blob: 0c6f543551a3d9714908f14522cc4e1522fefec0 [file] [log] [blame]
Brad Bishop6e60e8b2018-02-01 10:27:11 -05001@version: 3.8
Patrick Williamsb48b7b42016-08-17 15:04:38 -05002#
3# Syslog-ng configuration file, compatible with default Debian syslogd
4# installation. Originally written by anonymous (I can't find his name)
5# Revised, and rewrited by me (SZALAY Attila <sasa@debian.org>)
6
7# First, set some global options.
8options { chain_hostnames(off); flush_lines(0); use_dns(no); use_fqdn(no);
9 owner("root"); group("adm"); perm(0640); stats_freq(0);
10 bad_hostname("^gconfd$");
11};
12
13########################
14# Sources
15########################
16# This is the default behavior of sysklogd package
17# Logs may come from unix stream, but not from another machine.
18#
19source s_src { unix-dgram("/dev/log"); internal();
20 file("/proc/kmsg" program_override("kernel"));
21};
22
23# If you wish to get logs from remote machine you should uncomment
24# this and comment the above source line.
25#
26#source s_net { tcp(ip(127.0.0.1) port(1000) authentication(required) encrypt(allow)); };
27
28########################
29# Destinations
30########################
31# First some standard logfile
32#
33destination d_auth { file("/var/log/auth.log"); };
34destination d_cron { file("/var/log/cron.log"); };
35destination d_daemon { file("/var/log/daemon.log"); };
36destination d_kern { file("/var/log/kern.log"); };
37destination d_lpr { file("/var/log/lpr.log"); };
38destination d_mail { file("/var/log/mail.log"); };
39destination d_syslog { file("/var/log/syslog"); };
40destination d_user { file("/var/log/user.log"); };
41destination d_uucp { file("/var/log/uucp.log"); };
42
43# This files are the log come from the mail subsystem.
44#
45destination d_mailinfo { file("/var/log/mail/mail.info"); };
46destination d_mailwarn { file("/var/log/mail/mail.warn"); };
47destination d_mailerr { file("/var/log/mail/mail.err"); };
48
49# Logging for INN news system
50#
51destination d_newscrit { file("/var/log/news/news.crit"); };
52destination d_newserr { file("/var/log/news/news.err"); };
53destination d_newsnotice { file("/var/log/news/news.notice"); };
54
Brad Bishop6e60e8b2018-02-01 10:27:11 -050055# Some 'catch-all' logfiles.
Patrick Williamsb48b7b42016-08-17 15:04:38 -050056#
57destination d_debug { file("/var/log/debug"); };
58destination d_error { file("/var/log/error"); };
59destination d_messages { file("/var/log/messages"); };
60
61# The root's console.
62#
63destination d_console { usertty("root"); };
64
65# Virtual console.
66#
67destination d_console_all { file("/dev/tty10"); };
68
69# The named pipe /dev/xconsole is for the nsole' utility. To use it,
70# you must invoke nsole' with the -file' option:
71#
72# $ xconsole -file /dev/xconsole [...]
73#
74destination d_xconsole { pipe("/dev/xconsole"); };
75
76# Send the messages to an other host
77#
78#destination d_net { tcp("127.0.0.1" port(1000) authentication(on) encrypt(on) log_fifo_size(1000)); };
79
80# Debian only
81destination d_ppp { file("/var/log/ppp.log"); };
82
83########################
84# Filters
85########################
86# Here's come the filter options. With this rules, we can set which
87# message go where.
88
89filter f_dbg { level(debug); };
90filter f_info { level(info); };
91filter f_notice { level(notice); };
92filter f_warn { level(warn); };
93filter f_err { level(err); };
94filter f_crit { level(crit .. emerg); };
95
96filter f_debug { level(debug) and not facility(auth, authpriv, news, mail); };
97filter f_error { level(err .. emerg) ; };
98filter f_messages { level(info,notice,warn) and
99 not facility(auth,authpriv,cron,daemon,mail,news); };
100
101filter f_auth { facility(auth, authpriv) and not filter(f_debug); };
102filter f_cron { facility(cron) and not filter(f_debug); };
103filter f_daemon { facility(daemon) and not filter(f_debug); };
104filter f_kern { facility(kern) and not filter(f_debug); };
105filter f_lpr { facility(lpr) and not filter(f_debug); };
106filter f_local { facility(local0, local1, local3, local4, local5,
107 local6, local7) and not filter(f_debug); };
108filter f_mail { facility(mail) and not filter(f_debug); };
109filter f_news { facility(news) and not filter(f_debug); };
110filter f_syslog3 { not facility(auth, authpriv, mail) and not filter(f_debug); };
111filter f_user { facility(user) and not filter(f_debug); };
112filter f_uucp { facility(uucp) and not filter(f_debug); };
113
114filter f_cnews { level(notice, err, crit) and facility(news); };
115filter f_cother { level(debug, info, notice, warn) or facility(daemon, mail); };
116
117filter f_ppp { facility(local2) and not filter(f_debug); };
118filter f_console { level(warn .. emerg); };
119
120########################
121# Log paths
122########################
123log { source(s_src); filter(f_auth); destination(d_auth); };
124log { source(s_src); filter(f_cron); destination(d_cron); };
125log { source(s_src); filter(f_daemon); destination(d_daemon); };
126log { source(s_src); filter(f_kern); destination(d_kern); };
127log { source(s_src); filter(f_lpr); destination(d_lpr); };
128log { source(s_src); filter(f_syslog3); destination(d_syslog); };
129log { source(s_src); filter(f_user); destination(d_user); };
130log { source(s_src); filter(f_uucp); destination(d_uucp); };
131
132log { source(s_src); filter(f_mail); destination(d_mail); };
133#log { source(s_src); filter(f_mail); filter(f_info); destination(d_mailinfo); };
134#log { source(s_src); filter(f_mail); filter(f_warn); destination(d_mailwarn); };
135#log { source(s_src); filter(f_mail); filter(f_err); destination(d_mailerr); };
136
137log { source(s_src); filter(f_news); filter(f_crit); destination(d_newscrit); };
138log { source(s_src); filter(f_news); filter(f_err); destination(d_newserr); };
139log { source(s_src); filter(f_news); filter(f_notice); destination(d_newsnotice); };
140#log { source(s_src); filter(f_cnews); destination(d_console_all); };
141#log { source(s_src); filter(f_cother); destination(d_console_all); };
142
143#log { source(s_src); filter(f_ppp); destination(d_ppp); };
144
145log { source(s_src); filter(f_debug); destination(d_debug); };
146log { source(s_src); filter(f_error); destination(d_error); };
147log { source(s_src); filter(f_messages); destination(d_messages); };
148
149log { source(s_src); filter(f_console); destination(d_console_all);
150 destination(d_xconsole); };
151log { source(s_src); filter(f_crit); destination(d_console); };
152
153# All messages send to a remote site
154#
155#log { source(s_src); destination(d_net); };