@version: 3.5
@include "scl.conf"
@include "`scl-root`/system/tty10.conf"
+#
+# Configuration file for syslog-ng under Debian.
+# Customized for sarava.org, originally developed by riseup.net
+#
+# see http://www.campin.net/syslog-ng/expanded-syslog-ng.conf
+# for examples.
+#
+# levels: emerg alert crit err warning notice info debug
+#
-# Syslog-ng configuration file, compatible with default Debian syslogd
-# installation.
+############################################################
+## global options
-# First, set some global options.
-options { chain_hostnames(off); flush_lines(0); use_dns(no); use_fqdn(no);
- owner("root"); group("adm"); perm(0640); stats_freq(0);
- bad_hostname("^gconfd$");
+options {
+ chain_hostnames(0);
+ time_reopen(10);
+ time_reap(360);
+ flush_lines(0);
+ log_fifo_size(2048);
+ create_dirs(yes);
+ group(adm);
+ perm(0640);
+ dir_perm(0755);
+ use_dns(no);
};
-########################
-# Sources
-########################
-# This is the default behavior of sysklogd package
-# Logs may come from unix stream, but not from another machine.
-#
-source s_src {
- system();
- internal();
+############################################################
+## universal source
+
+source s_all {
+ internal();
+ unix-stream("/dev/log");
+<% if (log_kernel_msgs == true) -%>
+ file("/proc/kmsg" program_override("kernel"));
+<% end -%>
};
-# If you wish to get logs from remote machine you should uncomment
-# this and comment the above source line.
-#
-#source s_net { tcp(ip(127.0.0.1) port(1000)); };
+############################################################
+## generic destinations
-########################
-# Destinations
-########################
-# First some standard logfile
-#
-destination d_auth { file("/var/log/auth.log"); };
-destination d_cron { file("/var/log/cron.log"); };
-destination d_daemon { file("/var/log/daemon.log"); };
-destination d_kern { file("/var/log/kern.log"); };
-destination d_lpr { file("/var/log/lpr.log"); };
-destination d_mail { file("/var/log/mail.log"); };
-destination d_syslog { file("/var/log/syslog"); };
-destination d_user { file("/var/log/user.log"); };
-destination d_uucp { file("/var/log/uucp.log"); };
-
-# This files are the log come from the mail subsystem.
-#
-destination d_mailinfo { file("/var/log/mail.info"); };
-destination d_mailwarn { file("/var/log/mail.warn"); };
-destination d_mailerr { file("/var/log/mail.err"); };
+destination df_facility_dot_info { file("/var/log/$FACILITY.info"); };
+destination df_facility_dot_notice { file("/var/log/$FACILITY.notice"); };
+destination df_facility_dot_warn { file("/var/log/$FACILITY.warn"); };
+destination df_facility_dot_err { file("/var/log/$FACILITY.err"); };
+destination df_facility_dot_crit { file("/var/log/$FACILITY.crit"); };
-# Logging for INN news system
-#
-destination d_newscrit { file("/var/log/news/news.crit"); };
-destination d_newserr { file("/var/log/news/news.err"); };
-destination d_newsnotice { file("/var/log/news/news.notice"); };
+############################################################
+## generic filters and rewrites
-# Some `catch-all' logfiles.
-#
-destination d_debug { file("/var/log/debug"); };
-destination d_error { file("/var/log/error"); };
-destination d_messages { file("/var/log/messages"); };
+# strip IP addresses
+# regexp thanks to micah and dsyslog
+rewrite r_strip {subst("(25[0-5]|2[0-4][0-9]|[0-1]?[0-9]?[0-9])([\\.\\-](25[0-5]|2[0-4][0-9]|[0-1]?[0-9]?[0-9])){3}", "0.0.0.0", value("MESSAGE"), flags("global"));};
-# The root's console.
-#
-destination d_console { usertty("root"); };
+filter f_at_least_info { level(info..emerg); };
+filter f_at_least_notice { level(notice..emerg); };
+filter f_at_least_warn { level(warn..emerg); };
+filter f_at_least_err { level(err..emerg); };
+filter f_at_least_crit { level(crit..emerg); };
-# Virtual console.
-#
-destination d_console_all { file(`tty10`); };
+filter rrdcached { not program(rrdcached); };
-# The named pipe /dev/xconsole is for the nsole' utility. To use it,
-# you must invoke nsole' with the -file' option:
-#
-# $ xconsole -file /dev/xconsole [...]
-#
-destination d_xconsole { pipe("/dev/xconsole"); };
+############################################################
+## auth.log
-# Send the messages to an other host
-#
-#destination d_net { tcp("127.0.0.1" port(1000) log_fifo_size(1000)); };
-
-# Debian only
-destination d_ppp { file("/var/log/ppp.log"); };
-
-########################
-# Filters
-########################
-# Here's come the filter options. With this rules, we can set which
-# message go where.
-
-filter f_dbg { level(debug); };
-filter f_info { level(info); };
-filter f_notice { level(notice); };
-filter f_warn { level(warn); };
-filter f_err { level(err); };
-filter f_crit { level(crit .. emerg); };
-
-filter f_debug { level(debug) and not facility(auth, authpriv, news, mail); };
-filter f_error { level(err .. emerg) ; };
-filter f_messages { level(info,notice,warn) and
- not facility(auth,authpriv,cron,daemon,mail,news); };
-
-filter f_auth { facility(auth, authpriv) and not filter(f_debug); };
-filter f_cron { facility(cron) and not filter(f_debug); };
-filter f_daemon { facility(daemon) and not filter(f_debug); };
-filter f_kern { facility(kern) and not filter(f_debug); };
-filter f_lpr { facility(lpr) and not filter(f_debug); };
-filter f_local { facility(local0, local1, local3, local4, local5,
- local6, local7) and not filter(f_debug); };
-filter f_mail { facility(mail) and not filter(f_debug); };
-filter f_news { facility(news) and not filter(f_debug); };
-filter f_syslog3 { not facility(auth, authpriv, mail) and not filter(f_debug); };
-filter f_user { facility(user) and not filter(f_debug); };
-filter f_uucp { facility(uucp) and not filter(f_debug); };
-
-filter f_cnews { level(notice, err, crit) and facility(news); };
-filter f_cother { level(debug, info, notice, warn) or facility(daemon, mail); };
-
-filter f_ppp { facility(local2) and not filter(f_debug); };
-filter f_console { level(warn .. emerg); };
-
-########################
-# Log paths
-########################
-log { source(s_src); filter(f_auth); destination(d_auth); };
-log { source(s_src); filter(f_cron); destination(d_cron); };
-log { source(s_src); filter(f_daemon); destination(d_daemon); };
-log { source(s_src); filter(f_kern); destination(d_kern); };
-log { source(s_src); filter(f_lpr); destination(d_lpr); };
-log { source(s_src); filter(f_syslog3); destination(d_syslog); };
-log { source(s_src); filter(f_user); destination(d_user); };
-log { source(s_src); filter(f_uucp); destination(d_uucp); };
-
-log { source(s_src); filter(f_mail); destination(d_mail); };
-#log { source(s_src); filter(f_mail); filter(f_info); destination(d_mailinfo); };
-#log { source(s_src); filter(f_mail); filter(f_warn); destination(d_mailwarn); };
-#log { source(s_src); filter(f_mail); filter(f_err); destination(d_mailerr); };
-
-log { source(s_src); filter(f_news); filter(f_crit); destination(d_newscrit); };
-log { source(s_src); filter(f_news); filter(f_err); destination(d_newserr); };
-log { source(s_src); filter(f_news); filter(f_notice); destination(d_newsnotice); };
-#log { source(s_src); filter(f_cnews); destination(d_console_all); };
-#log { source(s_src); filter(f_cother); destination(d_console_all); };
-
-#log { source(s_src); filter(f_ppp); destination(d_ppp); };
-
-log { source(s_src); filter(f_debug); destination(d_debug); };
-log { source(s_src); filter(f_error); destination(d_error); };
-log { source(s_src); filter(f_messages); destination(d_messages); };
-
-log { source(s_src); filter(f_console); destination(d_console_all);
- destination(d_xconsole); };
-log { source(s_src); filter(f_crit); destination(d_console); };
-
-# All messages send to a remote site
-#
-#log { source(s_src); destination(d_net); };
+filter f_auth { facility(auth, authpriv); };
+destination df_auth { file("/var/log/auth.log"); };
+log {
+ source(s_all);
+ filter(f_auth);
+ rewrite(r_strip);
+ destination(df_auth);
+};
+
+############################################################
+## daemon.log
+
+filter f_daemon { facility(daemon); };
+destination df_daemon { file("/var/log/daemon.log"); };
+log {
+ source(s_all);
+ filter(f_daemon);
+ filter(rrdcached);
+ rewrite(r_strip);
+ destination(df_daemon);
+};
+
+############################################################
+## kern.log
+
+filter f_kern { facility(kern); };
+destination df_kern { file("/var/log/kern.log"); };
+log {
+ source(s_all);
+ filter(f_kern);
+ rewrite(r_strip);
+ destination(df_kern);
+};
+
+############################################################
+## user.log
+
+filter f_user { facility(user); };
+destination df_user { file("/var/log/user.log"); };
+log {
+ source(s_all);
+ filter(f_user);
+ rewrite(r_strip);
+ destination(df_user);
+};
+
+############################################################
+## sympa.log
+
+filter f_sympa { program("^(sympa|bounced|archived|task_manager)"); };
+destination d_sympa { file("/var/log/sympa.log"); };
+log {
+ source(s_all);
+ filter(f_sympa);
+ rewrite(r_strip);
+ destination(d_sympa);
+ flags(final);
+};
+
+############################################################
+## wwsympa.log
+
+filter f_wwsympa { program("^wwsympa"); };
+destination d_wwsympa { file("/var/log/wwsympa.log"); };
+log {
+ source(s_all);
+ filter(f_wwsympa);
+ rewrite(r_strip);
+ destination(d_wwsympa);
+ flags(final);
+};
+
+############################################################
+## ldap.log
+
+filter f_ldap { program("slapd"); };
+destination d_ldap { file("/var/log/ldap.log"); };
+log {
+ source(s_all);
+ filter(f_ldap);
+ rewrite(r_strip);
+ destination(d_ldap);
+ flags(final);
+};
+
+############################################################
+## postfix.log
+
+# special source because of chroot jail
+#source s_postfix { unix-stream("/var/spool/postfix/dev/log" keep-alive(yes)); };
+filter f_postfix { program("^postfix/"); };
+destination d_postfix { file("/var/log/postfix.log"); };
+log {
+ source(s_all);
+ filter(f_postfix);
+ rewrite(r_strip);
+ destination(d_postfix);
+ flags(final);
+};
+
+############################################################
+## courier.log
+
+filter f_courier { program("courier|imap|pop"); };
+destination d_courier { file("/var/log/courier.log"); };
+log {
+ source(s_all);
+ filter(f_courier);
+ rewrite(r_strip);
+ destination(d_courier);
+ flags(final);
+};
+
+############################################################
+## maildrop.log
+
+filter f_maildrop { program("^maildrop"); };
+destination d_maildrop { file("/var/log/maildrop.log"); };
+log {
+ source(s_all);
+ filter(f_maildrop);
+ rewrite(r_strip);
+ destination(d_courier);
+ flags(final);
+};
+
+############################################################
+## mail.log
+
+filter f_mail { facility(mail); };
+destination df_mail { file("/var/log/mail.log"); };
+
+log {
+ source(s_all);
+ filter(f_mail);
+ rewrite(r_strip);
+ destination(df_mail);
+};
+
+############################################################
+## messages.log
+
+filter f_messages {
+ level(debug,info,notice)
+ and not facility(auth,authpriv,daemon,mail,user,kern);
+};
+destination df_messages { file("/var/log/messages.log"); };
+log {
+ source(s_all);
+ filter(f_messages);
+ rewrite(r_strip);
+ destination(df_messages);
+};
+
+############################################################
+## errors.log
+
+filter f_errors {
+ level(warn,err,crit,alert,emerg)
+ and not facility(auth,authpriv,daemon,mail,user,kern);
+};
+destination df_errors { file("/var/log/errors.log"); };
+log {
+ source(s_all);
+ filter(f_errors);
+ rewrite(r_strip);
+ destination(df_errors);
+};
+
+############################################################
+## emergencies
+
+filter f_emerg { level(emerg); };
+destination du_all { usertty("*"); };
+log {
+ source(s_all);
+ filter(f_emerg);
+ rewrite(r_strip);
+ destination(du_all);
+};
+
+############################################################
+## console messages
+
+filter f_xconsole {
+ facility(daemon,mail)
+ or level(debug,info,notice,warn)
+ or (facility(news)
+ and level(crit,err,notice));
+};
+destination dp_xconsole { pipe("/dev/xconsole"); };
+log {
+ source(s_all);
+ filter(f_xconsole);
+ rewrite(r_strip);
+ destination(dp_xconsole);
+};
###
# Include all config files in /etc/syslog-ng/conf.d/
###
@include "/etc/syslog-ng/conf.d/*.conf"
-
projects / puppet-syslog-ng.git / commitdiff