- log kernel messagess, properly log cron, log iptables logs into different file...

Changed files:
    syslog-ng.conf -> 1.15

diff --git a/syslog-ng.conf b/syslog-ng.conf
index be04468e824713c8bd9b382f076d30ffa4c40dd3..e479319ef45bdf4db524587bbfdab72da47ef577 100644 (file)
--- a/syslog-ng.conf
+++ b/syslog-ng.conf
@@ -11,7 +11,7 @@
 
 options { long_hostnames(off); sync(0); };
 
-source src     { unix-stream("/dev/log"); internal(); };
+source src { pipe("/proc/kmsg"); unix-stream("/dev/log"); internal(); };
 
 # uncomment below line if you want setup syslog server
 #source net    { udp(); };
@@ -30,9 +30,9 @@ destination console   { usertty("root"); };
 
 destination xconsole   { pipe("/dev/xconsole"); };
 
-#destination mailinfo  { file("/var/log/mail/info"); };
-#destination mailwarn  { file("/var/log/mail/warn"); };
-#destination mailerr   { file("/var/log/mail/err"); };
+destination mailinfo   { file("/var/log/mail/info"); };
+destination mailwarn   { file("/var/log/mail/warn"); };
+destination mailerr    { file("/var/log/mail/err"); };
 
 destination newscrit   { file("/var/log/news/news.crit" owner(news) group(news)); };
 destination newserr    { file("/var/log/news/news.err" owner(news) group(news)); };
@@ -47,13 +47,18 @@ destination ppp             { file("/var/log/ppp"); };
 
 # Log iptables messages to separate file
 destination iptables   { file("/var/log/iptables"); };
+filter f_syslog                { not facility(authpriv, mail, news)
+                       and not match("IN=[A-Za-z0-9]* OUT=[A-Za-z0-9]*")
+                       and not match("cron") ; };
+filter f_iptables      { facility(kern) and match("IN=[A-Za-z0-9]* OUT=[A-Za-z0-9]*"); };
+filter f_kern          { facility(kern)
+                       and not match("IN=[A-Za-z0-9]* OUT=[A-Za-z0-9]*") ; };
 
 filter f_auth          { facility(auth); };
-filter f_authpriv      { facility(auth, authpriv); };
-filter f_syslog                { not facility(authpriv, mail, news); };
-filter f_cron          { facility(cron); };
+filter f_authpriv      { facility(auth, authpriv)
+                       and not match("cron"); };
+filter f_cron          { facility(cron) or match("cron"); };
 filter f_daemon                { facility(daemon); };
-filter f_kern          { facility(kern); };
 filter f_lpr           { facility(lpr); };
 filter f_mail          { facility(mail); };
 filter f_user          { facility(user); };
@@ -62,7 +67,6 @@ filter f_ppp          { facility(daemon) and program(pppd) or program(chat); };
 filter f_news          { facility(news); };
 filter f_messages      { level(info..warn) 
                        and not facility(auth, authpriv, mail, news, daemon); };
-
 filter p_debug         { level(debug); };
 filter p_info          { level(info); };
 filter p_notice                { level(notice); };
@@ -72,7 +76,6 @@ filter p_alert                { level(alert); };
 filter p_crit          { level(crit); };
 filter p_emergency     { level(emerg); };
 
-filter f_iptables      { facility(kern) and match("IN=[A-Za-z0-9]* OUT=[A-Za-z0-9]*"); };
 
 log { source(src); filter(f_kern);     destination(kern); };
 
@@ -102,4 +105,4 @@ log { source(src); filter(f_news); filter(p_notice);        destination(newsnotice); };
 log { source(src); filter(f_news); filter(p_info);     destination(newsnotice); };
 log { source(src); filter(f_news); filter(p_debug);    destination(newsnotice); };
 
-#log { source(src); filter(f_iptables);        destination(iptables); };
+log { source(src); filter(f_iptables); destination(iptables); };