1 <%- if has_variable?("syslogversion") and syslogversion.to_s == "3.1" -%>
3 <%- elsif has_variable?("syslogversion") and syslogversion.to_s == "3.5" -%>
11 ## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
12 ## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
16 # Configuration file for syslog-ng under Debian
18 # attempts at reproducing default syslog behavior
20 # the standard syslog levels are (in descending order of priority):
21 # emerg alert crit err warning notice info debug
22 # the aliases "error", "panic", and "warn" are deprecated
23 # the "none" priority found in the original syslogd configuration is
24 # only used in internal messages created by syslogd
31 # disable the chained hostname format in logs
32 # (default is enabled)
35 # the time to wait before a died connection is re-established
39 # the time to wait before an idle destination file is closed
43 # the number of lines buffered before written to file
44 # you might want to increase this if your disk isn't catching with
45 # all the log messages you get or if you want less disk activity
50 # the number of lines fitting in the output queue
51 <%- if has_variable?("syslogversion") and syslogversion.to_s == "3.1" -%>
57 # enable or disable directory creation for destination files
60 # default owner, group, and permissions for log files
61 # (defaults are 0, 0, 0600)
66 # default owner, group, and permissions for created directories
67 # (defaults are 0, 0, 0700)
72 # enable or disable DNS usage
73 # syslog-ng blocks on DNS queries, so enabling DNS may lead to
74 # a Denial of Service attack
78 # maximum length of message in bytes
79 # this is only limited by the program listening on the /dev/log Unix
80 # socket, glibc can handle arbitrary length log messages, but -- for
81 # example -- syslogd accepts only 1024 bytes
85 #Disable statistic log messages.
88 # Some program send log messages through a private implementation.
89 # and sometimes that implementation is bad. If this happen syslog-ng
90 # may recognise the program name as hostname. Whit this option
91 # we tell the syslog-ng that if a hostname match this regexp than that
92 # is not a real hostname.
93 bad_hostname("^gconfd$");
97 # We believe our own clock more than we believe the client clock.
105 # all known message sources
107 # message generated by Syslog-NG
112 <%- if (hostname == "lotti") || (hostname == "lully") || (hostname == "loghost-grnet-01") -%>
114 tcp6(port(5140) max-connections(200)
115 tls( key_file("/etc/exim4/ssl/thishost.key")
116 cert_file("/etc/exim4/ssl/thishost.crt")
117 ca_dir("/etc/exim4/ssl/")
127 # some standard log files
128 destination df_auth { file("/var/log/auth.log"); };
129 destination df_syslog { file("/var/log/syslog"); };
130 destination df_cron { file("/var/log/cron.log"); };
131 destination df_daemon { file("/var/log/daemon.log"); };
132 destination df_kern { file("/var/log/kern.log"); };
133 destination df_lpr { file("/var/log/lpr.log"); };
134 destination df_mail { file("/var/log/mail.log" group(maillog)); };
135 # destination df_mail_info { file("/var/log/mail.info" group(maillog)); };
136 destination df_mail_warn { file("/var/log/mail.warn" group(maillog)); };
137 destination df_mail_err { file("/var/log/mail.err" group(maillog)); };
138 destination df_user { file("/var/log/user.log" perm(0644)); };
139 destination df_uucp { file("/var/log/uucp.log"); };
141 # these files are meant for the mail system log files
142 # and provide re-usable destinations for {mail,cron,...}.info,
143 # {mail,cron,...}.notice, etc.
144 destination df_facility_dot_info { file("/var/log/$FACILITY.info"); };
145 destination df_facility_dot_notice { file("/var/log/$FACILITY.notice"); };
146 destination df_facility_dot_warn { file("/var/log/$FACILITY.warn"); };
147 destination df_facility_dot_err { file("/var/log/$FACILITY.err"); };
148 destination df_facility_dot_crit { file("/var/log/$FACILITY.crit"); };
150 # these files are meant for the news system, and are kept separated
151 # because they should be owned by "news" instead of "root"
152 destination df_news_dot_notice { file("/var/log/news/news.notice" owner("news")); };
153 destination df_news_dot_err { file("/var/log/news/news.err" owner("news")); };
154 destination df_news_dot_crit { file("/var/log/news/news.crit" owner("news")); };
156 # some more classical and useful files found in standard syslog configurations
157 destination df_debug { file("/var/log/debug"); };
158 destination df_messages { file("/var/log/messages"); };
160 <%- if kernel == 'Linux' -%>
162 # a console to view log messages under X
163 destination dp_xconsole { pipe("/dev/xconsole"); };
167 # this will send messages to everyone logged in
168 destination du_all { usertty("*"); };
174 # all messages from the auth and authpriv facilities
175 filter f_auth { facility(auth, authpriv); };
177 # all messages except from the auth and authpriv facilities
178 filter f_syslog { not facility(auth, authpriv, mail); };
180 # respectively: messages from the cron, daemon, kern, lpr, mail, news, user,
181 # and uucp facilities
182 filter f_cron { facility(cron); };
183 filter f_daemon { facility(daemon); };
184 filter f_kern { facility(kern); };
185 filter f_lpr { facility(lpr); };
186 filter f_mail { facility(mail); };
187 filter f_news { facility(news); };
188 filter f_user { facility(user); };
189 filter f_uucp { facility(uucp); };
191 # some filters to select messages of priority greater or equal to info, warn,
193 # (equivalents of syslogd's *.info, *.warn, and *.err)
194 filter f_at_least_info { level(info..emerg); };
195 filter f_at_least_notice { level(notice..emerg); };
196 filter f_at_least_warn { level(warn..emerg); };
197 filter f_at_least_err { level(err..emerg); };
198 filter f_at_least_crit { level(crit..emerg); };
200 # all messages of priority debug not coming from the auth, authpriv, news, and
202 filter f_debug { level(debug) and not facility(auth, authpriv, news, mail); };
204 # all messages of info, notice, or warn priority not coming form the auth,
205 # authpriv, cron, daemon, mail, and news facilities
207 level(info,notice,warn)
208 and not facility(auth,authpriv,cron,daemon,mail,news);
211 # messages with priority emerg
212 filter f_emerg { level(emerg); };
214 <%- if kernel == 'Linux' -%>
215 # complex filter for messages usually sent to the xconsole
217 facility(daemon,mail)
218 or level(debug,info,notice,warn)
220 and level(crit,err,notice));
225 # order matters if you use "flags(final);" to mark the end of processing in a
228 ###############################################################################
229 ########## ON LOG CLIENTS #####################################################
230 ###############################################################################
231 ###############################################################################
232 ###############################################################################
233 # all log clients, including the log server, log their locally created
234 # messages to the standard places.
236 # auth,authpriv.* /var/log/auth.log
240 destination(df_auth);
243 # *.*;auth,authpriv.none -/var/log/syslog
247 destination(df_syslog);
250 # this is commented out in the default syslog.conf
251 # cron.* /var/log/cron.log
255 # destination(df_cron);
258 # daemon.* -/var/log/daemon.log
262 destination(df_daemon);
265 # kern.* -/var/log/kern.log
269 destination(df_kern);
272 # lpr.* -/var/log/lpr.log
279 # mail.* -/var/log/mail.log
283 destination(df_mail);
286 # user.* -/var/log/user.log
290 destination(df_user);
293 # uucp.* /var/log/uucp.log
297 destination(df_uucp);
300 # mail.info -/var/log/mail.info
304 # filter(f_at_least_info);
305 # destination(df_mail_info);
308 # mail.warn -/var/log/mail.warn
312 filter(f_at_least_warn);
313 destination(df_mail_warn);
316 # mail.err /var/log/mail.err
320 filter(f_at_least_err);
321 destination(df_mail_err);
324 # news.crit /var/log/news/news.crit
328 filter(f_at_least_crit);
329 destination(df_news_dot_crit);
332 # news.err /var/log/news/news.err
336 filter(f_at_least_err);
337 destination(df_news_dot_err);
340 # news.notice /var/log/news/news.notice
344 filter(f_at_least_notice);
345 destination(df_news_dot_notice);
350 # auth,authpriv.none;\
351 # news.none;mail.none -/var/log/debug
355 destination(df_debug);
359 # *.=info;*.=notice;*.=warn;\
360 # auth,authpriv.none;\
362 # mail,news.none -/var/log/messages
366 destination(df_messages);
377 <%- if kernel == 'Linux' -%>
379 # news.crit;news.err;news.notice;\
381 # *.=notice;*.=warn |/dev/xconsole
385 destination(dp_xconsole);
390 <%- if hostname != "lotti" -%>
391 destination loghost-lotti {
392 tcp("lotti.debian.org" port (5140)
393 tls( key_file("/etc/ssl/debian/keys/thishost.key")
394 cert_file("/etc/ssl/debian/certs/thishost.crt")
395 ca_dir("/etc/ssl/debian/certs/")
400 <%- if hostname != "lully" -%>
401 destination loghost-lully {
402 tcp("lully.debian.org" port (5140)
403 tls( key_file("/etc/ssl/debian/keys/thishost.key")
404 cert_file("/etc/ssl/debian/certs/thishost.crt")
405 ca_dir("/etc/ssl/debian/certs/")
410 <%- if hostname != "loghost-grnet-01" -%>
411 destination loghost-loghost-grnet-01 {
412 tcp("loghost-grnet-01.debian.org" port (5140)
413 tls( key_file("/etc/ssl/debian/keys/thishost.key")
414 cert_file("/etc/ssl/debian/certs/thishost.crt")
415 ca_dir("/etc/ssl/debian/certs/")
423 <%- if hostname != "lotti" -%>
424 destination(loghost-lotti);
426 <%- if hostname != "lully" -%>
427 destination(loghost-lully);
429 <%- if hostname != "loghost-grnet-01" -%>
430 destination(loghost-loghost-grnet-01);
436 <%- if (hostname == "lotti") || (hostname == "lully") || (hostname == "loghost-grnet-01") -%>
437 ###############################################################################
438 ########## ON LOG HOST ########################################################
439 ###############################################################################
440 ###############################################################################
442 # The log server, additionally, also logs all local and remote messages to
443 # a few special places.
444 destination hostdest_auth { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/auth.log"
445 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
446 destination hostdest_syslog { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/syslog"
447 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
448 destination hostdest_cron { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/cron.log"
449 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
450 destination hostdest_daemon { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/daemon.log"
451 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
452 destination hostdest_kern { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/kern.log"
453 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
454 destination hostdest_lpr { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/lpr.log"
455 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
456 destination hostdest_mail { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/mail.log"
457 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
458 destination hostdest_news { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/news.log"
459 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
460 destination hostdest_user { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/user.log"
461 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
462 destination hostdest_uucp { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/uucp.log"
463 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
464 destination hostdest_debug { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/debug"
465 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
466 destination hostdest_messages { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/messages"
467 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
470 #----------------------------------------------------------------------
471 # Special catch all destination hostdest_sorting by host
472 #----------------------------------------------------------------------
473 destination hostdest_facility_dot_info { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/$FACILITY.info"
474 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
475 destination hostdest_facility_dot_notice { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/$FACILITY.notice"
476 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
477 destination hostdest_facility_dot_warn { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/$FACILITY.warn"
478 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
479 destination hostdest_facility_dot_err { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/$FACILITY.err"
480 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
481 destination hostdest_facility_dot_crit { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/$FACILITY.crit"
482 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
485 #----------------------------------------------------------------------
486 # Catch all log files
487 #----------------------------------------------------------------------
488 destination df_ALL_auth { file("/var/log/auth-all.log"); };
489 destination df_ALL_mail { file("/var/log/mail-all.log"); };
490 destination df_ALL_syslog { file("/var/log/syslog-all"); };
492 log { source(s_local);
494 filter(f_auth); destination(hostdest_auth); };
495 log { source(s_local);
497 filter(f_syslog); destination(hostdest_syslog); };
498 log { source(s_local);
500 filter(f_daemon); destination(hostdest_daemon); };
501 log { source(s_local);
503 filter(f_kern); destination(hostdest_kern); };
504 log { source(s_local);
506 filter(f_lpr); destination(hostdest_lpr); };
507 log { source(s_local);
509 filter(f_mail); destination(hostdest_mail); };
510 log { source(s_local);
512 filter(f_news); destination(hostdest_mail); };
513 log { source(s_local);
515 filter(f_user); destination(hostdest_user); };
516 log { source(s_local);
518 filter(f_uucp); destination(hostdest_uucp); };
519 log { source(s_local);
521 filter(f_debug); destination(hostdest_debug); };
522 log { source(s_local);
524 filter(f_messages); destination(hostdest_messages); };
526 log { source(s_local);
528 filter(f_mail); filter(f_at_least_info); destination(hostdest_facility_dot_info); };
529 log { source(s_local);
531 filter(f_mail); filter(f_at_least_warn); destination(hostdest_facility_dot_warn); };
532 log { source(s_local);
534 filter(f_mail); filter(f_at_least_err); destination(hostdest_facility_dot_err); };
538 log { source(s_local);
540 filter(f_auth); destination(df_ALL_auth); };
541 log { source(s_local);
543 filter(f_mail); destination(df_ALL_mail); };
544 log { source(s_local);
546 filter(f_syslog); destination(df_ALL_syslog); };