# rsyslog configuration file
#
# For more information see /usr/share/doc/rsyslog-*/rsyslog_conf.html
# or latest version online at http://www.rsyslog.com/doc/rsyslog_conf.html
# If you experience problems, see http://www.rsyslog.com/doc/troubleshoot.html


#### Global directives ####

# Sets the directory that rsyslog uses for work files.
$WorkDirectory /var/lib/rsyslog

# Sets default permissions for all log files.
$FileOwner root
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022

# Check config syntax on startup and abort if unclean (default off).
#$AbortOnUncleanConfig on

# Reduce repeating messages (default off).
#$RepeatedMsgReduction on


#### Modules ####

# Provides --MARK-- message capability.
module(load="immark")

# Provides support for local system logging (e.g. via logger command).
module(load="imuxsock")

# Reads kernel messages.
module(load="imklog")

#### Config files ####

# Include all config files in /etc/rsyslog.d/.
include(file="/etc/rsyslog.d/*.conf" mode="optional")

#### Rules ####

# Log all kernel messages to kern.log.
kern.*							/var/log/kern.log

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
# NOTE: The minus sign in front of filename disables buffer flush.
*.info;authpriv.none;cron.none;kern.none;mail.none	-/var/log/messages

# The authpriv file has restricted access.
authpriv.*						/var/log/auth.log

# Log all the mail messages in one place.
mail.*							-/var/log/mail.log

# Log cron stuff.
cron.*							-/var/log/cron.log

# Everybody gets emergency messages.
*.emerg							:omusrmsg:*

# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.*							/dev/console


### Examples ####

# Send all logs to remote syslog via UDP.
# An on-disk queue is created for this action. If the remote host is
# down, messages are spooled to disk and sent when it is up again.
#*.* action(
#	type="omfwd"
#	target="192.168.0.1"
#	port="514"
#	protocol="udp"
#	queue.filename="fwdRule1"  # unique name prefix for spool files
#	queue.type="LinkedList"
#	queue.maxDiskSpace="256m"
#	queue.saveOnShutdown="on"
#	action.resumeRetryCount="-1"
#	action.resumeInterval="30"
#)

# Receive messages from remote host via UDP
# for parameters see http://www.rsyslog.com/doc/imudp.html
#module(load="imudp")  # needs to be done just once
#input(
#	type="imudp"
#	port="514"
#)