summaryrefslogtreecommitdiff
path: root/system/rsyslog/config
diff options
context:
space:
mode:
Diffstat (limited to 'system/rsyslog/config')
-rw-r--r--system/rsyslog/config/rc.rsyslogd65
-rw-r--r--system/rsyslog/config/rsyslog6
-rw-r--r--system/rsyslog/config/rsyslog.conf107
3 files changed, 178 insertions, 0 deletions
diff --git a/system/rsyslog/config/rc.rsyslogd b/system/rsyslog/config/rc.rsyslogd
new file mode 100644
index 0000000000..f12c369168
--- /dev/null
+++ b/system/rsyslog/config/rc.rsyslogd
@@ -0,0 +1,65 @@
+#!/bin/sh
+# Start/stop/restart the system logging daemons.
+#
+# Written for Slackware Linux by Patrick J. Volkerding <volkerdi@slackware.com>.
+# Modded for rsyslogd by Chris Elvidge <chris@lowe.ae> Sept 2005
+# slightly modified by ponce <matteo.bernardini@sns.it> Oct 2010
+# rsyslogd_reload added by Christophe Trussardi <chris@teria.org> Sept 2011
+#
+
+pidfile1=/var/run/rsyslogd.pid # native rsyslogd pid file
+pidfile2=/var/run/syslogd.pid # spoof the "old" syslogd file
+
+create_xconsole()
+{
+ if [ ! -e /dev/xconsole ]; then
+ mknod -m 640 /dev/xconsole p
+ else
+ chmod 0640 /dev/xconsole
+ fi
+ chown 0:0 /dev/xconsole
+}
+
+rsyslogd_start() {
+ if [ -x /usr/sbin/rsyslogd ]; then
+ echo "Starting rsyslogd daemon: "
+ echo "/usr/sbin/rsyslogd -c5 -i $pidfile1"
+ /usr/sbin/rsyslogd -c5 -i "$pidfile1"
+ cp "$pidfile1" "$pidfile2"
+ fi
+}
+
+rsyslogd_stop() {
+ killall rsyslogd 2> /dev/null
+ /usr/bin/rm $pidfile1 2> /dev/null
+ /usr/bin/rm $pidfile2 2> /dev/null
+}
+
+rsyslogd_restart() {
+ rsyslogd_stop
+ sleep 1
+ rsyslogd_start
+}
+
+rsyslogd_reload() {
+ echo "Reloading rsyslogd daemon: "
+ [ -f "$pidfile1" ] && /bin/kill -HUP $(cat $pidfile1)
+}
+
+case "$1" in
+'start')
+ create_xconsole
+ rsyslogd_start
+ ;;
+'stop')
+ rsyslogd_stop
+ ;;
+'restart')
+ rsyslogd_restart
+ ;;
+'reload')
+ rsyslogd_reload
+ ;;
+*)
+ echo "usage $0 start|stop|restart|reload"
+esac
diff --git a/system/rsyslog/config/rsyslog b/system/rsyslog/config/rsyslog
new file mode 100644
index 0000000000..5b9fd1366a
--- /dev/null
+++ b/system/rsyslog/config/rsyslog
@@ -0,0 +1,6 @@
+/var/log/cron /var/log/debug /var/log/maillog /var/log/messages /var/log/secure /var/log/spooler /var/log/syslog {
+ sharedscripts
+ postrotate
+ /bin/kill -HUP $(cat /var/run/rsyslogd.pid 2>/dev/null) 2>/dev/null || true
+ endscript
+}
diff --git a/system/rsyslog/config/rsyslog.conf b/system/rsyslog/config/rsyslog.conf
new file mode 100644
index 0000000000..26c6a744d7
--- /dev/null
+++ b/system/rsyslog/config/rsyslog.conf
@@ -0,0 +1,107 @@
+# /etc/rsyslog.conf Configuration file for rsyslog.
+#
+# For more information see
+# /usr/doc/rsyslog/html/rsyslog_conf.html
+
+
+#################
+#### MODULES ####
+#################
+
+$ModLoad imuxsock # provides support for local system logging
+$ModLoad imklog # provides kernel logging support (previously done by rklogd)
+$ModLoad immark # provides --MARK-- message capability
+
+# ######### Receiving Messages from Remote Hosts ##########
+# TCP Syslog Server:
+# provides TCP syslog reception and GSS-API (if compiled to support it)
+#$ModLoad imtcp # load module
+#$InputTCPServerRun 514 # start up TCP listener at port 514
+
+# UDP Syslog Server:
+#$ModLoad imudp # provides UDP syslog reception
+#$UDPServerRun 514 # start a UDP syslog server at standard port 514
+
+
+###########################
+#### GLOBAL DIRECTIVES ####
+###########################
+
+#
+# Use traditional timestamp format.
+# To enable high precision timestamps, comment out the following line.
+#
+$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
+
+#
+# Use traditional Slackware console log level
+#
+$klogConsoleLogLevel 3
+
+#
+# Set the default permissions for all log files.
+#
+$FileOwner root
+$FileGroup root
+$FileCreateMode 0640
+$DirCreateMode 0755
+$Umask 0022
+
+#
+# Include all config files in /etc/rsyslog.d/
+#
+#$IncludeConfig /etc/rsyslog.d/*.conf
+
+
+###############
+#### RULES ####
+###############
+
+# Uncomment this to see kernel messages on the console.
+#kern.* /dev/console
+
+# Log anything 'info' or higher, but lower than 'warn'.
+# Exclude authpriv, cron, mail, and news. These are logged elsewhere.
+*.info;*.!warn;\
+ authpriv.none;cron.none;mail.none;news.none -/var/log/messages
+
+# Log anything 'warn' or higher.
+# Exclude authpriv, cron, mail, and news. These are logged elsewhere.
+*.warn;\
+ authpriv.none;cron.none;mail.none;news.none -/var/log/syslog
+
+# Debugging information is logged here.
+*.=debug -/var/log/debug
+
+# Private authentication message logging:
+authpriv.* -/var/log/secure
+
+# Cron related logs:
+cron.* -/var/log/cron
+
+# Mail related logs:
+mail.* -/var/log/maillog
+
+# Emergency level messages go to all users:
+*.emerg *
+
+# This log is for news and uucp errors:
+uucp,news.crit -/var/log/spooler
+
+# Uncomment these if you'd like INN to keep logs on everything.
+# You won't need this if you don't run INN (the InterNetNews daemon).
+#news.=crit -/var/log/news/news.crit
+#news.=err -/var/log/news/news.err
+#news.notice -/var/log/news/news.notice
+
+# ########## Remote Logging (we use TCP for reliable delivery) ##########
+# An on-disk queue is created for this action. If the remote host is
+# down, messages are spooled to disk and sent when it is up again.
+#$WorkDirectory /rsyslog/spool # where to place spool files
+#$ActionQueueFileName uniqName # unique name prefix for spool files
+#$ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible)
+#$ActionQueueSaveOnShutdown on # save messages to disk on shutdown
+#$ActionQueueType LinkedList # run asynchronously
+#$ActionResumeRetryCount -1 # infinite retries if host is down
+# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional
+#*.* @@remote-host:514