1 <%- if has_variable?("syslogversion") and @syslogversion.to_s == "3.1" -%>
3 <%- elsif has_variable?("syslogversion") and @syslogversion.to_s == "3.5" -%>
6 <%- elsif has_variable?("syslogversion") and @syslogversion.to_s == "3.8" -%>
15 ## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
16 ## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
20 # Configuration file for syslog-ng under Debian
22 # attempts at reproducing default syslog behavior
24 # the standard syslog levels are (in descending order of priority):
25 # emerg alert crit err warning notice info debug
26 # the aliases "error", "panic", and "warn" are deprecated
27 # the "none" priority found in the original syslogd configuration is
28 # only used in internal messages created by syslogd
35 # disable the chained hostname format in logs
36 # (default is enabled)
39 # the time to wait before a died connection is re-established
43 # the time to wait before an idle destination file is closed
47 # the number of lines buffered before written to file
48 # you might want to increase this if your disk isn't catching with
49 # all the log messages you get or if you want less disk activity
54 # the number of lines fitting in the output queue
55 <%- if has_variable?("syslogversion") and @syslogversion.to_s == "3.1" -%>
61 # enable or disable directory creation for destination files
64 # default owner, group, and permissions for log files
65 # (defaults are 0, 0, 0600)
70 # default owner, group, and permissions for created directories
71 # (defaults are 0, 0, 0700)
76 # enable or disable DNS usage
77 # syslog-ng blocks on DNS queries, so enabling DNS may lead to
78 # a Denial of Service attack
82 # maximum length of message in bytes
83 # this is only limited by the program listening on the /dev/log Unix
84 # socket, glibc can handle arbitrary length log messages, but -- for
85 # example -- syslogd accepts only 1024 bytes
89 #Disable statistic log messages.
92 # Some program send log messages through a private implementation.
93 # and sometimes that implementation is bad. If this happen syslog-ng
94 # may recognise the program name as hostname. Whit this option
95 # we tell the syslog-ng that if a hostname match this regexp than that
96 # is not a real hostname.
97 bad_hostname("^gconfd$");
101 # We believe our own clock more than we believe the client clock.
109 # all known message sources
111 # message generated by Syslog-NG
113 <%- if has_variable?("syslogversion") and @syslogversion.to_s == "3.1" -%>
114 # standard Linux log source (this is the default place for the syslog()
115 # function to send logs to)
116 unix-stream("/dev/log");
117 # messages from the kernel
118 file("/proc/kmsg" program_override("kernel: "));
122 <%- if has_variable?("haproxy") && @haproxy -%>
123 unix-stream("/var/lib/haproxy/dev/log");
127 <%- if (@hostname == "lotti") || (@hostname == "lully") || (@hostname == "loghost-grnet-01") || (@hostname == "loghost-osuosl-01") -%>
129 tcp6(port(5140) max-connections(400)
130 tls( key_file("/etc/exim4/ssl/thishost.key")
131 cert_file("/etc/exim4/ssl/thishost.crt")
132 ca_dir("/etc/exim4/ssl/")
137 source s_network_fastly {
138 tcp6(port(5141) max-connections(100)
139 tls( key_file("/etc/exim4/ssl/thishost.key")
140 cert_file("/etc/exim4/ssl/thishost.crt")
141 peer-verify(optional-untrusted))
150 # some standard log files
151 destination df_auth { file("/var/log/auth.log"); };
152 destination df_syslog { file("/var/log/syslog"); };
153 destination df_cron { file("/var/log/cron.log"); };
154 destination df_daemon { file("/var/log/daemon.log"); };
155 destination df_kern { file("/var/log/kern.log"); };
156 destination df_lpr { file("/var/log/lpr.log"); };
157 destination df_mail { file("/var/log/mail.log" group(maillog)); };
158 # destination df_mail_info { file("/var/log/mail.info" group(maillog)); };
159 destination df_mail_warn { file("/var/log/mail.warn" group(maillog)); };
160 destination df_mail_err { file("/var/log/mail.err" group(maillog)); };
161 destination df_user { file("/var/log/user.log" perm(0644)); };
162 destination df_uucp { file("/var/log/uucp.log"); };
164 # these files are meant for the mail system log files
165 # and provide re-usable destinations for {mail,cron,...}.info,
166 # {mail,cron,...}.notice, etc.
167 destination df_facility_dot_info { file("/var/log/$FACILITY.info"); };
168 destination df_facility_dot_notice { file("/var/log/$FACILITY.notice"); };
169 destination df_facility_dot_warn { file("/var/log/$FACILITY.warn"); };
170 destination df_facility_dot_err { file("/var/log/$FACILITY.err"); };
171 destination df_facility_dot_crit { file("/var/log/$FACILITY.crit"); };
173 # these files are meant for the news system, and are kept separated
174 # because they should be owned by "news" instead of "root"
175 destination df_news_dot_notice { file("/var/log/news/news.notice" owner("news")); };
176 destination df_news_dot_err { file("/var/log/news/news.err" owner("news")); };
177 destination df_news_dot_crit { file("/var/log/news/news.crit" owner("news")); };
179 # some more classical and useful files found in standard syslog configurations
180 destination df_debug { file("/var/log/debug"); };
181 destination df_messages { file("/var/log/messages"); };
183 <%- if @kernel == 'Linux' -%>
185 # a console to view log messages under X
186 destination dp_xconsole { pipe("/dev/xconsole"); };
190 # this will send messages to everyone logged in
191 destination du_all { usertty("*"); };
197 # all messages from the auth and authpriv facilities
198 filter f_auth { facility(auth, authpriv); };
200 # all messages except from the auth and authpriv facilities
201 filter f_syslog { not facility(auth, authpriv, mail); };
203 # respectively: messages from the cron, daemon, kern, lpr, mail, news, user,
204 # and uucp facilities
205 filter f_cron { facility(cron); };
206 filter f_daemon { facility(daemon); };
207 filter f_kern { facility(kern); };
208 filter f_lpr { facility(lpr); };
209 filter f_mail { facility(mail); };
210 filter f_news { facility(news); };
211 filter f_user { facility(user); };
212 filter f_uucp { facility(uucp); };
214 # some filters to select messages of priority greater or equal to info, warn,
216 # (equivalents of syslogd's *.info, *.warn, and *.err)
217 filter f_at_least_info { level(info..emerg); };
218 filter f_at_least_notice { level(notice..emerg); };
219 filter f_at_least_warn { level(warn..emerg); };
220 filter f_at_least_err { level(err..emerg); };
221 filter f_at_least_crit { level(crit..emerg); };
223 # all messages of priority debug not coming from the auth, authpriv, news, and
225 filter f_debug { level(debug) and not facility(auth, authpriv, news, mail); };
227 # all messages of info, notice, or warn priority not coming form the auth,
228 # authpriv, cron, daemon, mail, and news facilities
230 level(info,notice,warn)
231 and not facility(auth,authpriv,cron,daemon,mail,news);
234 # messages with priority emerg
235 filter f_emerg { level(emerg); };
237 <%- if @kernel == 'Linux' -%>
238 # complex filter for messages usually sent to the xconsole
240 facility(daemon,mail)
241 or level(debug,info,notice,warn)
243 and level(crit,err,notice));
248 # order matters if you use "flags(final);" to mark the end of processing in a
251 ###############################################################################
252 ########## ON LOG CLIENTS #####################################################
253 ###############################################################################
254 ###############################################################################
255 ###############################################################################
256 # all log clients, including the log server, log their locally created
257 # messages to the standard places.
259 # auth,authpriv.* /var/log/auth.log
263 destination(df_auth);
266 # *.*;auth,authpriv.none -/var/log/syslog
270 destination(df_syslog);
273 # this is commented out in the default syslog.conf
274 # cron.* /var/log/cron.log
278 # destination(df_cron);
281 # daemon.* -/var/log/daemon.log
285 destination(df_daemon);
288 # kern.* -/var/log/kern.log
292 destination(df_kern);
295 # lpr.* -/var/log/lpr.log
302 # mail.* -/var/log/mail.log
306 destination(df_mail);
309 # user.* -/var/log/user.log
313 destination(df_user);
316 # uucp.* /var/log/uucp.log
320 destination(df_uucp);
323 # mail.info -/var/log/mail.info
327 # filter(f_at_least_info);
328 # destination(df_mail_info);
331 # mail.warn -/var/log/mail.warn
335 filter(f_at_least_warn);
336 destination(df_mail_warn);
339 # mail.err /var/log/mail.err
343 filter(f_at_least_err);
344 destination(df_mail_err);
347 # news.crit /var/log/news/news.crit
351 filter(f_at_least_crit);
352 destination(df_news_dot_crit);
355 # news.err /var/log/news/news.err
359 filter(f_at_least_err);
360 destination(df_news_dot_err);
363 # news.notice /var/log/news/news.notice
367 filter(f_at_least_notice);
368 destination(df_news_dot_notice);
373 # auth,authpriv.none;\
374 # news.none;mail.none -/var/log/debug
378 destination(df_debug);
382 # *.=info;*.=notice;*.=warn;\
383 # auth,authpriv.none;\
385 # mail,news.none -/var/log/messages
389 destination(df_messages);
400 <%- if @kernel == 'Linux' -%>
402 # news.crit;news.err;news.notice;\
404 # *.=notice;*.=warn |/dev/xconsole
408 destination(dp_xconsole);
413 <%- if @hostname != "lotti" -%>
414 destination loghost-lotti {
415 tcp("lotti.debian.org" port (5140)
416 tls( key_file("/etc/ssl/private/thishost.key")
417 cert_file("/etc/ssl/debian/certs/thishost.crt")
418 ca_dir("/etc/ssl/debian/certs/")
423 <%- if @hostname != "lully" -%>
424 destination loghost-lully {
425 tcp("lully.debian.org" port (5140)
426 tls( key_file("/etc/ssl/private/thishost.key")
427 cert_file("/etc/ssl/debian/certs/thishost.crt")
428 ca_dir("/etc/ssl/debian/certs/")
433 <%- if @hostname != "loghost-grnet-01" -%>
434 destination loghost-loghost-grnet-01 {
435 tcp("loghost-grnet-01.debian.org" port (5140)
436 tls( key_file("/etc/ssl/private/thishost.key")
437 cert_file("/etc/ssl/debian/certs/thishost.crt")
438 ca_dir("/etc/ssl/debian/certs/")
443 <%- if @hostname != "loghost-osuosl-01" -%>
444 destination loghost-loghost-osuosl-01 {
445 tcp("loghost-osuosl-01.debian.org" port (5140)
446 tls( key_file("/etc/ssl/private/thishost.key")
447 cert_file("/etc/ssl/debian/certs/thishost.crt")
448 ca_dir("/etc/ssl/debian/certs/")
456 <%- if @hostname != "lotti" -%>
457 destination(loghost-lotti);
459 <%- if @hostname != "lully" -%>
460 destination(loghost-lully);
462 <%- if @hostname != "loghost-grnet-01" -%>
463 destination(loghost-loghost-grnet-01);
465 <%- if @hostname != "loghost-osuosl-01" -%>
466 destination(loghost-loghost-osuosl-01);
472 <%- if (@hostname == "lotti") || (@hostname == "lully") || (@hostname == "loghost-grnet-01") || (@hostname == "loghost-osuosl-01") -%>
473 ###############################################################################
474 ########## ON LOG HOST ########################################################
475 ###############################################################################
476 ###############################################################################
478 # The log server, additionally, also logs all local and remote messages to
479 # a few special places.
480 destination hostdest_auth { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/auth.log"
481 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
482 destination hostdest_syslog { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/syslog"
483 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
484 destination hostdest_cron { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/cron.log"
485 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
486 destination hostdest_daemon { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/daemon.log"
487 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
488 destination hostdest_kern { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/kern.log"
489 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
490 destination hostdest_lpr { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/lpr.log"
491 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
492 destination hostdest_mail { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/mail.log"
493 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
494 destination hostdest_news { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/news.log"
495 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
496 destination hostdest_user { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/user.log"
497 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
498 destination hostdest_uucp { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/uucp.log"
499 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
500 destination hostdest_debug { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/debug"
501 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
502 destination hostdest_messages { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/messages"
503 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
506 #----------------------------------------------------------------------
507 # Special catch all destination hostdest_sorting by host
508 #----------------------------------------------------------------------
509 destination hostdest_facility_dot_info { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/$FACILITY.info"
510 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
511 destination hostdest_facility_dot_notice { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/$FACILITY.notice"
512 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
513 destination hostdest_facility_dot_warn { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/$FACILITY.warn"
514 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
515 destination hostdest_facility_dot_err { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/$FACILITY.err"
516 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
517 destination hostdest_facility_dot_crit { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/$FACILITY.crit"
518 owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); };
521 #----------------------------------------------------------------------
522 # Catch all log files
523 #----------------------------------------------------------------------
524 destination df_ALL_auth { file("/var/log/auth-all.log"); };
525 destination df_ALL_mail { file("/var/log/mail-all.log"); };
526 destination df_ALL_syslog { file("/var/log/syslog-all"); };
528 log { source(s_local);
530 filter(f_auth); destination(hostdest_auth); };
531 log { source(s_local);
533 filter(f_syslog); destination(hostdest_syslog); };
534 log { source(s_local);
536 filter(f_daemon); destination(hostdest_daemon); };
537 log { source(s_local);
539 filter(f_kern); destination(hostdest_kern); };
540 log { source(s_local);
542 filter(f_lpr); destination(hostdest_lpr); };
543 log { source(s_local);
545 filter(f_mail); destination(hostdest_mail); };
546 log { source(s_local);
548 filter(f_news); destination(hostdest_mail); };
549 log { source(s_local);
551 filter(f_user); destination(hostdest_user); };
552 log { source(s_local);
554 filter(f_uucp); destination(hostdest_uucp); };
555 log { source(s_local);
557 filter(f_debug); destination(hostdest_debug); };
558 log { source(s_local);
560 filter(f_messages); destination(hostdest_messages); };
562 log { source(s_local);
564 filter(f_mail); filter(f_at_least_info); destination(hostdest_facility_dot_info); };
565 log { source(s_local);
567 filter(f_mail); filter(f_at_least_warn); destination(hostdest_facility_dot_warn); };
568 log { source(s_local);
570 filter(f_mail); filter(f_at_least_err); destination(hostdest_facility_dot_err); };
574 log { source(s_local);
576 filter(f_auth); destination(df_ALL_auth); };
577 log { source(s_local);
579 filter(f_mail); destination(df_ALL_mail); };
580 log { source(s_local);
582 filter(f_syslog); destination(df_ALL_syslog); };
584 ## syslog endpoint for fastly services:
585 destination fastly { file("/var/log/fastly.log"); };
587 log { source(s_network_fastly);
588 destination(fastly); };