t_file)); };
destination d_boot { file("/var/log/boot.log" template(t_file)); };
destination d_cron { file("/var/log/cron.log" template(t_file)); };
destination d_kern { file("/var/log/kern.log" template(t_file)); };
destination d_mail { file("/var/log/mail.log" template(t_file) flush_lines(10)); };
destination d_mesg { file("/var/log/messages" template(t_file)); };
# Send messages to console of everyone logged in.
destination d_cons_all { usertty("*"); };
# Send message to the root's console.
destination d_cons_root { usertty("root"); };
#
# Filters
#
filter f_auth { facility(auth, authpriv); };
filter f_boot { facility(local7); };
filter f_cron { facility(cron); };
filter f_emerg { level(emerg); };
filter f_kern { facility(kern); };
filter f_mail { facility(mail); };
filter f_default {
level(info..emerg)
and not (facility(auth)
or facility(authpriv)
or facility(cron)
or facility(kern)
or facility(mail));
};
#
# Logs
#
log { source(s_sys); filter(f_auth); destination(d_auth); };
log { source(s_sys); filter(f_boot); destination(d_boot); };
log { source(s_sys); filter(f_cron); destination(d_cron); };
log { source(s_sys); filter(f_emerg); destination(d_cons_root); };
log { source(s_sys); filter(f_kern); destination(d_kern); };
log { source(s_sys); filter(f_mail); destination(d_mail); };
log { source(s_sys); filter(f_default); destination(d_mesg); };
# Source additional configuration files (.conf extension only)
@include "/etc/syslog-ng/conf.d/*.conf"
|