options { long_hostnames(off); sync(0); };
-source src { unix-stream("/dev/log"); internal(); };
+source src { pipe("/proc/kmsg"); unix-stream("/dev/log"); internal(); };
# uncomment below line if you want setup syslog server
#source net { udp(); };
destination xconsole { pipe("/dev/xconsole"); };
-#destination mailinfo { file("/var/log/mail/info"); };
-#destination mailwarn { file("/var/log/mail/warn"); };
-#destination mailerr { file("/var/log/mail/err"); };
+destination mailinfo { file("/var/log/mail/info"); };
+destination mailwarn { file("/var/log/mail/warn"); };
+destination mailerr { file("/var/log/mail/err"); };
destination newscrit { file("/var/log/news/news.crit" owner(news) group(news)); };
destination newserr { file("/var/log/news/news.err" owner(news) group(news)); };
# Log iptables messages to separate file
destination iptables { file("/var/log/iptables"); };
+filter f_syslog { not facility(authpriv, mail, news)
+ and not match("IN=[A-Za-z0-9]* OUT=[A-Za-z0-9]*")
+ and not match("cron") ; };
+filter f_iptables { facility(kern) and match("IN=[A-Za-z0-9]* OUT=[A-Za-z0-9]*"); };
+filter f_kern { facility(kern)
+ and not match("IN=[A-Za-z0-9]* OUT=[A-Za-z0-9]*") ; };
filter f_auth { facility(auth); };
-filter f_authpriv { facility(auth, authpriv); };
-filter f_syslog { not facility(authpriv, mail, news); };
-filter f_cron { facility(cron); };
+filter f_authpriv { facility(auth, authpriv)
+ and not match("cron"); };
+filter f_cron { facility(cron) or match("cron"); };
filter f_daemon { facility(daemon); };
-filter f_kern { facility(kern); };
filter f_lpr { facility(lpr); };
filter f_mail { facility(mail); };
filter f_user { facility(user); };
filter f_news { facility(news); };
filter f_messages { level(info..warn)
and not facility(auth, authpriv, mail, news, daemon); };
-
filter p_debug { level(debug); };
filter p_info { level(info); };
filter p_notice { level(notice); };
filter p_crit { level(crit); };
filter p_emergency { level(emerg); };
-filter f_iptables { facility(kern) and match("IN=[A-Za-z0-9]* OUT=[A-Za-z0-9]*"); };
log { source(src); filter(f_kern); destination(kern); };
log { source(src); filter(f_news); filter(p_info); destination(newsnotice); };
log { source(src); filter(f_news); filter(p_debug); destination(newsnotice); };
-#log { source(src); filter(f_iptables); destination(iptables); };
+log { source(src); filter(f_iptables); destination(iptables); };