syslog-ng.conf

   1 #
   2 # Syslog-ng example configuration for PLD Linux
   3 #
   4 # Copyright (c) 1999 anonymous
   5 # Copyright (c) 1999 Balazs Scheidler
   6 # $Id$
   7 #
   8 # Syslog-ng configuration file, compatible with default PLD syslogd
   9 # installation.
  10 #
  11
  12 options { long_hostnames(off); sync(0); };
  13
  14 source src      { pipe ("/proc/kmsg" log_prefix("kernel: ")); unix-stream("/dev/log"); internal(); };
  15 # uncomment the line below if you want to setup syslog server
  16 #source net     { udp(); };
  17
  18 #destination loghost    { udp("loghost" port(999)); };
  19
  20 destination kern        { file("/var/log/kernel"); };
  21 destination messages    { file("/var/log/messages"); };
  22 destination authlog     { file("/var/log/secure"); };
  23 destination mail        { file("/var/log/maillog"); };
  24 destination uucp        { file("/var/log/spooler"); };
  25
  26 destination debug       { file("/var/log/debug"); };
  27 destination console     { usertty("root"); };
  28 #destination console_all        { file("/dev/tty12"); };
  29
  30 destination xconsole    { pipe("/dev/xconsole"); };
  31
  32 #destination mailinfo   { file("/var/log/mail/info"); };
  33 #destination mailwarn   { file("/var/log/mail/warn"); };
  34 #destination mailerr    { file("/var/log/mail/err"); };
  35
  36 destination newscrit    { file("/var/log/news/news.crit" owner(news) group(news)); };
  37 destination newserr     { file("/var/log/news/news.err" owner(news) group(news)); };
  38 destination newsnotice  { file("/var/log/news/news.notice" owner(news) group(news)); };
  39
  40 destination cron        { file("/var/log/cron" owner(root) group(crontab) perm(0660)); };
  41 destination syslog      { file("/var/log/syslog"); };
  42 destination daemon      { file("/var/log/daemon"); };
  43 destination lpr         { file("/var/log/lpr"); };
  44 destination user        { file("/var/log/user"); };
  45 destination ppp         { file("/var/log/ppp"); };
  46 destination ftp         { file("/var/log/xferlog"); };
  47
  48 # Log iptables messages to separate file
  49 destination iptables    { file("/var/log/iptables"); };
  50
  51 filter f_auth           { facility(auth); };
  52 filter f_authpriv       { facility(auth, authpriv); };
  53 filter f_syslog         { not facility(authpriv, cron, lpr, mail, news); };
  54 filter f_cron           { facility(cron); };
  55 filter f_daemon         { facility(daemon); };
  56 filter f_kern           { facility(kern); };
  57 filter f_lpr            { facility(lpr); };
  58 filter f_mail           { facility(mail); };
  59 filter f_user           { facility(user); };
  60 filter f_uucp           { facility(uucp); };
  61 filter f_ppp            { facility(daemon) and program(pppd) or program(chat); };
  62 filter f_news           { facility(news); };
  63 filter f_ftp            { facility(ftp); };
  64 filter f_messages       { level(info..warn)
  65                         and not facility(auth, authpriv, cron, lpr, mail, news, daemon); };
  66
  67 filter p_debug          { level(debug); };
  68 filter p_info           { level(info); };
  69 filter p_notice         { level(notice); };
  70 filter p_warn           { level(warn); };
  71 filter p_err            { level(err); };
  72 filter p_alert          { level(alert); };
  73 filter p_crit           { level(crit); };
  74 filter p_emergency      { level(emerg); };
  75
  76 filter f_iptables       { facility(kern) and match("IN=[A-Za-z0-9]* OUT=[A-Za-z0-9]*"); };
  77
  78 log { source(src); filter(f_kern);      destination(kern); };
  79
  80 log { source(src); filter(f_authpriv);  destination(authlog); };
  81 log { source(src); filter(f_syslog);    destination(syslog); };
  82 log { source(src); filter(f_cron);      destination(cron); };
  83 log { source(src); filter(f_daemon);    destination(daemon); };
  84 log { source(src); filter(f_lpr);       destination(lpr); };
  85 log { source(src); filter(f_user);      destination(user); };
  86 log { source(src); filter(f_uucp);      destination(uucp); };
  87 log { source(src); filter(f_messages);  destination(messages); };
  88 log { source(src); filter(f_ppp);       destination(ppp); };
  89 log { source(src); filter(p_debug);     destination(debug); };
  90 log { source(src); filter(p_emergency); destination(console); };
  91 #log { source(src); destination(console_all); };
  92
  93 log { source(src); filter(f_mail);                      destination(mail); };
  94 #log { source(src); filter(f_mail); filter(p_info);     destination(mailinfo); };
  95 #log { source(src); filter(f_mail); filter(p_warn);     destination(mailwarn); };
  96 #log { source(src); filter(f_mail); filter(p_err);      destination(mailerr); };
  97
  98 log { source(src); filter(f_news); filter(p_crit);      destination(uucp); };
  99 log { source(src); filter(f_news); filter(p_crit);      destination(newscrit); };
 100 log { source(src); filter(f_news); filter(p_err);       destination(newserr); };
 101 log { source(src); filter(f_news); filter(p_warn);      destination(newsnotice); };
 102 log { source(src); filter(f_news); filter(p_notice);    destination(newsnotice); };
 103 log { source(src); filter(f_news); filter(p_info);      destination(newsnotice); };
 104 log { source(src); filter(f_news); filter(p_debug);     destination(newsnotice); };
 105 log { source(src); filter(f_ftp);                       destination(ftp); };
 106
 107 #log { source(src); filter(f_iptables); destination(iptables); };
 108
 109 #  This is a catchall statement, and should catch all messages which were not
 110 #  accepted any of the previous statements.
 111 #log { source(src); filter(DEFAULT); destination(syslog); };