Author: baggins Date: Mon Feb 27 18:06:49 2006 GMT Module: SOURCES Tag: HEAD ---- Log message: - cleaned up, non-duplicating, consistent configuration - be aware you may find very little in /var/log/messages now
---- Files affected: SOURCES: syslog-ng.conf (1.20 -> 1.21) , syslog.conf (1.10 -> 1.11) ---- Diffs: ================================================================ Index: SOURCES/syslog-ng.conf diff -u SOURCES/syslog-ng.conf:1.20 SOURCES/syslog-ng.conf:1.21 --- SOURCES/syslog-ng.conf:1.20 Sun Aug 7 18:31:50 2005 +++ SOURCES/syslog-ng.conf Mon Feb 27 19:06:44 2006 @@ -1,29 +1,49 @@ # -# Syslog-ng example configuration for PLD Linux +# Syslog-ng configuration for PLD Linux # -# Copyright (c) 1999 anonymous -# Copyright (c) 1999 Balazs Scheidler -# $Id$ -# -# Syslog-ng configuration file, compatible with default PLD syslogd -# installation. +# See syslog-ng(8) and syslog-ng.conf(5) for more information. # -options { long_hostnames(off); sync(0); owner(root); group(logs); perm(0640); }; +options { + long_hostnames(off); + sync(0); + owner(root); + group(logs); + perm(0640); +}; + +source s_sys { + { pipe ("/proc/kmsg" log_prefix("kernel: ")); }; + unix-stream("/dev/log"); + internal(); + max_connections(1024); +}; -source src { pipe ("/proc/kmsg" log_prefix("kernel: ")); unix-stream("/dev/log"); internal(); }; # uncomment the line below if you want to setup syslog server -#source net { udp(); }; +#source s_net { udp(); }; -#destination loghost { udp("loghost" port(999)); }; +#destination loghost { udp("loghost" port(514)); }; destination kern { file("/var/log/kernel"); }; destination messages { file("/var/log/messages"); }; destination authlog { file("/var/log/secure"); }; destination mail { file("/var/log/maillog"); }; destination uucp { file("/var/log/spooler"); }; - destination debug { file("/var/log/debug"); }; +destination cron { file("/var/log/cron" owner(root) group(crontab) perm(0660)); }; +destination syslog { file("/var/log/syslog"); }; +destination daemon { file("/var/log/daemon"); }; +destination lpr { file("/var/log/lpr"); }; +destination user { file("/var/log/user"); }; +destination ppp { file("/var/log/ppp"); }; +destination ftp { file("/var/log/xferlog"); }; +destination audit { file("/var/log/audit"); }; +destination postgres { file("/var/log/pgsql"); }; +destination freshclam { file("/var/log/freshclam.log"); }; + +# Log iptables messages to separate file +destination iptables { file("/var/log/iptables"); }; + destination console { usertty("root"); }; #destination console_all { file("/dev/tty12"); }; @@ -33,37 +53,33 @@ #destination mailwarn { file("/var/log/mail/warn"); }; #destination mailerr { file("/var/log/mail/err"); }; -destination newscrit { file("/var/log/news/news.crit" owner(news) group(news)); }; +estination newscrit { file("/var/log/news/news.crit" owner(news) group(news)); }; destination newserr { file("/var/log/news/news.err" owner(news) group(news)); }; destination newsnotice { file("/var/log/news/news.notice" owner(news) group(news)); }; -destination cron { file("/var/log/cron" owner(root) group(crontab) perm(0660)); }; -destination syslog { file("/var/log/syslog"); }; -destination daemon { file("/var/log/daemon"); }; -destination lpr { file("/var/log/lpr"); }; -destination user { file("/var/log/user"); }; -destination ppp { file("/var/log/ppp"); }; -destination ftp { file("/var/log/xferlog"); }; - -# Log iptables messages to separate file -destination iptables { file("/var/log/iptables"); }; - -filter f_auth { facility(auth); }; -filter f_authpriv { facility(auth, authpriv); }; -filter f_syslog { not facility(authpriv, cron, lpr, mail, news); }; +# Filters for standard syslog(3) facilities +filter f_audit { facility(audit); }; +filter f_authpriv { facility(authpriv, auth); }; filter f_cron { facility(cron); }; filter f_daemon { facility(daemon); }; +filter f_ftp { facility(ftp); }; filter f_kern { facility(kern); }; filter f_lpr { facility(lpr); }; filter f_mail { facility(mail); }; +filter f_news { facility(news); }; +filter f_syslog { facility(syslog); }; filter f_user { facility(user); }; filter f_uucp { facility(uucp); }; -filter f_ppp { facility(daemon) and program(pppd) or program(chat); }; -filter f_news { facility(news); }; -filter f_ftp { facility(ftp); }; -filter f_messages { level(info..warn) - and not facility(auth, authpriv, cron, lpr, mail, news, daemon); }; +filter f_local0 { facility(local0); }; +filter f_local1 { facility(local1); }; +filter f_local2 { facility(local2); }; +filter f_local3 { facility(local3); }; +filter f_local4 { facility(local4); }; +filter f_local5 { facility(local5); }; +filter f_local6 { facility(local6); }; +filter f_local7 { facility(local7); }; +# Filters for stanadard syslog(3) priorities filter p_debug { level(debug); }; filter p_info { level(info); }; filter p_notice { level(notice); }; @@ -73,39 +89,46 @@ filter p_crit { level(crit); }; filter p_emergency { level(emerg); }; -filter f_iptables { facility(kern) and match("IN=[A-Za-z0-9]* OUT=[A-Za-z0-9]*"); }; +# Additional filters for specific programs/use +filter f_freshclam { program(freshclam); }; +filter f_ppp { program(pppd) or program(chat); }; +filter f_postgres { program(postgres); }; +filter f_iptables { match("IN=[A-Za-z0-9]* OUT=[A-Za-z0-9]*"); }; + +log { source(s_sys); filter(f_auth); destination(authlog); }; +log { source(s_sys); filter(f_cron); destination(cron); }; +log { source(s_sys); filter(f_daemon); destination(daemon); }; +log { source(s_sys); filter(f_ftp); destination(ftp); }; +log { source(s_sys); filter(f_kern); destination(kern); }; +log { source(s_sys); filter(f_lpr); destination(lpr); }; +log { source(s_sys); filter(f_mail); destination(mail); }; +#log { source(s_sys); filter(f_mail); filter(p_info); destination(mailinfo); }; +#log { source(s_sys); filter(f_mail); filter(p_warn); destination(mailwarn); }; +#log { source(s_sys); filter(f_mail); filter(p_err); destination(mailerr); }; +log { source(s_sys); filter(f_news); filter(p_crit); destination(uucp); }; +log { source(s_sys); filter(f_news); filter(p_crit); destination(newscrit); }; +log { source(s_sys); filter(f_news); filter(p_err); destination(newserr); }; +log { source(s_sys); filter(f_news); filter(p_warn); destination(newsnotice); }; +log { source(s_sys); filter(f_news); filter(p_notice); destination(newsnotice); }; +log { source(s_sys); filter(f_news); filter(p_info); destination(newsnotice); }; +log { source(s_sys); filter(f_news); filter(p_debug); destination(newsnotice); }; +log { source(s_sys); filter(f_syslog); destination(syslog); }; +log { source(s_sys); filter(f_user); destination(user); }; +log { source(s_sys); filter(f_uucp); destination(uucp); }; + +log { source(s_sys); filter(p_debug); destination(debug); }; + +log { source(s_sys); filter(f_daemon); filter(f_ppp); destination(ppp); }; +log { source(s_sys); filter(f_local6); filter(f_freshclam); destination(freshclam); }; +log { source(s_sys); filter(f_local0); filter(f_postgres); destination(postgres); }; +#log { source(s_sys); filter(f_iptables); destination(iptables); }; -log { source(src); filter(f_kern); destination(kern); }; - -log { source(src); filter(f_authpriv); destination(authlog); }; -log { source(src); filter(f_syslog); destination(syslog); }; -log { source(src); filter(f_cron); destination(cron); }; -log { source(src); filter(f_daemon); destination(daemon); }; -log { source(src); filter(f_lpr); destination(lpr); }; -log { source(src); filter(f_user); destination(user); }; -log { source(src); filter(f_uucp); destination(uucp); }; -log { source(src); filter(f_messages); destination(messages); }; -log { source(src); filter(f_ppp); destination(ppp); }; -log { source(src); filter(p_debug); destination(debug); }; -log { source(src); filter(p_emergency); destination(console); }; -#log { source(src); destination(console_all); }; - -log { source(src); filter(f_mail); destination(mail); }; -#log { source(src); filter(f_mail); filter(p_info); destination(mailinfo); }; -#log { source(src); filter(f_mail); filter(p_warn); destination(mailwarn); }; -#log { source(src); filter(f_mail); filter(p_err); destination(mailerr); }; - -log { source(src); filter(f_news); filter(p_crit); destination(uucp); }; -log { source(src); filter(f_news); filter(p_crit); destination(newscrit); }; -log { source(src); filter(f_news); filter(p_err); destination(newserr); }; -log { source(src); filter(f_news); filter(p_warn); destination(newsnotice); }; -log { source(src); filter(f_news); filter(p_notice); destination(newsnotice); }; -log { source(src); filter(f_news); filter(p_info); destination(newsnotice); }; -log { source(src); filter(f_news); filter(p_debug); destination(newsnotice); }; -log { source(src); filter(f_ftp); destination(ftp); }; - -#log { source(src); filter(f_iptables); destination(iptables); }; +log { source(s_sys); filter(p_emergency); destination(console); }; +#log { source(s_sys); destination(console_all); }; # This is a catchall statement, and should catch all messages which were not # accepted any of the previous statements. -#log { source(src); filter(DEFAULT); destination(syslog); }; +log { source(s_sys); filter(DEFAULT); destination(messages); }; + +# Network syslogging +#log { source(s_sys); destination(loghost); }; ================================================================ Index: SOURCES/syslog.conf diff -u SOURCES/syslog.conf:1.10 SOURCES/syslog.conf:1.11 --- SOURCES/syslog.conf:1.10 Fri Sep 9 16:15:54 2005 +++ SOURCES/syslog.conf Mon Feb 27 19:06:44 2006 @@ -1,5 +1,5 @@ -# Log all kernel messages. -kern.* /var/log/kernel +# Network logging to loghost +#*.* @loghost # Everybody gets emergency messages. *.=emerg * @@ -7,37 +7,46 @@ # The authpriv file has restricted access. auth,authpriv.* /var/log/secure -# Save alerts reported by daemons. -*.=alert;*.=crit;*.=err /var/log/alert +# Cron entry +cron.* /var/log/cron -# Log debug messages. -*.=debug -/var/log/debug +daemon.* /var/log/daemon -local6.* -/var/log/freshclam.log +ftp.* -/var/log/xferlog + +# Log all kernel messages. +kern.* /var/log/kernel + +lpr.* -/var/log/lpr # Log all mail messages in one place. mail.* -/var/log/maillog # Log all news messages in one place. -news.* -/var/log/news.log +news.=crit -/var/log/news.crit +news.=err -/var/log/news.err +news.notice -/var/log/news.notice -# Log all (except mail/news) info/notice messages. -# Don't log private authentication messages! -*.=info;*.=notice;\ - auth,authpriv,local6,mail,news.none -/var/log/messages - -# Log all (except mail/news) warning messages. -# Don't log private authentication messages! -*.=warn;\ - auth,authpriv,local6,mail,news.none -/var/log/syslog +syslog.* -/var/log/syslog + +user.* -/var/log/user + +uucp.*;news.=crit -/var/log/spooler + +# Log debug messages. +*.=debug -/var/log/debug + +# The following two suck, but syklogd sucks at configurability +# If you want it The Right Way(TM) use syslog-ng +local0.* -/var/log/pgsql +local6.* -/var/log/freshclam.log + +# Log all other messages. +*.!=debug;\ + auth,authpriv,cron,daemon,ftp,kern,lpr,mail,news,syslog,user,uucp.none -/var/log/messages # All logs on tty12 #*.* /dev/tty12 # Log all kernel messages to the console. #kern.* /dev/console - -ftp.* /var/log/xferlog - -# Cron entry: -cron.* /var/log/cron ================================================================ ---- CVS-web: http://cvs.pld-linux.org/SOURCES/syslog-ng.conf?r1=1.20&r2=1.21&f=u http://cvs.pld-linux.org/SOURCES/syslog.conf?r1=1.10&r2=1.11&f=u _______________________________________________ pld-cvs-commit mailing list pld-cvs-commit@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit