diff options
Diffstat (limited to 'system/rsyslog/config/rsyslog.conf')
| -rw-r--r-- | system/rsyslog/config/rsyslog.conf | 107 |
1 files changed, 107 insertions, 0 deletions
diff --git a/system/rsyslog/config/rsyslog.conf b/system/rsyslog/config/rsyslog.conf new file mode 100644 index 0000000000..26c6a744d7 --- /dev/null +++ b/system/rsyslog/config/rsyslog.conf @@ -0,0 +1,107 @@ +# /etc/rsyslog.conf Configuration file for rsyslog. +# +# For more information see +# /usr/doc/rsyslog/html/rsyslog_conf.html + + +################# +#### MODULES #### +################# + +$ModLoad imuxsock # provides support for local system logging +$ModLoad imklog # provides kernel logging support (previously done by rklogd) +$ModLoad immark # provides --MARK-- message capability + +# ######### Receiving Messages from Remote Hosts ########## +# TCP Syslog Server: +# provides TCP syslog reception and GSS-API (if compiled to support it) +#$ModLoad imtcp # load module +#$InputTCPServerRun 514 # start up TCP listener at port 514 + +# UDP Syslog Server: +#$ModLoad imudp # provides UDP syslog reception +#$UDPServerRun 514 # start a UDP syslog server at standard port 514 + + +########################### +#### GLOBAL DIRECTIVES #### +########################### + +# +# Use traditional timestamp format. +# To enable high precision timestamps, comment out the following line. +# +$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat + +# +# Use traditional Slackware console log level +# +$klogConsoleLogLevel 3 + +# +# Set the default permissions for all log files. +# +$FileOwner root +$FileGroup root +$FileCreateMode 0640 +$DirCreateMode 0755 +$Umask 0022 + +# +# Include all config files in /etc/rsyslog.d/ +# +#$IncludeConfig /etc/rsyslog.d/*.conf + + +############### +#### RULES #### +############### + +# Uncomment this to see kernel messages on the console. +#kern.* /dev/console + +# Log anything 'info' or higher, but lower than 'warn'. +# Exclude authpriv, cron, mail, and news. These are logged elsewhere. +*.info;*.!warn;\ + authpriv.none;cron.none;mail.none;news.none -/var/log/messages + +# Log anything 'warn' or higher. +# Exclude authpriv, cron, mail, and news. These are logged elsewhere. +*.warn;\ + authpriv.none;cron.none;mail.none;news.none -/var/log/syslog + +# Debugging information is logged here. +*.=debug -/var/log/debug + +# Private authentication message logging: +authpriv.* -/var/log/secure + +# Cron related logs: +cron.* -/var/log/cron + +# Mail related logs: +mail.* -/var/log/maillog + +# Emergency level messages go to all users: +*.emerg * + +# This log is for news and uucp errors: +uucp,news.crit -/var/log/spooler + +# Uncomment these if you'd like INN to keep logs on everything. +# You won't need this if you don't run INN (the InterNetNews daemon). +#news.=crit -/var/log/news/news.crit +#news.=err -/var/log/news/news.err +#news.notice -/var/log/news/news.notice + +# ########## Remote Logging (we use TCP for reliable delivery) ########## +# An on-disk queue is created for this action. If the remote host is +# down, messages are spooled to disk and sent when it is up again. +#$WorkDirectory /rsyslog/spool # where to place spool files +#$ActionQueueFileName uniqName # unique name prefix for spool files +#$ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible) +#$ActionQueueSaveOnShutdown on # save messages to disk on shutdown +#$ActionQueueType LinkedList # run asynchronously +#$ActionResumeRetryCount -1 # infinite retries if host is down +# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional +#*.* @@remote-host:514 |