-@version: 3.0
+@version: 3.12
+@include "scl.conf"
#
# Syslog-ng configuration for PLD Linux
#
time_reopen(10);
time_reap(360);
mark_freq(600);
- log_fifo_size(2048);
+ threaded(yes);
};
-source s_sys {
- pipe ("/proc/kmsg" program_override("kernel"));
- unix-stream("/dev/log" max-connections(1000));
+source s_sys {
+# NOTE:
+# if you are running under systemd and just merged config then you may
+# need to manually fix /dev/log symlink:
+# # ln -s /run/systemd/journal/dev-log /dev/log
+ system();
internal();
};
# uncomment the line below if you want to setup syslog server
#source s_net { udp(); };
+# if using systemd, an IP address instead of name may be required here
#destination d_loghost { udp("loghost" port(514)); };
destination d_kern { file("/var/log/kernel"); };
destination d_mail { file("/var/log/maillog"); };
destination d_uucp { file("/var/log/spooler"); };
destination d_debug { file("/var/log/debug"); };
-destination d_cron { file("/var/log/cron" owner(root) group(crontab) perm(0660)); };
+destination d_cron { file("/var/log/cron"); };
destination d_syslog { file("/var/log/syslog"); };
destination d_daemon { file("/var/log/daemon"); };
destination d_lpr { file("/var/log/lpr"); };
filter f_freshclam { program(freshclam); };
filter f_ppp { program(pppd) or program(chat); };
filter f_postgres { program(postgres); };
-filter f_iptables { match("IN=[A-Za-z0-9\.]* OUT=[A-Za-z0-9\.]*"); };
+filter f_iptables { match("IN=[A-Za-z0-9\.]* OUT=[A-Za-z0-9\.]*" value("MESSAGE")); };
log { source(s_sys); filter(f_authpriv); destination(d_authlog); };
log { source(s_sys); filter(f_cron); destination(d_cron); };