-#rsyslog v3 config file
-
-# provides support for local system logging (e.g. via logger command)
-$ModLoad imuxsock.so
-# provides kernel logging support (previously done by rklogd)
-$ModLoad imklog.so
-
-# provides --MARK-- message capability
-#$ModLoad immark.so
-# provides UDP syslog reception
-#$ModLoad imudp.so
-# provides TCP syslog reception and GSS-API (if compiled to support it)
+#rsyslog v4 config file
+
+# if you experience problems, check
+# http://www.rsyslog.com/troubleshoot for assistance
+
+#### MODULES ####
+
+$ModLoad imuxsock.so # provides support for local system logging (e.g. via logger command)
+$ModLoad imklog.so # provides kernel logging support (previously done by rklogd)
+#$ModLoad immark.so # provides --MARK-- message capability
+
+# Provides UDP syslog reception
+#$ModLoad imudp.so
+#$UDPServerRun 514
+
+# Provides TCP syslog reception
#$ModLoad imtcp.so
+#$InputTCPServerRun 514
+
+# ### GLOBAL DIRECTIVES ####
+
+#
+# Use traditional timestamp format.
+# To enable high precision timestamps, comment out the following line.
+$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
+
+# File syncing capability is disabled by default. This feature is usually not required,
+# not useful and an extreme performance hit.
+# Without that dash doesn't work.
+#$ActionFileEnableSync on
+
+#
+# Set the default permissions for all log files.
+#
+$FileOwner root
+$FileGroup logs
+$FileCreateMode 0640
+$DirCreateMode 0750
+
+
+# ### RULES ####
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
-#kern.* /dev/console
-
-# Log anything (except mail) of level info or higher.
-# Don't log private authentication messages!
-*.info;mail.none;authpriv.none;cron.none /var/log/messages
+#kern.* /dev/console
# The authpriv file has restricted access.
-authpriv.* /var/log/secure
+authpriv.* /var/log/secure
# Log all the mail messages in one place.
-mail.* -/var/log/maillog
-
+mail.* -/var/log/maillog
# Log cron stuff
-cron.* /var/log/cron
+cron.* /var/log/cron
# Everybody gets emergency messages
-*.emerg *
+*.emerg *
# Save news errors of level crit and higher in a special file.
-uucp,news.crit /var/log/spooler
+uucp,news.crit /var/log/spooler
# Save boot messages also to boot.log
-local7.* /var/log/boot.log
+local7.* /var/log/boot.log
+
+#
+# Some "catch-all" log files.
+#
+*.=debug;\
+ auth,authpriv.none;\
+ news.none;mail.none -/var/log/debug
+*.=info;*.=notice;*.=warn;\
+ auth,authpriv.none;\
+ cron,daemon.none;\
+ mail,news.none -/var/log/messages
+
+# ### Additional - from wiki ###
+# A basic template mostly from the docs, but I wanted to know what system forwarded the
+# messages so I added some text. Also I added the ":::space" to handle the windows
+# events (based on the other suggestions in the wiki)
+#
+# $template SyslFormat,"%timegenerated% [WJCG]-%HOSTNAME% %syslogtag%%msg:::space$
+
+# this is for Windows events from SNARE
+#
+# $EscapeControlCharactersOnReceive off
+
+# ### misc
+#
+# reduce any duplicates
+#
+# $RepeatedMsgReduction on
+# $OptimizeForUniprocessor on
+
+
+
+# ### Begin forwarding rule ###
+# The statement between the begin ... end define a SINGLE forwarding
+# rule. They belong together, do NOT split them. If you create multiple
+# forwarding rules, duplicate the whole block!
+# Remote Logging (we use TCP for reliable delivery)
+#
+# An on-disk queue is created for this action. If the remote host is
+# down, messages are spooled to disk and sent when it is up again.
+#$WorkDirectory /var/spppl/rsyslog # where to place spool files
+#$ActionQueueFileName fwdRule1 # unique name prefix for spool files
+#$ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible)
+#$ActionQueueSaveOnShutdown on # save messages to disk on shutdown
+#$ActionQueueType LinkedList # run asynchronously
+#$ActionResumeRetryCount -1 # infinite retries if host is down
+# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional
+#*.* @@remote-host:514
+
+
+
+# ### For central logs server use an example: host/year/month/day/facility ###
+#
+#$template DailyPerHostLogs,"/var/log/remote/%HOSTNAME%/%$YEAR%/%$MONTH%/%$DAY%/%syslogfacility-text%" #*.* -?DailyPerHostLogs
+
Summary(tr.UTF-8): Linux sistem ve çekirdek kayıt süreci
Name: rsyslog
Version: 4.6.1
-Release: 1
+Release: 1.1
License: GPL v3
Group: Daemons
Source0: http://download.rsyslog.com/rsyslog/%{name}-%{version}.tar.gz
%build
%configure \
+ --enable-imfile \
%{?with_gssapi:--enable-gssapi-krb5} \
%{?with_mysql:--enable-mysql} \
%{?with_pgsql:--enable-pgsql} \
DESTDIR=$RPM_BUILD_ROOT
install %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/rsyslog
-install %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/rsyslog.d/rsyslog.conf
+install %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/rsyslog.conf
install %{SOURCE3} $RPM_BUILD_ROOT/etc/sysconfig/rsyslog
install %{SOURCE4} $RPM_BUILD_ROOT/etc/logrotate.d/rsyslog
%post
for n in /var/log/{cron,daemon,debug,kernel,lpr,maillog,messages,secure,spooler,syslog,user}; do
if [ -f $n ]; then
- chown syslog:syslog $n
+ chown root:logs $n
continue
else
touch $n
chmod 000 $n
- chown syslog:syslog $n
+ chown root:logs $n
chmod 640 $n
fi
done
%defattr(644,root,root,755)
%doc AUTHORS ChangeLog NEWS README
%dir %{_sysconfdir}/rsyslog.d
-%attr(640,root,syslog) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/rsyslog.d/rsyslog.conf
+%attr(640,root,syslog) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/rsyslog.conf
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/rsyslog
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/rsyslog
%attr(754,root,root) /etc/rc.d/init.d/rsyslog
%attr(640,root,root) %ghost /var/log/*
%attr(755,root,root) %{_sbindir}/rsyslogd
%dir %{_libdir}/rsyslog
-%attr(755,root,root) %{_libdir}/rsyslog/omsnmp.so
+%attr(755,root,root) %{_libdir}/rsyslog/imfile.so
%attr(755,root,root) %{_libdir}/rsyslog/imklog.so
%attr(755,root,root) %{_libdir}/rsyslog/immark.so
%attr(755,root,root) %{_libdir}/rsyslog/imtcp.so
%attr(755,root,root) %{_libdir}/rsyslog/lmtcpclt.so
%attr(755,root,root) %{_libdir}/rsyslog/lmtcpsrv.so
%attr(755,root,root) %{_libdir}/rsyslog/lmzlibw.so
+%attr(755,root,root) %{_libdir}/rsyslog/omsnmp.so
%attr(755,root,root) %{_libdir}/rsyslog/omtesting.so
%{_mandir}/man5/*
%{_mandir}/man8/*