1 <%- if has_variable?("syslogversion") and syslogversion.to_s == "3" -%>
5 ## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
6 ## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
10 # Configuration file for syslog-ng under Debian
12 # attempts at reproducing default syslog behavior
14 # the standard syslog levels are (in descending order of priority):
15 # emerg alert crit err warning notice info debug
16 # the aliases "error", "panic", and "warn" are deprecated
17 # the "none" priority found in the original syslogd configuration is
18 # only used in internal messages created by syslogd
25 # disable the chained hostname format in logs
26 # (default is enabled)
29 # the time to wait before a died connection is re-established
33 # the time to wait before an idle destination file is closed
37 # the number of lines buffered before written to file
38 # you might want to increase this if your disk isn't catching with
39 # all the log messages you get or if you want less disk activity
44 # the number of lines fitting in the output queue
47 # enable or disable directory creation for destination files
50 # default owner, group, and permissions for log files
51 # (defaults are 0, 0, 0600)
56 # default owner, group, and permissions for created directories
57 # (defaults are 0, 0, 0700)
62 # enable or disable DNS usage
63 # syslog-ng blocks on DNS queries, so enabling DNS may lead to
64 # a Denial of Service attack
68 # maximum length of message in bytes
69 # this is only limited by the program listening on the /dev/log Unix
70 # socket, glibc can handle arbitrary length log messages, but -- for
71 # example -- syslogd accepts only 1024 bytes
75 #Disable statistic log messages.
78 # Some program send log messages through a private implementation.
79 # and sometimes that implementation is bad. If this happen syslog-ng
80 # may recognise the program name as hostname. Whit this option
81 # we tell the syslog-ng that if a hostname match this regexp than that
82 # is not a real hostname.
83 bad_hostname("^gconfd$");
92 # all known message sources
94 # message generated by Syslog-NG
96 <%- if kernel == 'Linux' -%>
97 # standard Linux log source (this is the default place for the syslog()
98 # function to send logs to)
99 unix-stream("/dev/log");
100 # messages from the kernel
101 <%- if has_variable?("syslogversion") and syslogversion.to_s == "2" -%>
102 file("/proc/kmsg" log_prefix("kernel: "));
104 file("/proc/kmsg" program_override("kernel: "));
107 # standard Linux log source (this is the default place for the syslog()
108 # function to send logs to)
109 unix-dgram("/var/run/log");
110 # messages from the kernel
111 <%- if has_variable?("syslogversion") and syslogversion.to_s == "2" -%>
112 file("/dev/klog" log_prefix("kernel: "));
114 file("/dev/klog" program_override("kernel: "));
117 <%- if hostname == "paganini" -%>
118 # use the following line if you want to receive remote UDP logging messages
119 # (this is equivalent to the "-r" syslogd flag)
124 <%- if (hostname == "heininen") || (hostname == "lotti") -%>
126 tcp6(port(5140) max-connections(200)
127 tls( key_file("/etc/exim4/ssl/thishost.key")
128 cert_file("/etc/exim4/ssl/thishost.crt")
129 ca_dir("/etc/exim4/ssl/")
139 # some standard log files
140 destination df_auth { file("/var/log/auth.log"); };
141 destination df_syslog { file("/var/log/syslog"); };
142 destination df_cron { file("/var/log/cron.log"); };
143 destination df_daemon { file("/var/log/daemon.log"); };
144 destination df_kern { file("/var/log/kern.log"); };
145 destination df_lpr { file("/var/log/lpr.log"); };
146 destination df_mail { file("/var/log/mail.log" group(maillog)); };
147 destination df_mail_info { file("/var/log/mail.info" group(maillog)); };
148 destination df_mail_warn { file("/var/log/mail.warn" group(maillog)); };
149 destination df_mail_err { file("/var/log/mail.err" group(maillog)); };
150 destination df_user { file("/var/log/user.log" perm(0644)); };
151 destination df_uucp { file("/var/log/uucp.log"); };
153 # these files are meant for the mail system log files
154 # and provide re-usable destinations for {mail,cron,...}.info,
155 # {mail,cron,...}.notice, etc.
156 destination df_facility_dot_info { file("/var/log/$FACILITY.info"); };
157 destination df_facility_dot_notice { file("/var/log/$FACILITY.notice"); };
158 destination df_facility_dot_warn { file("/var/log/$FACILITY.warn"); };
159 destination df_facility_dot_err { file("/var/log/$FACILITY.err"); };
160 destination df_facility_dot_crit { file("/var/log/$FACILITY.crit"); };
162 # these files are meant for the news system, and are kept separated
163 # because they should be owned by "news" instead of "root"
164 destination df_news_dot_notice { file("/var/log/news/news.notice" owner("news")); };
165 destination df_news_dot_err { file("/var/log/news/news.err" owner("news")); };
166 destination df_news_dot_crit { file("/var/log/news/news.crit" owner("news")); };
168 # some more classical and useful files found in standard syslog configurations
169 destination df_debug { file("/var/log/debug"); };
170 destination df_messages { file("/var/log/messages"); };
172 <%- if kernel == 'Linux' -%>
174 # a console to view log messages under X
175 destination dp_xconsole { pipe("/dev/xconsole"); };
179 # this will send messages to everyone logged in
180 destination du_all { usertty("*"); };
186 # all messages from the auth and authpriv facilities
187 filter f_auth { facility(auth, authpriv); };
189 # all messages except from the auth and authpriv facilities
190 filter f_syslog { not facility(auth, authpriv, mail); };
192 # respectively: messages from the cron, daemon, kern, lpr, mail, news, user,
193 # and uucp facilities
194 filter f_cron { facility(cron); };
195 filter f_daemon { facility(daemon); };
196 filter f_kern { facility(kern); };
197 filter f_lpr { facility(lpr); };
198 filter f_mail { facility(mail); };
199 filter f_news { facility(news); };
200 filter f_user { facility(user); };
201 filter f_uucp { facility(uucp); };
203 # some filters to select messages of priority greater or equal to info, warn,
205 # (equivalents of syslogd's *.info, *.warn, and *.err)
206 filter f_at_least_info { level(info..emerg); };
207 filter f_at_least_notice { level(notice..emerg); };
208 filter f_at_least_warn { level(warn..emerg); };
209 filter f_at_least_err { level(err..emerg); };
210 filter f_at_least_crit { level(crit..emerg); };
212 # all messages of priority debug not coming from the auth, authpriv, news, and
214 filter f_debug { level(debug) and not facility(auth, authpriv, news, mail); };
216 # all messages of info, notice, or warn priority not coming form the auth,
217 # authpriv, cron, daemon, mail, and news facilities
219 level(info,notice,warn)
220 and not facility(auth,authpriv,cron,daemon,mail,news);
223 # messages with priority emerg
224 filter f_emerg { level(emerg); };
226 <%- if kernel == 'Linux' -%>
227 # complex filter for messages usually sent to the xconsole
229 facility(daemon,mail)
230 or level(debug,info,notice,warn)
232 and level(crit,err,notice));
237 # order matters if you use "flags(final);" to mark the end of processing in a
240 ###############################################################################
241 ########## ON LOG CLIENTS #####################################################
242 ###############################################################################
243 ###############################################################################
244 ###############################################################################
245 # all log clients, including the log server, log their locally created
246 # messages to the standard places.
248 # auth,authpriv.* /var/log/auth.log
252 destination(df_auth);
255 # *.*;auth,authpriv.none -/var/log/syslog
259 destination(df_syslog);
262 # this is commented out in the default syslog.conf
263 # cron.* /var/log/cron.log
267 # destination(df_cron);
270 # daemon.* -/var/log/daemon.log
274 destination(df_daemon);
277 # kern.* -/var/log/kern.log
281 destination(df_kern);
284 # lpr.* -/var/log/lpr.log
291 # mail.* -/var/log/mail.log
295 destination(df_mail);
298 # user.* -/var/log/user.log
302 destination(df_user);
305 # uucp.* /var/log/uucp.log
309 destination(df_uucp);
312 # mail.info -/var/log/mail.info
316 filter(f_at_least_info);
317 destination(df_mail_info);
320 # mail.warn -/var/log/mail.warn
324 filter(f_at_least_warn);
325 destination(df_mail_warn);
328 # mail.err /var/log/mail.err
332 filter(f_at_least_err);
333 destination(df_mail_err);
336 # news.crit /var/log/news/news.crit
340 filter(f_at_least_crit);
341 destination(df_news_dot_crit);
344 # news.err /var/log/news/news.err
348 filter(f_at_least_err);
349 destination(df_news_dot_err);
352 # news.notice /var/log/news/news.notice
356 filter(f_at_least_notice);
357 destination(df_news_dot_notice);
362 # auth,authpriv.none;\
363 # news.none;mail.none -/var/log/debug
367 destination(df_debug);
371 # *.=info;*.=notice;*.=warn;\
372 # auth,authpriv.none;\
374 # mail,news.none -/var/log/messages
378 destination(df_messages);
389 <%- if kernel == 'Linux' -%>
391 # news.crit;news.err;news.notice;\
393 # *.=notice;*.=warn |/dev/xconsole
397 destination(dp_xconsole);
402 <%- if has_variable?("syslogversion") and syslogversion.to_s == "3" -%>
403 <%- if hostname != "heininen" -%>
404 destination loghost-heininen {
405 tcp("heininen.debian.org" port (5140)
406 tls( key_file("/etc/ssl/debian/keys/thishost.key")
407 cert_file("/etc/ssl/debian/certs/thishost.crt")
408 ca_dir("/etc/ssl/debian/certs/")
413 <%- if hostname != "lotti" -%>
414 destination loghost-lotti {
415 tcp("lotti.debian.org" port (5140)
416 tls( key_file("/etc/ssl/debian/keys/thishost.key")
417 cert_file("/etc/ssl/debian/certs/thishost.crt")
418 ca_dir("/etc/ssl/debian/certs/")
426 <%- if hostname != "heininen" -%>
427 destination(loghost-heininen);
429 <%- if hostname != "lotti" -%>
430 destination(loghost-lotti);
437 <%- if (hostname == "heininen") || (hostname == "lotti") -%>
438 ###############################################################################
439 ########## ON LOG HOST ########################################################
440 ###############################################################################
441 ###############################################################################
443 # The log server, additionally, also logs all local and remote messages to
444 # a few special places.
445 destination hostdest_auth { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/auth.log"
446 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
447 destination hostdest_syslog { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/syslog"
448 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
449 destination hostdest_cron { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/cron.log"
450 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
451 destination hostdest_daemon { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/daemon.log"
452 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
453 destination hostdest_kern { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/kern.log"
454 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
455 destination hostdest_lpr { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/lpr.log"
456 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
457 destination hostdest_mail { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/mail.log"
458 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
459 destination hostdest_news { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/news.log"
460 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
461 destination hostdest_user { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/user.log"
462 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
463 destination hostdest_uucp { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/uucp.log"
464 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
465 destination hostdest_debug { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/debug"
466 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
467 destination hostdest_messages { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/messages"
468 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
471 #----------------------------------------------------------------------
472 # Special catch all destination hostdest_sorting by host
473 #----------------------------------------------------------------------
474 destination hostdest_facility_dot_info { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/$FACILITY.info"
475 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
476 destination hostdest_facility_dot_notice { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/$FACILITY.notice"
477 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
478 destination hostdest_facility_dot_warn { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/$FACILITY.warn"
479 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
480 destination hostdest_facility_dot_err { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/$FACILITY.err"
481 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
482 destination hostdest_facility_dot_crit { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/$FACILITY.crit"
483 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
486 #----------------------------------------------------------------------
487 # Catch all log files
488 #----------------------------------------------------------------------
489 destination df_ALL_auth { file("/var/log/auth-all.log"); };
490 destination df_ALL_mail { file("/var/log/mail-all.log"); };
491 destination df_ALL_syslog { file("/var/log/syslog-all"); };
493 log { source(s_local);
495 filter(f_auth); destination(hostdest_auth); };
496 log { source(s_local);
498 filter(f_syslog); destination(hostdest_syslog); };
499 log { source(s_local);
501 filter(f_daemon); destination(hostdest_daemon); };
502 log { source(s_local);
504 filter(f_kern); destination(hostdest_kern); };
505 log { source(s_local);
507 filter(f_lpr); destination(hostdest_lpr); };
508 log { source(s_local);
510 filter(f_mail); destination(hostdest_mail); };
511 log { source(s_local);
513 filter(f_news); destination(hostdest_mail); };
514 log { source(s_local);
516 filter(f_user); destination(hostdest_user); };
517 log { source(s_local);
519 filter(f_uucp); destination(hostdest_uucp); };
520 log { source(s_local);
522 filter(f_debug); destination(hostdest_debug); };
523 log { source(s_local);
525 filter(f_messages); destination(hostdest_messages); };
527 log { source(s_local);
529 filter(f_mail); filter(f_at_least_info); destination(hostdest_facility_dot_info); };
530 log { source(s_local);
532 filter(f_mail); filter(f_at_least_warn); destination(hostdest_facility_dot_warn); };
533 log { source(s_local);
535 filter(f_mail); filter(f_at_least_err); destination(hostdest_facility_dot_err); };
539 log { source(s_local);
541 filter(f_auth); destination(df_ALL_auth); };
542 log { source(s_local);
544 filter(f_mail); destination(df_ALL_mail); };
545 log { source(s_local);
547 filter(f_syslog); destination(df_ALL_syslog); };