summaryrefslogtreecommitdiff
path: root/system/syslog-ng/syslog-ng.conf
blob: d5744c43e032e73c2decd23a45e10c09215a8480 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
@version: 3.0

# Default syslog-ng configuration for Slackware
# For info about the format of this file, see "man syslog-ng.conf"
# Converted from sysklogd (syslog.conf) by mario@slackverse.org

options {
	flush_lines (0);
	time_reopen (10);
	log_fifo_size (2048);
	log_msg_size (8192);
	long_hostnames (no);
	use_dns (no);
	use_fqdn (no);
	create_dirs (no);
	keep_hostname (yes);
	owner("root");
	group("root");
	perm(0640);
	stats_freq (0);
	check_hostname (yes);
	dns_cache (yes);
};

source system {
	unix-dgram("/dev/log");
	file("/proc/kmsg" program_override("kernel"));
	internal();
};

filter f_messages { level(info,notice) and not facility(authpriv,cron,mail,news); };
filter f_syslog { level(warn..emerg) and not facility(authpriv,cron,mail,news); };
filter f_debug { level(debug); };
filter f_authpriv { facility(authpriv); };
filter f_cron { facility(cron); };
filter f_mail { facility(mail); };
filter f_emerg { level(emerg); };
filter f_uucp { facility(uucp); };

destination d_messages { file("/var/log/messages"); };
destination d_syslog { file("/var/log/syslog"); };
destination d_debug { file("/var/log/debug"); };
destination d_secure { file("/var/log/secure"); };
destination d_cron { file("/var/log/cron"); };
destination d_maillog { file("/var/log/maillog"); };
destination d_usertty { usertty("*"); };
destination d_spooler { file("/var/log/spooler"); };

# Log anything 'info' or higher, but lower than 'warn'.
# Exclude authpriv, cron, mail, and news.  These are logged elsewhere.
log { source(system); filter(f_messages); destination(d_messages); };

# Log anything 'warn' or higher.
# Exclude authpriv, cron, mail, and news.  These are logged elsewhere.
log { source(system); filter(f_syslog); destination(d_syslog); };

# Debugging information is logged here.
log { source(system); filter(f_debug); destination(d_debug); };

# Private authentication message logging:
log { source(system); filter(f_authpriv); destination(d_secure); };

# Cron related logs:
log { source(system); filter(f_cron); destination(d_cron); };

# Mail related logs:
log { source(system); filter(f_mail); destination(d_maillog); };

# Emergency level messages go to all users:
log { source(system); filter(f_emerg); destination(d_usertty); };

# This log is for news and uucp errors:
log { source(system); filter(f_uucp); destination(d_spooler); };

# Uncomment this to see kernel messages on the console.
#filter f_kern { facility(kern); };
#destination d_console { file("/dev/console"); };
#log { source(system); filter(f_kern); destination(d_console); };

# Uncomment these if you'd like INN to keep logs on everything.
# You won't need this if you don't run INN (the InterNetNews daemon).
#filter f_news_crit { facility(news) and level(crit); };
#filter f_news_err { facility(news) and level(err); };
#filter f_news_notice { facility(news) and level(notice); };
#destination d_news_crit { file("/var/log/news/news.crit"); };
#destination d_news_err { file("/var/log/news/news.err"); };
#destination d_news_notice { file("/var/log/news/news.notice"); };
#log { source(system); filter(f_news_crit); destination(d_news_crit); };
#log { source(system); filter(f_news_err); destination(d_news_err); };
#log { source(system); filter(f_news_notice); destination(f_news_notice); };