2 ## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
3 ## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
7 # Configuration file for syslog-ng under Debian
9 # attempts at reproducing default syslog behavior
11 # the standard syslog levels are (in descending order of priority):
12 # emerg alert crit err warning notice info debug
13 # the aliases "error", "panic", and "warn" are deprecated
14 # the "none" priority found in the original syslogd configuration is
15 # only used in internal messages created by syslogd
22 # disable the chained hostname format in logs
23 # (default is enabled)
26 # the time to wait before a died connection is re-established
30 # the time to wait before an idle destination file is closed
34 # the number of lines buffered before written to file
35 # you might want to increase this if your disk isn't catching with
36 # all the log messages you get or if you want less disk activity
41 # the number of lines fitting in the output queue
44 # enable or disable directory creation for destination files
47 # default owner, group, and permissions for log files
48 # (defaults are 0, 0, 0600)
53 # default owner, group, and permissions for created directories
54 # (defaults are 0, 0, 0700)
59 # enable or disable DNS usage
60 # syslog-ng blocks on DNS queries, so enabling DNS may lead to
61 # a Denial of Service attack
65 # maximum length of message in bytes
66 # this is only limited by the program listening on the /dev/log Unix
67 # socket, glibc can handle arbitrary length log messages, but -- for
68 # example -- syslogd accepts only 1024 bytes
72 #Disable statistic log messages.
75 # Some program send log messages through a private implementation.
76 # and sometimes that implementation is bad. If this happen syslog-ng
77 # may recognise the program name as hostname. Whit this option
78 # we tell the syslog-ng that if a hostname match this regexp than that
79 # is not a real hostname.
80 bad_hostname("^gconfd$");
87 # all known message sources
89 # message generated by Syslog-NG
91 <% if kernel == 'Linux' %>
92 # standard Linux log source (this is the default place for the syslog()
93 # function to send logs to)
94 unix-stream("/dev/log");
95 # messages from the kernel
96 file("/proc/kmsg" log_prefix("kernel: "));
98 # standard Linux log source (this is the default place for the syslog()
99 # function to send logs to)
100 unix-dgram("/var/run/log");
101 # messages from the kernel
102 file("/dev/klog" log_prefix("kernel: "));
104 # use the following line if you want to receive remote UDP logging messages
105 # (this is equivalent to the "-r" syslogd flag)
113 # some standard log files
114 destination df_auth { file("/var/log/auth.log"); };
115 destination df_syslog { file("/var/log/syslog"); };
116 destination df_cron { file("/var/log/cron.log"); };
117 destination df_daemon { file("/var/log/daemon.log"); };
118 destination df_kern { file("/var/log/kern.log"); };
119 destination df_lpr { file("/var/log/lpr.log"); };
120 destination df_mail { file("/var/log/mail.log" group(maillog)); };
121 destination df_mail_info { file("/var/log/mail.info" group(maillog)); };
122 destination df_mail_warn { file("/var/log/mail.warn" group(maillog)); };
123 destination df_mail_err { file("/var/log/mail.err" group(maillog)); };
124 destination df_user { file("/var/log/user.log" perm(0644)); };
125 destination df_uucp { file("/var/log/uucp.log"); };
127 # these files are meant for the mail system log files
128 # and provide re-usable destinations for {mail,cron,...}.info,
129 # {mail,cron,...}.notice, etc.
130 destination df_facility_dot_info { file("/var/log/$FACILITY.info"); };
131 destination df_facility_dot_notice { file("/var/log/$FACILITY.notice"); };
132 destination df_facility_dot_warn { file("/var/log/$FACILITY.warn"); };
133 destination df_facility_dot_err { file("/var/log/$FACILITY.err"); };
134 destination df_facility_dot_crit { file("/var/log/$FACILITY.crit"); };
136 # these files are meant for the news system, and are kept separated
137 # because they should be owned by "news" instead of "root"
138 destination df_news_dot_notice { file("/var/log/news/news.notice" owner("news")); };
139 destination df_news_dot_err { file("/var/log/news/news.err" owner("news")); };
140 destination df_news_dot_crit { file("/var/log/news/news.crit" owner("news")); };
142 # some more classical and useful files found in standard syslog configurations
143 destination df_debug { file("/var/log/debug"); };
144 destination df_messages { file("/var/log/messages"); };
146 <% if kernel == 'Linux' %>
148 # a console to view log messages under X
149 destination dp_xconsole { pipe("/dev/xconsole"); };
153 # this will send messages to everyone logged in
154 destination du_all { usertty("*"); };
160 # all messages from the auth and authpriv facilities
161 filter f_auth { facility(auth, authpriv); };
163 # all messages except from the auth and authpriv facilities
164 filter f_syslog { not facility(auth, authpriv); };
166 # respectively: messages from the cron, daemon, kern, lpr, mail, news, user,
167 # and uucp facilities
168 filter f_cron { facility(cron); };
169 filter f_daemon { facility(daemon); };
170 filter f_kern { facility(kern); };
171 filter f_lpr { facility(lpr); };
172 filter f_mail { facility(mail); };
173 filter f_news { facility(news); };
174 filter f_user { facility(user); };
175 filter f_uucp { facility(uucp); };
177 # some filters to select messages of priority greater or equal to info, warn,
179 # (equivalents of syslogd's *.info, *.warn, and *.err)
180 filter f_at_least_info { level(info..emerg); };
181 filter f_at_least_notice { level(notice..emerg); };
182 filter f_at_least_warn { level(warn..emerg); };
183 filter f_at_least_err { level(err..emerg); };
184 filter f_at_least_crit { level(crit..emerg); };
186 # all messages of priority debug not coming from the auth, authpriv, news, and
188 filter f_debug { level(debug) and not facility(auth, authpriv, news, mail); };
190 # all messages of info, notice, or warn priority not coming form the auth,
191 # authpriv, cron, daemon, mail, and news facilities
193 level(info,notice,warn)
194 and not facility(auth,authpriv,cron,daemon,mail,news);
197 # messages with priority emerg
198 filter f_emerg { level(emerg); };
200 <% if kernel == 'Linux' %>
201 # complex filter for messages usually sent to the xconsole
203 facility(daemon,mail)
204 or level(debug,info,notice,warn)
206 and level(crit,err,notice));
212 # order matters if you use "flags(final);" to mark the end of processing in a
215 # these rules provide the same behavior as the commented original syslogd rules
217 # auth,authpriv.* /var/log/auth.log
221 destination(df_auth);
224 # *.*;auth,authpriv.none -/var/log/syslog
228 destination(df_syslog);
231 # this is commented out in the default syslog.conf
232 # cron.* /var/log/cron.log
236 # destination(df_cron);
239 # daemon.* -/var/log/daemon.log
243 destination(df_daemon);
246 # kern.* -/var/log/kern.log
250 destination(df_kern);
253 # lpr.* -/var/log/lpr.log
260 # mail.* -/var/log/mail.log
264 destination(df_mail);
267 # user.* -/var/log/user.log
271 destination(df_user);
274 # uucp.* /var/log/uucp.log
278 destination(df_uucp);
281 # mail.info -/var/log/mail.info
285 filter(f_at_least_info);
286 destination(df_mail_info);
289 # mail.warn -/var/log/mail.warn
293 filter(f_at_least_warn);
294 destination(df_mail_warn);
297 # mail.err /var/log/mail.err
301 filter(f_at_least_err);
302 destination(df_mail_err);
305 # news.crit /var/log/news/news.crit
309 filter(f_at_least_crit);
310 destination(df_news_dot_crit);
313 # news.err /var/log/news/news.err
317 filter(f_at_least_err);
318 destination(df_news_dot_err);
321 # news.notice /var/log/news/news.notice
325 filter(f_at_least_notice);
326 destination(df_news_dot_notice);
331 # auth,authpriv.none;\
332 # news.none;mail.none -/var/log/debug
336 destination(df_debug);
340 # *.=info;*.=notice;*.=warn;\
341 # auth,authpriv.none;\
343 # mail,news.none -/var/log/messages
347 destination(df_messages);
358 <% if kernel == 'Linux' %>
360 # news.crit;news.err;news.notice;\
362 # *.=notice;*.=warn |/dev/xconsole
366 destination(dp_xconsole);