Context Navigation

source: trunk/lvs/debian/config/etc/syslog-ng/syslog-ng.conf @ 1683

Last change on this file since 1683 was 1609, checked in by ezyang, 14 years ago
Take syslog-ng update.
File size: 9.7 KB

Line
1	#
2	# Configuration file for syslog-ng under Debian
3	#
4	# attempts at reproducing default syslog behavior
5
6	# the standard syslog levels are (in descending order of priority):
7	# emerg alert crit err warning notice info debug
8	# the aliases "error", "panic", and "warn" are deprecated
9	# the "none" priority found in the original syslogd configuration is
10	# only used in internal messages created by syslogd
11
12
13	######
14	# options
15
16	options {
17	# disable the chained hostname format in logs
18	# (default is enabled)
19	chain_hostnames(0);
20
21	# the time to wait before a died connection is re-established
22	# (default is 60)
23	time_reopen(10);
24
25	# the time to wait before an idle destination file is closed
26	# (default is 60)
27	time_reap(360);
28
29	# the number of lines buffered before written to file
30	# you might want to increase this if your disk isn't catching with
31	# all the log messages you get or if you want less disk activity
32	# (say on a laptop)
33	# (default is 0)
34	#sync(0);
35
36	# the number of lines fitting in the output queue
37	log_fifo_size(2048);
38
39	# enable or disable directory creation for destination files
40	create_dirs(yes);
41
42	# default owner, group, and permissions for log files
43	# (defaults are 0, 0, 0600)
44	#owner(root);
45	group(adm);
46	perm(0640);
47
48	# default owner, group, and permissions for created directories
49	# (defaults are 0, 0, 0700)
50	#dir_owner(root);
51	#dir_group(root);
52	dir_perm(0755);
53
54	# enable or disable DNS usage
55	# syslog-ng blocks on DNS queries, so enabling DNS may lead to
56	# a Denial of Service attack
57	# (default is yes)
58	use_dns(no);
59
60	# maximum length of message in bytes
61	# this is only limited by the program listening on the /dev/log Unix
62	# socket, glibc can handle arbitrary length log messages, but -- for
63	# example -- syslogd accepts only 1024 bytes
64	# (default is 2048)
65	#log_msg_size(2048);
66
67	#Disable statistic log messages.
68	stats_freq(0);
69
70	# Some program send log messages through a private implementation.
71	# and sometimes that implementation is bad. If this happen syslog-ng
72	# may recognise the program name as hostname. Whit this option
73	# we tell the syslog-ng that if a hostname match this regexp than that
74	# is not a real hostname.
75	bad_hostname("^gconfd$");
76	};
77
78
79	######
80	# sources
81
82	# all known message sources
83	source s_all {
84	# message generated by Syslog-NG
85	internal();
86	# standard Linux log source (this is the default place for the syslog()
87	# function to send logs to)
88	unix-stream("/dev/log");
89	# messages from the kernel
90	file("/proc/kmsg" log_prefix("kernel: "));
91	# use the following line if you want to receive remote UDP logging messages
92	# (this is equivalent to the "-r" syslogd flag)
93	# udp();
94	};
95
96
97	######
98	# destinations
99
100	# some standard log files
101	destination df_auth { file("/var/log/auth.log"); };
102	destination df_syslog { file("/var/log/syslog"); };
103	destination df_cron { file("/var/log/cron.log"); };
104	destination df_daemon { file("/var/log/daemon.log"); };
105	destination df_kern { file("/var/log/kern.log"); };
106	destination df_lpr { file("/var/log/lpr.log"); };
107	destination df_mail { file("/var/log/mail.log"); };
108	destination df_user { file("/var/log/user.log"); };
109	destination df_uucp { file("/var/log/uucp.log"); };
110
111	# these files are meant for the mail system log files
112	# and provide re-usable destinations for {mail,cron,...}.info,
113	# {mail,cron,...}.notice, etc.
114	destination df_facility_dot_info { file("/var/log/$FACILITY.info"); };
115	destination df_facility_dot_notice { file("/var/log/$FACILITY.notice"); };
116	destination df_facility_dot_warn { file("/var/log/$FACILITY.warn"); };
117	destination df_facility_dot_err { file("/var/log/$FACILITY.err"); };
118	destination df_facility_dot_crit { file("/var/log/$FACILITY.crit"); };
119
120	# these files are meant for the news system, and are kept separated
121	# because they should be owned by "news" instead of "root"
122	destination df_news_dot_notice { file("/var/log/news/news.notice" owner("news")); };
123	destination df_news_dot_err { file("/var/log/news/news.err" owner("news")); };
124	destination df_news_dot_crit { file("/var/log/news/news.crit" owner("news")); };
125
126	# some more classical and useful files found in standard syslog configurations
127	destination df_debug { file("/var/log/debug"); };
128	destination df_messages { file("/var/log/messages"); };
129
130	# pipes
131	# a console to view log messages under X
132	destination dp_xconsole { pipe("/dev/xconsole"); };
133
134	# consoles
135	# this will send messages to everyone logged in
136	destination du_all { usertty("*"); };
137
138
139	######
140	# filters
141
142	# all messages from the auth and authpriv facilities
143	filter f_auth { facility(auth, authpriv); };
144
145	# all messages except from the auth and authpriv facilities
146	filter f_syslog { not facility(auth, authpriv); };
147
148	# respectively: messages from the cron, daemon, kern, lpr, mail, news, user,
149	# and uucp facilities
150	filter f_cron { facility(cron); };
151	filter f_daemon { facility(daemon); };
152	filter f_kern { facility(kern); };
153	filter f_lpr { facility(lpr); };
154	filter f_mail { facility(mail); };
155	filter f_news { facility(news); };
156	filter f_user { facility(user); };
157	filter f_uucp { facility(uucp); };
158
159	# some filters to select messages of priority greater or equal to info, warn,
160	# and err
161	# (equivalents of syslogd's .info, .warn, and *.err)
162	filter f_at_least_info { level(info..emerg); };
163	filter f_at_least_notice { level(notice..emerg); };
164	filter f_at_least_warn { level(warn..emerg); };
165	filter f_at_least_err { level(err..emerg); };
166	filter f_at_least_crit { level(crit..emerg); };
167
168	# all messages of priority debug not coming from the auth, authpriv, news, and
169	# mail facilities
170	filter f_debug { level(debug) and not facility(auth, authpriv, news, mail); };
171
172	# all messages of info, notice, or warn priority not coming form the auth,
173	# authpriv, cron, daemon, mail, and news facilities
174	filter f_messages {
175	level(info,notice,warn)
176	and not facility(auth,authpriv,cron,daemon,mail,news);
177	};
178
179	# messages with priority emerg
180	filter f_emerg { level(emerg); };
181
182	# complex filter for messages usually sent to the xconsole
183	filter f_xconsole {
184	facility(daemon,mail)
185	or level(debug,info,notice,warn)
186	or (facility(news)
187	and level(crit,err,notice));
188	};
189
190
191	######
192	# logs
193	# order matters if you use "flags(final);" to mark the end of processing in a
194	# "log" statement
195
196	# these rules provide the same behavior as the commented original syslogd rules
197
198	# auth,authpriv.* /var/log/auth.log
199	log {
200	source(s_all);
201	filter(f_auth);
202	destination(df_auth);
203	};
204
205	# .;auth,authpriv.none -/var/log/syslog
206	log {
207	source(s_all);
208	filter(f_syslog);
209	destination(df_syslog);
210	};
211
212	# this is commented out in the default syslog.conf
213	# cron.* /var/log/cron.log
214	#log {
215	# source(s_all);
216	# filter(f_cron);
217	# destination(df_cron);
218	#};
219
220	# daemon.* -/var/log/daemon.log
221	log {
222	source(s_all);
223	filter(f_daemon);
224	destination(df_daemon);
225	};
226
227	# kern.* -/var/log/kern.log
228	log {
229	source(s_all);
230	filter(f_kern);
231	destination(df_kern);
232	};
233
234	# lpr.* -/var/log/lpr.log
235	log {
236	source(s_all);
237	filter(f_lpr);
238	destination(df_lpr);
239	};
240
241	# mail.* -/var/log/mail.log
242	log {
243	source(s_all);
244	filter(f_mail);
245	destination(df_mail);
246	};
247
248	# user.* -/var/log/user.log
249	log {
250	source(s_all);
251	filter(f_user);
252	destination(df_user);
253	};
254
255	# uucp.* /var/log/uucp.log
256	log {
257	source(s_all);
258	filter(f_uucp);
259	destination(df_uucp);
260	};
261
262	# mail.info -/var/log/mail.info
263	log {
264	source(s_all);
265	filter(f_mail);
266	filter(f_at_least_info);
267	destination(df_facility_dot_info);
268	};
269
270	# mail.warn -/var/log/mail.warn
271	log {
272	source(s_all);
273	filter(f_mail);
274	filter(f_at_least_warn);
275	destination(df_facility_dot_warn);
276	};
277
278	# mail.err /var/log/mail.err
279	log {
280	source(s_all);
281	filter(f_mail);
282	filter(f_at_least_err);
283	destination(df_facility_dot_err);
284	};
285
286	# news.crit /var/log/news/news.crit
287	log {
288	source(s_all);
289	filter(f_news);
290	filter(f_at_least_crit);
291	destination(df_news_dot_crit);
292	};
293
294	# news.err /var/log/news/news.err
295	log {
296	source(s_all);
297	filter(f_news);
298	filter(f_at_least_err);
299	destination(df_news_dot_err);
300	};
301
302	# news.notice /var/log/news/news.notice
303	log {
304	source(s_all);
305	filter(f_news);
306	filter(f_at_least_notice);
307	destination(df_news_dot_notice);
308	};
309
310
311	# *.=debug;\
312	# auth,authpriv.none;\
313	# news.none;mail.none -/var/log/debug
314	log {
315	source(s_all);
316	filter(f_debug);
317	destination(df_debug);
318	};
319
320
321	# .=info;.=notice;*.=warn;\
322	# auth,authpriv.none;\
323	# cron,daemon.none;\
324	# mail,news.none -/var/log/messages
325	log {
326	source(s_all);
327	filter(f_messages);
328	destination(df_messages);
329	};
330
331	# .emerg
332	log {
333	source(s_all);
334	filter(f_emerg);
335	destination(du_all);
336	};
337
338
339	# daemon.;mail.;\
340	# news.crit;news.err;news.notice;\
341	# .=debug;.=info;\
342	# .=notice;.=warn \|/dev/xconsole
343	log {
344	source(s_all);
345	filter(f_xconsole);
346	destination(dp_xconsole);
347	};
348

Note: See TracBrowser for help on using the repository browser.

Download in other formats: