Author: baggins Date: Mon Feb 27 18:06:49 2006 GMT
Module: SOURCES Tag: HEAD
---- Log message:
- cleaned up, non-duplicating, consistent configuration
- be aware you may find very little in /var/log/messages now
---- Files affected:
SOURCES:
syslog-ng.conf (1.20 -> 1.21) , syslog.conf (1.10 -> 1.11)
---- Diffs:
================================================================
Index: SOURCES/syslog-ng.conf
diff -u SOURCES/syslog-ng.conf:1.20 SOURCES/syslog-ng.conf:1.21
--- SOURCES/syslog-ng.conf:1.20 Sun Aug 7 18:31:50 2005
+++ SOURCES/syslog-ng.conf Mon Feb 27 19:06:44 2006
@@ -1,29 +1,49 @@
#
-# Syslog-ng example configuration for PLD Linux
+# Syslog-ng configuration for PLD Linux
#
-# Copyright (c) 1999 anonymous
-# Copyright (c) 1999 Balazs Scheidler
-# $Id$
-#
-# Syslog-ng configuration file, compatible with default PLD syslogd
-# installation.
+# See syslog-ng(8) and syslog-ng.conf(5) for more information.
#
-options { long_hostnames(off); sync(0); owner(root); group(logs); perm(0640);
};
+options {
+ long_hostnames(off);
+ sync(0);
+ owner(root);
+ group(logs);
+ perm(0640);
+};
+
+source s_sys {
+ { pipe ("/proc/kmsg" log_prefix("kernel: ")); };
+ unix-stream("/dev/log");
+ internal();
+ max_connections(1024);
+};
-source src { pipe ("/proc/kmsg" log_prefix("kernel: "));
unix-stream("/dev/log"); internal(); };
# uncomment the line below if you want to setup syslog server
-#source net { udp(); };
+#source s_net { udp(); };
-#destination loghost { udp("loghost" port(999)); };
+#destination loghost { udp("loghost" port(514)); };
destination kern { file("/var/log/kernel"); };
destination messages { file("/var/log/messages"); };
destination authlog { file("/var/log/secure"); };
destination mail { file("/var/log/maillog"); };
destination uucp { file("/var/log/spooler"); };
-
destination debug { file("/var/log/debug"); };
+destination cron { file("/var/log/cron" owner(root) group(crontab)
perm(0660)); };
+destination syslog { file("/var/log/syslog"); };
+destination daemon { file("/var/log/daemon"); };
+destination lpr { file("/var/log/lpr"); };
+destination user { file("/var/log/user"); };
+destination ppp { file("/var/log/ppp"); };
+destination ftp { file("/var/log/xferlog"); };
+destination audit { file("/var/log/audit"); };
+destination postgres { file("/var/log/pgsql"); };
+destination freshclam { file("/var/log/freshclam.log"); };
+
+# Log iptables messages to separate file
+destination iptables { file("/var/log/iptables"); };
+
destination console { usertty("root"); };
#destination console_all { file("/dev/tty12"); };
@@ -33,37 +53,33 @@
#destination mailwarn { file("/var/log/mail/warn"); };
#destination mailerr { file("/var/log/mail/err"); };
-destination newscrit { file("/var/log/news/news.crit" owner(news)
group(news)); };
+estination newscrit { file("/var/log/news/news.crit" owner(news)
group(news)); };
destination newserr { file("/var/log/news/news.err" owner(news)
group(news)); };
destination newsnotice { file("/var/log/news/news.notice" owner(news)
group(news)); };
-destination cron { file("/var/log/cron" owner(root) group(crontab)
perm(0660)); };
-destination syslog { file("/var/log/syslog"); };
-destination daemon { file("/var/log/daemon"); };
-destination lpr { file("/var/log/lpr"); };
-destination user { file("/var/log/user"); };
-destination ppp { file("/var/log/ppp"); };
-destination ftp { file("/var/log/xferlog"); };
-
-# Log iptables messages to separate file
-destination iptables { file("/var/log/iptables"); };
-
-filter f_auth { facility(auth); };
-filter f_authpriv { facility(auth, authpriv); };
-filter f_syslog { not facility(authpriv, cron, lpr, mail,
news); };
+# Filters for standard syslog(3) facilities
+filter f_audit { facility(audit); };
+filter f_authpriv { facility(authpriv, auth); };
filter f_cron { facility(cron); };
filter f_daemon { facility(daemon); };
+filter f_ftp { facility(ftp); };
filter f_kern { facility(kern); };
filter f_lpr { facility(lpr); };
filter f_mail { facility(mail); };
+filter f_news { facility(news); };
+filter f_syslog { facility(syslog); };
filter f_user { facility(user); };
filter f_uucp { facility(uucp); };
-filter f_ppp { facility(daemon) and program(pppd) or program(chat);
};
-filter f_news { facility(news); };
-filter f_ftp { facility(ftp); };
-filter f_messages { level(info..warn)
- and not facility(auth, authpriv, cron, lpr, mail, news,
daemon); };
+filter f_local0 { facility(local0); };
+filter f_local1 { facility(local1); };
+filter f_local2 { facility(local2); };
+filter f_local3 { facility(local3); };
+filter f_local4 { facility(local4); };
+filter f_local5 { facility(local5); };
+filter f_local6 { facility(local6); };
+filter f_local7 { facility(local7); };
+# Filters for stanadard syslog(3) priorities
filter p_debug { level(debug); };
filter p_info { level(info); };
filter p_notice { level(notice); };
@@ -73,39 +89,46 @@
filter p_crit { level(crit); };
filter p_emergency { level(emerg); };
-filter f_iptables { facility(kern) and match("IN=[A-Za-z0-9]*
OUT=[A-Za-z0-9]*"); };
+# Additional filters for specific programs/use
+filter f_freshclam { program(freshclam); };
+filter f_ppp { program(pppd) or program(chat); };
+filter f_postgres { program(postgres); };
+filter f_iptables { match("IN=[A-Za-z0-9]* OUT=[A-Za-z0-9]*"); };
+
+log { source(s_sys); filter(f_auth); destination(authlog); };
+log { source(s_sys); filter(f_cron); destination(cron); };
+log { source(s_sys); filter(f_daemon); destination(daemon); };
+log { source(s_sys); filter(f_ftp); destination(ftp); };
+log { source(s_sys); filter(f_kern); destination(kern); };
+log { source(s_sys); filter(f_lpr); destination(lpr); };
+log { source(s_sys); filter(f_mail); destination(mail); };
+#log { source(s_sys); filter(f_mail); filter(p_info); destination(mailinfo);
};
+#log { source(s_sys); filter(f_mail); filter(p_warn); destination(mailwarn);
};
+#log { source(s_sys); filter(f_mail); filter(p_err); destination(mailerr); };
+log { source(s_sys); filter(f_news); filter(p_crit); destination(uucp); };
+log { source(s_sys); filter(f_news); filter(p_crit); destination(newscrit);
};
+log { source(s_sys); filter(f_news); filter(p_err); destination(newserr); };
+log { source(s_sys); filter(f_news); filter(p_warn);
destination(newsnotice); };
+log { source(s_sys); filter(f_news); filter(p_notice);
destination(newsnotice); };
+log { source(s_sys); filter(f_news); filter(p_info);
destination(newsnotice); };
+log { source(s_sys); filter(f_news); filter(p_debug);
destination(newsnotice); };
+log { source(s_sys); filter(f_syslog); destination(syslog); };
+log { source(s_sys); filter(f_user); destination(user); };
+log { source(s_sys); filter(f_uucp); destination(uucp); };
+
+log { source(s_sys); filter(p_debug); destination(debug); };
+
+log { source(s_sys); filter(f_daemon); filter(f_ppp);
destination(ppp); };
+log { source(s_sys); filter(f_local6); filter(f_freshclam);
destination(freshclam); };
+log { source(s_sys); filter(f_local0); filter(f_postgres);
destination(postgres); };
+#log { source(s_sys); filter(f_iptables); destination(iptables); };
-log { source(src); filter(f_kern); destination(kern); };
-
-log { source(src); filter(f_authpriv); destination(authlog); };
-log { source(src); filter(f_syslog); destination(syslog); };
-log { source(src); filter(f_cron); destination(cron); };
-log { source(src); filter(f_daemon); destination(daemon); };
-log { source(src); filter(f_lpr); destination(lpr); };
-log { source(src); filter(f_user); destination(user); };
-log { source(src); filter(f_uucp); destination(uucp); };
-log { source(src); filter(f_messages); destination(messages); };
-log { source(src); filter(f_ppp); destination(ppp); };
-log { source(src); filter(p_debug); destination(debug); };
-log { source(src); filter(p_emergency); destination(console); };
-#log { source(src); destination(console_all); };
-
-log { source(src); filter(f_mail); destination(mail); };
-#log { source(src); filter(f_mail); filter(p_info); destination(mailinfo);
};
-#log { source(src); filter(f_mail); filter(p_warn); destination(mailwarn);
};
-#log { source(src); filter(f_mail); filter(p_err); destination(mailerr); };
-
-log { source(src); filter(f_news); filter(p_crit); destination(uucp); };
-log { source(src); filter(f_news); filter(p_crit); destination(newscrit);
};
-log { source(src); filter(f_news); filter(p_err); destination(newserr); };
-log { source(src); filter(f_news); filter(p_warn);
destination(newsnotice); };
-log { source(src); filter(f_news); filter(p_notice);
destination(newsnotice); };
-log { source(src); filter(f_news); filter(p_info);
destination(newsnotice); };
-log { source(src); filter(f_news); filter(p_debug);
destination(newsnotice); };
-log { source(src); filter(f_ftp); destination(ftp); };
-
-#log { source(src); filter(f_iptables); destination(iptables); };
+log { source(s_sys); filter(p_emergency); destination(console); };
+#log { source(s_sys); destination(console_all); };
# This is a catchall statement, and should catch all messages which were not
# accepted any of the previous statements.
-#log { source(src); filter(DEFAULT); destination(syslog); };
+log { source(s_sys); filter(DEFAULT); destination(messages); };
+
+# Network syslogging
+#log { source(s_sys); destination(loghost); };
================================================================
Index: SOURCES/syslog.conf
diff -u SOURCES/syslog.conf:1.10 SOURCES/syslog.conf:1.11
--- SOURCES/syslog.conf:1.10 Fri Sep 9 16:15:54 2005
+++ SOURCES/syslog.conf Mon Feb 27 19:06:44 2006
@@ -1,5 +1,5 @@
-# Log all kernel messages.
-kern.* /var/log/kernel
+# Network logging to loghost
+#*.* @loghost
# Everybody gets emergency messages.
*.=emerg *
@@ -7,37 +7,46 @@
# The authpriv file has restricted access.
auth,authpriv.* /var/log/secure
-# Save alerts reported by daemons.
-*.=alert;*.=crit;*.=err /var/log/alert
+# Cron entry
+cron.* /var/log/cron
-# Log debug messages.
-*.=debug -/var/log/debug
+daemon.* /var/log/daemon
-local6.* -/var/log/freshclam.log
+ftp.* -/var/log/xferlog
+
+# Log all kernel messages.
+kern.* /var/log/kernel
+
+lpr.* -/var/log/lpr
# Log all mail messages in one place.
mail.* -/var/log/maillog
# Log all news messages in one place.
-news.* -/var/log/news.log
+news.=crit -/var/log/news.crit
+news.=err -/var/log/news.err
+news.notice -/var/log/news.notice
-# Log all (except mail/news) info/notice messages.
-# Don't log private authentication messages!
-*.=info;*.=notice;\
- auth,authpriv,local6,mail,news.none
-/var/log/messages
-
-# Log all (except mail/news) warning messages.
-# Don't log private authentication messages!
-*.=warn;\
- auth,authpriv,local6,mail,news.none -/var/log/syslog
+syslog.* -/var/log/syslog
+
+user.* -/var/log/user
+
+uucp.*;news.=crit -/var/log/spooler
+
+# Log debug messages.
+*.=debug -/var/log/debug
+
+# The following two suck, but syklogd sucks at configurability
+# If you want it The Right Way(TM) use syslog-ng
+local0.* -/var/log/pgsql
+local6.* -/var/log/freshclam.log
+
+# Log all other messages.
+*.!=debug;\
+ auth,authpriv,cron,daemon,ftp,kern,lpr,mail,news,syslog,user,uucp.none
-/var/log/messages
# All logs on tty12
#*.* /dev/tty12
# Log all kernel messages to the console.
#kern.* /dev/console
-
-ftp.* /var/log/xferlog
-
-# Cron entry:
-cron.* /var/log/cron
================================================================
---- CVS-web:
http://cvs.pld-linux.org/SOURCES/syslog-ng.conf?r1=1.20&r2=1.21&f=u
http://cvs.pld-linux.org/SOURCES/syslog.conf?r1=1.10&r2=1.11&f=u
_______________________________________________
pld-cvs-commit mailing list
pld-cvs-commit@lists.pld-linux.org
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit
