diff options
| author | Silvino Silva <silvino@bk.ru> | 2017-08-27 23:00:21 +0100 |
|---|---|---|
| committer | Silvino Silva <silvino@bk.ru> | 2017-08-27 23:00:21 +0100 |
| commit | 46329d66252eb37e731f670705f6085db74a93f7 (patch) | |
| tree | fce579f3512ce707ee6bf9a8b6b43f9bed3e6ab3 | |
| parent | bc162e537fe06c4d79bbc9531f24e56819759a73 (diff) | |
| download | doc-46329d66252eb37e731f670705f6085db74a93f7.tar.gz | |
added syslog-ng configuration, fix link to configuration
| -rw-r--r-- | tools/conf/etc/syslog-ng.conf | 181 | ||||
| -rw-r--r-- | tools/syslog-ng.html | 2 |
2 files changed, 182 insertions, 1 deletions
diff --git a/tools/conf/etc/syslog-ng.conf b/tools/conf/etc/syslog-ng.conf new file mode 100644 index 0000000..5b5fc75 --- /dev/null +++ b/tools/conf/etc/syslog-ng.conf @@ -0,0 +1,181 @@ +############################################################################# +# Simple syslog-ng.conf for crux.nu, +# +# Silvino Silva < silvino at bk dot ru > +# Created: 1/12/2014 +# +# Reference: +# http://www.campin.net/syslog-ng/expanded-syslog-ng.con +# +# Notes: +# * f_error and f_console are not used +# -------------------------------------------------------------------------- +@version: 3.5 +@include "scl.conf" + +options { + flush_lines(0); + time_reopen(10); + chain_hostnames(off); + create_dirs(no); + stats_freq(1200); + use_dns(no); + use_fqdn(no); + perm(0600); + log_fifo_size(2048); + log_msg_size(1024); + keep_hostname(yes); +}; + +############################################# +# sources +# +source s_log { unix-dgram("/dev/log"); }; +source s_internal { internal(); }; +source s_kernel { file("/proc/kmsg" program_override("kernel")); }; + +template t_debug { template("$DATE fac $FACILITY lvl $LEVEL prg $PROGRAM: $MSG\n"); }; + +############################################# +# common destinations +# + +destination d_auth { file("/var/log/auth"); }; +destination d_cron { file("/var/log/cron"); }; +destination d_daemon { file("/var/log/daemon"); }; +destination d_kernel { file("/var/log/kernel"); }; +destination d_lpr { file("/var/log/lpr"); }; +destination d_mail { file("/var/log/mail"); }; +destination d_user { file("/var/log/user"); }; +destination d_syslog { file("/val/log/syslog"); }; + +destination d_debug { file("/var/log/debug" template(t_debug)); }; +destination d_error { file("/var/log/error"); }; +destination d_messages { file("/var/log/messages"); }; + +destination d_console { usertty("root"); }; +destination d_console_all { usertty("root"); }; + +############################################# +# custom destinations +# + +destination d_shorewall_warn { file ("/var/log/shorewall/warn.log"); }; +destination d_shorewall_info { file ("/var/log/shorewall/info.log"); }; +destination d_dnsmasq { file("/var/log/dnsmasq"); }; +destination d_postgres { file("/var/log/pgsql"); }; +destination d_sshd { file("/var/log/sshd"); }; +destination d_gitolite { file("/var/log/gitolite"); }; +destination d_nginx_access { file("/var/log/nginx/access.log" owner(root) group(www) perm(0644)); }; +destination d_nginx_error { file("/var/log/nginx/error.log"); }; + +############################################# +# common filters +# + +filter f_info { level(info); }; +filter f_notice { level(notice); }; +filter f_warn { level(warn); }; +filter f_err { level(err); }; +filter f_crit { level(crit .. emerg); }; + +filter f_emerg { level(emerg); }; +filter f_alert { level(alert); }; + +filter f_debug { + level(debug) + and not facility(auth, authpriv, mail, news) +}; + +filter f_error { level(err..emerg); }; +filter f_auth { facility(auth, authpriv); }; +filter f_cron { facility(cron); }; +filter f_daemon { facility(daemon); }; +filter f_kernel { facility(kern); }; +filter f_lpr { facility(lpr); }; + +filter f_local { facility( + local0, + local1, + local2, + local3, + local4, + local5, + local6, + local7 + ); +}; + +filter f_mail { facility(mail); }; +filter f_syslog { facility(syslog); }; +filter f_user { facility(user); }; +filter f_console { level(warn .. emerg); }; + +############################################# +# custom filters +# + +filter f_messages { + level(info..warn) + and not facility(auth, authpriv, mail, cron) +}; + +filter f_dnsmasq { program("dnsmasq"); }; +filter f_postgres { facility(local0); }; +filter f_sshd { facility(local1); }; + +filter f_shorewall_warn { + level (warn) + and match ("iptables" value("MESSAGE")); +}; + +filter f_shorewall_info { + level (info) + and match ("iptables" value("MESSAGE")); +}; + +filter f_gitolite { program("gitolite"); }; + +filter f_nginx_access { + match("nginx_access:" value("MESSAGE")); +}; + +filter f_nginx_error { + match("nginx_error:" value("MESSAGE")); +}; + + +log { source (s_kernel); filter (f_shorewall_warn); destination (d_shorewall_warn); flags(final);}; +log { source (s_kernel); filter (f_shorewall_info); destination (d_shorewall_info); flags(final);}; +log { source(s_log); filter(f_dnsmasq); destination(d_dnsmasq); flags(final); }; +log { source(s_log); filter(f_postgres); destination(d_postgres); flags(final); }; +log { source(s_log); filter(f_sshd); destination(d_sshd); flags(final); }; +log { source(s_log); filter(f_gitolite); destination(d_gitolite); flags(final); }; +log { source(s_log); filter(f_nginx_error); destination(d_nginx_error); flags(final); }; +log { source(s_log); filter(f_local); filter(f_nginx_access); destination(d_nginx_access); flags(final); }; + +############################################# +# connect filter and destination +# + +log { source(s_log); filter(f_auth); destination(d_auth); }; +log { source(s_log); filter(f_cron); destination(d_cron); }; +log { source(s_log); filter(f_daemon); destination(d_daemon); }; +log { source(s_kernel); filter(f_kernel); destination(d_kernel); }; +log { source(s_log); filter(f_lpr); destination(d_lpr); }; +log { source(s_log); source(s_internal); filter(f_syslog); destination(d_syslog); }; +log { source(s_log); filter(f_user); destination(d_user); }; + +log { source(s_log); filter(f_mail); destination(d_mail); }; +log { source(s_log); filter(f_mail); filter(f_info); destination(d_mail); }; +log { source(s_log); filter(f_mail); filter(f_info); destination(d_mail); }; +log { source(s_log); filter(f_mail); filter(f_info); destination(d_mail); }; + +log { source(s_log); filter(f_debug); destination(d_debug); }; +log { source(s_log); filter(f_error); destination(d_error); }; + +#log { source(s_log); filter(f_console); destination(d_console_all); }; +log { source(s_log); filter(f_crit); destination(d_console); }; + +#default log +log { source(s_log); filter(f_messages); destination(d_messages); }; diff --git a/tools/syslog-ng.html b/tools/syslog-ng.html index d6cd174..e97b50d 100644 --- a/tools/syslog-ng.html +++ b/tools/syslog-ng.html @@ -160,7 +160,7 @@ <h3 id="syslog-conf">1.4. Syslog-ng configuration</h3> - <p>Example of <a href="../conf/etc/syslog-ng.conf">/etc/syslog-ng.conf</a> + <p>Example of <a href="conf/etc/syslog-ng.conf">/etc/syslog-ng.conf</a> that configures syslog-ng matching tools already installed in the system and some that are part of <a href="../tools/index.html">tools</a>.</p> |