#
# Syslog-ng configuration file, compatible with default Debian syslogd
# installation. Originally written by anonymous (I can't find his name)
# Revised, and rewrited by me (SZALAY Attila sasa@debian.org)

# First, set some global options.
options { long_hostnames(off); sync(0); stats(3600); };

#
# This is the default behavior of sysklogd package
# Logs may come from unix stream, but not from another machine.
#
source src { unix-stream("/dev/log"); internal(); file("/proc/kmsg"); };

#
# If you wish to get logs from remote machine you should uncomment
# this and comment the above source line.
#
# source src { unix-dgram("/dev/log"); internal(); udp(); };


# After that set destinations.

# First some standard logfile
#
destination authlog { file("/var/log/auth.log" owner("root")
                      group("adm") perm(0640)); };
destination syslog  { file("/var/log/syslog" owner("root")
                      group("adm") perm(0640)); };
destination cron    { file("/var/log/cron.log" owner("root")
                      group("adm") perm(0640)); };
destination daemon  { file("/var/log/daemon.log" owner("root")
                      group("adm") perm(0640)); };
destination kern    { file("/var/log/kern.log" owner("root")
                      group("adm") perm(0640)); };
destination lpr     { file("/var/log/lpr.log" owner("root")
                      group("adm") perm(0640)); };
destination mail    { file("/var/log/mail.log" owner("root")
                      group("adm") perm(0640)); };
destination user    { file("/var/log/user.log" owner("root")
                      group("adm") perm(0640)); };
destination uucp    { file("/var/log/uucp.log" owner("root")
                      group("adm") perm(0640)); };


# This files are the log come from the mail subsystem.
#
destination mailinfo { file("/var/log/mail.info" owner("root")
                       group("adm") perm(0640)); };
destination mailwarn { file("/var/log/mail.warn" owner("root")
                       group("adm") perm(0640)); };
destination mailerr  { file("/var/log/mail.err" owner("root")
                       group("adm") perm(0640)); };

# Logging for INN news system
#
destination newscrit   { file("/var/log/news/news.crit" owner("root")
                         group("adm") perm(0640)); };
destination newserr    { file("/var/log/news/news.err" owner("root")
                         group("adm") perm(0640)); };
destination newsnotice { file("/var/log/news/news.notice" owner("root")
                         group("adm") perm(0640)); };

# Some `catch-all' logfiles.
#
destination debug      { file("/var/log/debug" owner("root")
                         group("adm") perm(0640)); };
destination messages   { file("/var/log/messages" owner("root")
                         group("adm") perm(0640)); };


# The root's console.
#
destination console { usertty("root"); };

# Virtual console.
#
destination console_all { file("/dev/tty8"); };

# The named pipe /dev/xconsole is for the nsole' utility.  To use it,
# you must invoke nsole' with the -file' option:
#
#    # xconsole -file /dev/xconsole [...]
#
destination xconsole { pipe("/dev/xconsole"); };

destination ppp { file("/var/log/ppp.log" owner("root")
                  group("adm") perm(0640)); };

# Here's come the filter options. With this rules, we can set which
# message go where.

filter f_authpriv  { facility(auth, authpriv); };
filter f_syslog    { not facility(auth, authpriv); };
filter f_cron      { facility(cron); };
filter f_daemon    { facility(daemon); };
filter f_kern      { facility(kern); };
filter f_lpr       { facility(lpr); };
filter f_mail      { facility(mail); };
filter f_user      { facility(user); };
filter f_uucp      { facility(uucp); };

filter f_news      { facility(news); };

filter f_debug     { level(debug) and not
                     facility(auth, authpriv, mail, news); };
filter f_messages  { level(info .. warn) and not
                     facility(auth, authpriv, cron, daemon, mail, news); };
filter f_emergency { level(emerg); };

filter f_info      { level(info); };
filter f_notice    { level(notice); };
filter f_warn      { level(warn); };
filter f_crit      { level(crit); };
filter f_err       { level(err); };

filter f_cnews     { level(notice, err, crit) and facility(news); };
filter f_cother    { level(debug, info, notice, warn) or
                     facility(daemon, mail); };

filter ppp         { facility(local2); };


log { source(src); filter(f_authpriv); destination(authlog); };
log { source(src); filter(f_syslog); destination(syslog); };
#log { source(src); filter(f_cron); destination(cron); };
log { source(src); filter(f_daemon); destination(daemon); };
log { source(src); filter(f_kern); destination(kern); };
log { source(src); filter(f_lpr); destination(lpr); };
log { source(src); filter(f_mail); destination(mail); };
log { source(src); filter(f_user); destination(user); };
log { source(src); filter(f_uucp); destination(uucp); };
log { source(src); filter(f_mail); filter(f_info);
      destination(mailinfo); };
log { source(src); filter(f_mail); filter(f_warn);
      destination(mailwarn); };
log { source(src); filter(f_mail); filter(f_err);
      destination(mailerr); };
log { source(src); filter(f_news); filter(f_crit);
      destination(newscrit); };
log { source(src); filter(f_news); filter(f_err);
      destination(newserr); };
log { source(src); filter(f_news); filter(f_notice);
      destination(newsnotice); };
log { source(src); filter(f_debug); destination(debug); };
log { source(src); filter(f_messages); destination(messages); };
log { source(src); filter(f_emergency); destination(console); };

#log { source(src); filter(f_cnews); destination(console_all); };
#log { source(src); filter(f_cother); destination(console_all); };


log { source(src); filter(f_cnews); destination(xconsole); };
log { source(src); filter(f_cother); destination(xconsole); };

log { source(src); filter(ppp); destination(ppp); };