aboutsummaryrefslogblamecommitdiffstats
path: root/main/syslog-ng/syslog-ng.conf
blob: 570d62ea08c9a2d430a0c97c7ba37d41c1b66f32 (plain) (tree)
1
             






















































































































                                                                                             
@version:3.22
@include "scl.conf"

# syslog-ng configuration file.
#
# See syslog-ng(8) and syslog-ng.conf(5) for more information.
#
# Note: It also sources additional configuration files (*.conf)
#	   located in /etc/syslog-ng/conf.d/.

#
# Options
#
options {
	# Create destination directories if missing.
	create_dirs(yes);

	# The default action of syslog-ng is to log a MARK line to the file every
	# 20 minutes. That's seems high for most people so turn it down to once an
	# hour. Set it to zero if you don't want the functionality at all.
	mark_freq(3600);

	# The default action of syslog-ng is to log a STATS line to the file every
	# 10 minutes. That's pretty ugly after a while. Change it to every 12 hours
	# so you get a nice daily update of how many messages syslog-ng missed (0).
	stats_freq(43200);

	# Time to wait before a died connection is re-established (default is 60).
	time_reopen(5);

	# Disable DNS usage.
	# syslog-ng blocks on DNS queries, so enabling DNS may lead to a DoS attack.
	use_dns(no);
	dns-cache(no);

	# Default owner, group, and permissions for log files.
	owner(root);
	group(adm);
	perm(0640);

	# Default permissions for created directories.
	dir_perm(0755);
};


#
# Templates
#

template t_file {
	template("${YEAR}-${MONTH}-${DAY} ${HOUR}:${MIN}:${SEC} ${LEVEL} ${MSGHDR}${MSG}\n");
};


#
# Sources
#

source s_sys {
	# Standard system log source.
	system();

	# Messages generated by syslog-ng.
	internal();
};


#
# Destinations
#

destination d_auth { file("/var/log/auth.log" template(t_file)); };
destination d_boot { file("/var/log/boot.log" template(t_file)); };
destination d_cron { file("/var/log/cron.log" template(t_file)); };
destination d_kern { file("/var/log/kern.log" template(t_file)); };
destination d_mail { file("/var/log/mail.log" template(t_file) flush_lines(10)); };
destination d_mesg { file("/var/log/messages" template(t_file)); };

# Send messages to console of everyone logged in.
destination d_cons_all { usertty("*"); };

# Send message to the root's console.
destination d_cons_root { usertty("root"); };


#
# Filters
#

filter f_auth { facility(auth, authpriv); };
filter f_boot { facility(local7); };
filter f_cron { facility(cron); };
filter f_emerg { level(emerg); };
filter f_kern { facility(kern); };
filter f_mail { facility(mail); };

filter f_default {
	level(info..emerg)
	and not (facility(auth)
		or facility(authpriv)
		or facility(cron)
		or facility(kern)
		or facility(mail));
};


#
# Logs
#

log { source(s_sys); filter(f_auth); destination(d_auth); };
log { source(s_sys); filter(f_boot); destination(d_boot); };
log { source(s_sys); filter(f_cron); destination(d_cron); };
log { source(s_sys); filter(f_emerg); destination(d_cons_root); };
log { source(s_sys); filter(f_kern); destination(d_kern); };
log { source(s_sys); filter(f_mail); destination(d_mail); };
log { source(s_sys); filter(f_default); destination(d_mesg); };

# Source additional configuration files (.conf extension only)
@include "/etc/syslog-ng/conf.d/*.conf"