#
# Syslog-ng configuration file, compatible with default Debian syslogd
# installation. Originally written by anonymous (I can't find his name)
# Revised, and rewrited by me (SZALAY Attila sasa@debian.org)
# First, set some global options.
options { long_hostnames(off); sync(0); stats(3600); };
#
# This is the default behavior of sysklogd package
# Logs may come from unix stream, but not from another machine.
#
source src { unix-stream("/dev/log"); internal(); file("/proc/kmsg"); };
#
# If you wish to get logs from remote machine you should uncomment
# this and comment the above source line.
#
# source src { unix-dgram("/dev/log"); internal(); udp(); };
# After that set destinations.
# First some standard logfile
#
destination authlog { file("/var/log/auth.log" owner("root")
group("adm") perm(0640)); };
destination syslog { file("/var/log/syslog" owner("root")
group("adm") perm(0640)); };
destination cron { file("/var/log/cron.log" owner("root")
group("adm") perm(0640)); };
destination daemon { file("/var/log/daemon.log" owner("root")
group("adm") perm(0640)); };
destination kern { file("/var/log/kern.log" owner("root")
group("adm") perm(0640)); };
destination lpr { file("/var/log/lpr.log" owner("root")
group("adm") perm(0640)); };
destination mail { file("/var/log/mail.log" owner("root")
group("adm") perm(0640)); };
destination user { file("/var/log/user.log" owner("root")
group("adm") perm(0640)); };
destination uucp { file("/var/log/uucp.log" owner("root")
group("adm") perm(0640)); };
# This files are the log come from the mail subsystem.
#
destination mailinfo { file("/var/log/mail.info" owner("root")
group("adm") perm(0640)); };
destination mailwarn { file("/var/log/mail.warn" owner("root")
group("adm") perm(0640)); };
destination mailerr { file("/var/log/mail.err" owner("root")
group("adm") perm(0640)); };
# Logging for INN news system
#
destination newscrit { file("/var/log/news/news.crit" owner("root")
group("adm") perm(0640)); };
destination newserr { file("/var/log/news/news.err" owner("root")
group("adm") perm(0640)); };
destination newsnotice { file("/var/log/news/news.notice" owner("root")
group("adm") perm(0640)); };
# Some `catch-all' logfiles.
#
destination debug { file("/var/log/debug" owner("root")
group("adm") perm(0640)); };
destination messages { file("/var/log/messages" owner("root")
group("adm") perm(0640)); };
# The root's console.
#
destination console { usertty("root"); };
# Virtual console.
#
destination console_all { file("/dev/tty8"); };
# The named pipe /dev/xconsole is for the nsole' utility. To use it,
# you must invoke nsole' with the -file' option:
#
# # xconsole -file /dev/xconsole [...]
#
destination xconsole { pipe("/dev/xconsole"); };
destination ppp { file("/var/log/ppp.log" owner("root")
group("adm") perm(0640)); };
# Here's come the filter options. With this rules, we can set which
# message go where.
filter f_authpriv { facility(auth, authpriv); };
filter f_syslog { not facility(auth, authpriv); };
filter f_cron { facility(cron); };
filter f_daemon { facility(daemon); };
filter f_kern { facility(kern); };
filter f_lpr { facility(lpr); };
filter f_mail { facility(mail); };
filter f_user { facility(user); };
filter f_uucp { facility(uucp); };
filter f_news { facility(news); };
filter f_debug { level(debug) and not
facility(auth, authpriv, mail, news); };
filter f_messages { level(info .. warn) and not
facility(auth, authpriv, cron, daemon, mail, news); };
filter f_emergency { level(emerg); };
filter f_info { level(info); };
filter f_notice { level(notice); };
filter f_warn { level(warn); };
filter f_crit { level(crit); };
filter f_err { level(err); };
filter f_cnews { level(notice, err, crit) and facility(news); };
filter f_cother { level(debug, info, notice, warn) or
facility(daemon, mail); };
filter ppp { facility(local2); };
log { source(src); filter(f_authpriv); destination(authlog); };
log { source(src); filter(f_syslog); destination(syslog); };
#log { source(src); filter(f_cron); destination(cron); };
log { source(src); filter(f_daemon); destination(daemon); };
log { source(src); filter(f_kern); destination(kern); };
log { source(src); filter(f_lpr); destination(lpr); };
log { source(src); filter(f_mail); destination(mail); };
log { source(src); filter(f_user); destination(user); };
log { source(src); filter(f_uucp); destination(uucp); };
log { source(src); filter(f_mail); filter(f_info);
destination(mailinfo); };
log { source(src); filter(f_mail); filter(f_warn);
destination(mailwarn); };
log { source(src); filter(f_mail); filter(f_err);
destination(mailerr); };
log { source(src); filter(f_news); filter(f_crit);
destination(newscrit); };
log { source(src); filter(f_news); filter(f_err);
destination(newserr); };
log { source(src); filter(f_news); filter(f_notice);
destination(newsnotice); };
log { source(src); filter(f_debug); destination(debug); };
log { source(src); filter(f_messages); destination(messages); };
log { source(src); filter(f_emergency); destination(console); };
#log { source(src); filter(f_cnews); destination(console_all); };
#log { source(src); filter(f_cother); destination(console_all); };
log { source(src); filter(f_cnews); destination(xconsole); };
log { source(src); filter(f_cother); destination(xconsole); };
log { source(src); filter(ppp); destination(ppp); };
|