aboutsummaryrefslogtreecommitdiffstats
path: root/main/rsyslog/rsyslog.conf
diff options
context:
space:
mode:
authorJakub Jirutka <jakub@jirutka.cz>2019-01-27 20:57:26 +0100
committerJakub Jirutka <jakub@jirutka.cz>2019-01-28 01:51:37 +0100
commit6327c4b8f67b993d5ca5d79924fe0e2c6551c798 (patch)
tree8afb70745564ec0ec7883b6539ca0017b7f2788b /main/rsyslog/rsyslog.conf
parentaefed8aa14e18fa59f1b7723809d48bc874ac08b (diff)
downloadaports-6327c4b8f67b993d5ca5d79924fe0e2c6551c798.tar.gz
aports-6327c4b8f67b993d5ca5d79924fe0e2c6551c798.tar.bz2
aports-6327c4b8f67b993d5ca5d79924fe0e2c6551c798.tar.xz
main/rsyslog: rewrite default config to new syntax and unify file names
Diffstat (limited to 'main/rsyslog/rsyslog.conf')
-rw-r--r--main/rsyslog/rsyslog.conf138
1 files changed, 70 insertions, 68 deletions
diff --git a/main/rsyslog/rsyslog.conf b/main/rsyslog/rsyslog.conf
index 6e81fc4171..d2706daa27 100644
--- a/main/rsyslog/rsyslog.conf
+++ b/main/rsyslog/rsyslog.conf
@@ -1,94 +1,96 @@
-# rsyslog v5: load input modules
-# If you do not load inputs, nothing happens!
-# You may need to set the module load path if modules are not found.
+# rsyslog configuration file
+#
+# For more information see /usr/share/doc/rsyslog-*/rsyslog_conf.html
+# or latest version online at http://www.rsyslog.com/doc/rsyslog_conf.html
+# If you experience problems, see http://www.rsyslog.com/doc/troubleshoot.html
+
+
+#### Global directives ####
-$ModLoad immark.so # provides --MARK-- message capability
-$ModLoad imuxsock.so # provides support for local system logging (e.g. via logger command)
-$ModLoad imklog.so # kernel logging (formerly provided by rklogd)
+# Sets the directory that rsyslog uses for work files.
+$WorkDirectory /var/lib/rsyslog
-# default permissions for all log files.
+# Sets default permissions for all log files.
$FileOwner root
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022
-# Include configuration files from directory
-$IncludeConfig /etc/rsyslog.d/*
-
-# Check config syntax on startup and abort if unclean (default off)
+# Check config syntax on startup and abort if unclean (default off).
#$AbortOnUncleanConfig on
-# Reduce repeating messages (default off)
+# Reduce repeating messages (default off).
#$RepeatedMsgReduction on
-# Log all kernel messages to the console.
-# Logging much else clutters up the screen.
-#kern.* /dev/console
+# Include all config files in /etc/rsyslog.d/.
+include(file="/etc/rsyslog.d/*.conf" mode="optional")
+
+
+#### Modules ####
+
+# Provides --MARK-- message capability.
+module(load="immark")
+
+# Provides support for local system logging (e.g. via logger command).
+module(load="imuxsock")
+
+# Reads kernel messages.
+module(load="imklog")
+
+
+#### Rules ####
+
+# Log all kernel messages to kern.log.
+kern.* /var/log/kern.log
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
-*.info;mail.none;authpriv.none;cron.none -/var/log/messages
+# NOTE: The minus sign in front of filename disables buffer flush.
+*.info;authpriv.none;cron.none;kern.none;mail.none -/var/log/messages
# The authpriv file has restricted access.
-authpriv.* /var/log/secure
+authpriv.* /var/log/auth.log
# Log all the mail messages in one place.
-mail.* -/var/log/maillog
+mail.* -/var/log/mail.log
+
+# Log cron stuff.
+cron.* -/var/log/cron.log
-# Log cron stuff
-cron.* -/var/log/cron
+# Everybody gets emergency messages.
+*.emerg :omusrmsg:*
-# Everybody gets emergency messages
-*.emerg :omusrmsg:*
+# Save boot messages also to boot.log.
+local7.* /var/log/boot.log
-# Save news errors of level crit and higher in a special file.
-uucp,news.crit -/var/log/spooler
+# Log all kernel messages to the console.
+# Logging much else clutters up the screen.
+#kern.* /dev/console
-# Save boot messages also to boot.log
-local7.* /var/log/boot.log
-# More configuration examples:
-#
-# Remote Logging (we use TCP for reliable delivery)
+### Examples ####
+
+# Send all logs to remote syslog via UDP.
# An on-disk queue is created for this action. If the remote host is
# down, messages are spooled to disk and sent when it is up again.
-#$WorkDirectory /var/spool/rsyslog # where to place spool files
-#$ActionQueueFileName uniqName # unique name prefix for spool files
-#$ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible)
-#$ActionQueueSaveOnShutdown on # save messages to disk on shutdown
-#$ActionQueueType LinkedList # run asynchronously
-#$ActionResumeRetryCount -1 # infinety retries if host is down
-#$ActionResumeInterval 30 # retry interval
-# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional
-#*.* @@remote-host
-
-# Remote Logging with TCP + SSL/TLS
-#$DefaultNetstreamDriver gtls
-#$DefaultNetstreamDriverCAFile /etc/ssl/rsyslog/rsyslog_ca.cert.pem
-#$DefaultNetstreamDriverCertFile /etc/ssl/rsyslog/rsyslog_CLIENT.cert.pem
-#$DefaultNetstreamDriverKeyFile /etc/ssl/rsyslog/rsyslog_CLIENT.key.pem
-#$ActionSendStreamDriverAuthMode x509/name # enable peer authentication
-#$ActionSendStreamDriverPermittedPeer foo # authorize to send encrypted data to server foo
-#$ActionSendStreamDriverMode 1 # run driver in TLS-only mode
-
-# ######### Receiving Messages from Remote Hosts ##########
-# TCP Syslog Server:
-#$ModLoad imtcp # provides TCP syslog reception
-#$TCPServerRun 10514 # start a TCP syslog server at port 10514
-
-# TCP + SSL/TLS Syslog Server:
-#$ModLoad imtcp # provides TCP syslog reception
-#$DefaultNetstreamDriver gtls # use gnuTLS for data encryption
-#$DefaultNetstreamDriverCAFile /etc/ssl/rsyslog/rsyslog_ca.cert.pem
-#$DefaultNetstreamDriverCertFile /etc/ssl/rsyslog/rsyslog_SERVER.cert.pem
-#$DefaultNetstreamDriverKeyFile /etc/ssl/rsyslog/rsyslog_SERVER.key.pem
-#$InputTCPServerStreamDriverMode 1 # run driver in TLS-only mode
-#$InputTCPServerStreamDriverAuthMode x509/name # enable peer authentication
-#$InputTCPServerStreamDriverPermittedPeer bar # authorize client named bar (one line per client)
-#$TCPServerRun 10514 # start a TCP syslog server at port 10514
-
-# UDP Syslog Server:
-#$ModLoad imudp.so # provides UDP syslog reception
-#$UDPServerRun 514 # start a UDP syslog server at standard port 514
-
+#*.* action(
+# type="omfwd"
+# target="192.168.0.1"
+# port="514"
+# protocol="udp"
+# queue.filename="fwdRule1" # unique name prefix for spool files
+# queue.type="LinkedList"
+# queue.maxDiskSpace="256m"
+# queue.saveOnShutdown="on"
+# action.resumeRetryCount="-1"
+# action.resumeInterval="30"
+#)
+
+# Receive messages from remote host via UDP
+# for parameters see http://www.rsyslog.com/doc/imudp.html
+#module(load="imudp") # needs to be done just once
+#input(
+# type="imudp"
+# port="514"
+#)