about summary refs log tree commit diff stats
path: root/linux/conf/syslog-ng.conf
diff options
context:
space:
mode:
authorpunk <punk@libernaut>2021-04-29 16:11:04 +0100
committerpunk <punk@libernaut>2021-04-29 16:11:25 +0100
commit9bef2e2b7ea351b6b1cb490597356677db61ff34 (patch)
treec36ae24aa3c36f6c19284c7d4da7c25a620bfabf /linux/conf/syslog-ng.conf
parent6b5cf63d1987889e272643bf7eeb7725df856d11 (diff)
parent5e601f7ee14830ef645ee3d3b1bcdce7450a5ce3 (diff)
downloaddoc-master.tar.gz
release 0.7.2 HEAD master
Diffstat (limited to 'linux/conf/syslog-ng.conf')
-rw-r--r--linux/conf/syslog-ng.conf226
1 files changed, 226 insertions, 0 deletions
diff --git a/linux/conf/syslog-ng.conf b/linux/conf/syslog-ng.conf
new file mode 100644
index 0000000..02e2d57
--- /dev/null
+++ b/linux/conf/syslog-ng.conf
@@ -0,0 +1,226 @@
+@version: 3.25
+@include "scl.conf"
+
+# Syslog-ng configuration file, compatible with default Debian syslogd
+# installation.
+
+# First, set some global options.
+options { chain_hostnames(off); flush_lines(0); use_dns(no); use_fqdn(no);
+	  owner("root"); group("adm"); perm(0640); stats_freq(0);
+	  bad_hostname("^gconfd$");
+};
+
+########################
+# Sources
+########################
+# This is the default behavior of sysklogd package
+# Logs may come from unix stream, but not from another machine.
+#
+source s_src {
+       system();
+       internal();
+};
+
+# If you wish to get logs from remote machine you should uncomment
+# this and comment the above source line.
+#
+#source s_net { tcp(ip(127.0.0.1) port(1000)); };
+
+########################
+# Destinations
+########################
+# First some standard logfile
+#
+destination d_auth { file("/var/log/auth"); };
+destination d_sudo { file("/var/log/sudo" ); };
+destination d_cron { file("/var/log/cron"); };
+destination d_daemon { file("/var/log/daemon"); };
+destination d_kern { file("/var/log/kernel"); };
+destination d_lpr { file("/var/log/lpr"); };
+destination d_mail { file("/var/log/mail"); };
+destination d_syslog { file("/var/log/syslog-ng"); };
+destination d_user { file("/var/log/user"); };
+destination d_uucp { file("/var/log/uucp"); };
+
+# This files are the log come from the mail subsystem.
+#
+destination d_mailinfo { file("/var/log/mail.info"); };
+destination d_mailwarn { file("/var/log/mail.warn"); };
+destination d_mailerr { file("/var/log/mail.err"); };
+
+# Logging for INN news system
+#
+destination d_newscrit { file("/var/log/news/news.crit"); };
+destination d_newserr { file("/var/log/news/news.err"); };
+destination d_newsnotice { file("/var/log/news/news.notice"); };
+
+# Some 'catch-all' logfiles.
+#
+destination d_debug { file("/var/log/debug"); };
+destination d_error { file("/var/log/error"); };
+destination d_messages { file("/var/log/messages"); };
+
+# Custom destinations
+destination d_shorewall_warn { file ("/var/log/shorewall/warn"); };
+destination d_shorewall_info { file ("/var/log/shorewall/info"); };
+destination d_ntpd { file("/var/log/ntpd"); };
+destination d_dnsmasq	{ file("/var/log/dnsmasq"); };
+destination d_postgres  { file("/var/log/pgsql"); };
+destination d_mysql  { file("/var/log/pgsql"); };
+destination d_iptables  { file("/var/log/iptables"); };
+destination d_sshd      { file("/var/log/sshd"); };
+destination d_gitolite  { file("/var/log/gitolite"); };
+destination d_git-daemon  { file("/var/log/git-daemon"); };
+destination d_nginx_access { file("/var/log/nginx_access"); };
+destination d_nginx_error  { file("/var/log/nginx_error"); };
+destination d_php_fpm { file("/var/log/php-fpm"); };
+destination d_php { file("/var/log/php"); };
+destination d_nginx_vhost { file("/var/log/nginx/vhost_access"); };
+destination d_nginx_vhost_err { file("/var/log/nginx/vhost_error"); };
+
+# The root's console.
+#
+destination d_console { usertty("root"); };
+
+# Virtual console.
+#
+#destination d_console_all { file(`tty10`); };
+destination console { usertty("root"); };
+destination d_console_all { file("/dev/tty12" suppress(5)); };
+destination xconsole { pipe("/dev/xconsole" suppress(5)); };
+
+
+
+# The named pipe /dev/xconsole is for the nsole' utility.  To use it,
+# you must invoke nsole' with the -file' option:
+#
+#    $ xconsole -file /dev/xconsole [...]
+#
+destination d_xconsole { pipe("/dev/xconsole"); };
+
+# Send the messages to an other host
+#
+#destination d_net { tcp("127.0.0.1" port(1000) log_fifo_size(1000)); };
+
+# Debian only
+destination d_ppp { file("/var/log/ppp"); };
+
+########################
+# Filters
+########################
+# Here's come the filter options. With this rules, we can set which 
+# message go where.
+
+filter f_dbg { level(debug); };
+filter f_info { level(info); };
+filter f_notice { level(notice); };
+filter f_warn { level(warn); };
+filter f_err { level(err); };
+filter f_crit { level(crit .. emerg); };
+
+filter f_debug { level(debug) and not facility(auth, authpriv, news, mail); };
+filter f_error { level(err .. emerg) ; };
+filter f_messages { level(info,notice,warn)
+                    and not facility(auth,authpriv,cron,daemon,mail,news,local0); };
+
+filter f_auth { facility(auth, authpriv) and not filter(f_debug); };
+filter f_sudo { facility(auth, authpriv) and program("^sudo$"); };
+filter f_cron { facility(cron) and not filter(f_debug);};
+filter f_daemon { facility(daemon, local0)
+        and not filter(f_debug)
+        and not program("^php$")
+        and not program("^nginx_vhost$")
+        and not program("^nginx_vhost_err$");};
+filter f_kern { facility(kern) and not filter(f_debug); };
+filter f_lpr { facility(lpr) and not filter(f_debug); };
+filter f_local { facility(local0, local1, local3, local4, local5,
+                        local6, local7) and not filter(f_debug); };
+filter f_mail { facility(mail) and not filter(f_debug); };
+filter f_news { facility(news) and not filter(f_debug); };
+filter f_syslog3 { program("^syslog-ng$");};
+filter f_user { facility(user) and not filter(f_debug); };
+filter f_uucp { facility(uucp) and not filter(f_debug); };
+
+filter f_cnews { level(notice, err, crit) and facility(news); };
+filter f_cother { level(debug, info, notice, warn) or facility(daemon, mail); };
+
+filter f_ppp { facility(local2) and not filter(f_debug); };
+filter f_console { level(warn .. emerg); };
+
+# custom filters
+
+filter f_ntpd { facility(daemon) and program("^ntpd$"); };
+filter f_dnsmasq { facility(daemon) and program("^dnsmasq$"); };
+filter f_postgres { facility(local0) and program("^postgresql$"); };
+filter f_sshd { facility(auth) and program("^sshd$"); };
+
+filter f_iptables { facility(kern) and match("iptables" value("MESSAGE")) };
+filter f_shorewall_warn { level (warn) and match ("Shorewall" value("MESSAGE")); };
+filter f_shorewall_info {level (info) and match ("Shorewall" value("MESSAGE")); };
+filter f_gitolite { program("^gitolite$"); };
+filter f_git-daemon { program("^git-daemon$"); };
+filter f_nginx_error { facility(daemon) and program("^nginx$"); };
+filter f_nginx_vhost { facility(daemon) and program("^nginx_vhost$");};
+filter f_nginx_vhost_err { facility(daemon) and program("^nginx_vhost_err$");};
+filter f_php_fpm { facility(daemon) and program("^php-fpm$");};
+filter f_php { facility(daemon) and program("^php$");};
+
+# custom logs
+log { source(s_src); filter(f_ntpd); destination(d_ntpd); };
+log { source(s_src); filter(f_php_fpm); destination(d_php_fpm); };
+log { source(s_src); filter(f_php); destination(d_php); };
+log { source(s_src); filter(f_nginx_vhost); destination(d_nginx_vhost); };
+log { source(s_src); filter(f_nginx_vhost_err); destination(d_nginx_vhost_err); };
+log { source(s_src); filter(f_sshd); destination(d_sshd);};
+log { source (s_src); filter (f_iptables); destination (d_iptables);};
+log { source (s_src); filter (f_shorewall_warn); destination (d_shorewall_warn);};
+log { source (s_src); filter (f_shorewall_info); destination (d_shorewall_info);};
+log { source(s_src); filter(f_dnsmasq); destination(d_dnsmasq);};
+log { source(s_src); filter(f_postgres); destination(d_postgres);};
+log { source(s_src); filter(f_gitolite); destination(d_gitolite);};
+log { source(s_src); filter(f_git-daemon); destination(d_git-daemon);};
+log { source(s_src); filter(f_nginx_error); destination(d_nginx_error);};
+
+########################
+# Log paths
+########################
+log { source(s_src); filter(f_auth); destination(d_auth); };
+log { source(s_src); filter(f_sudo); destination(d_sudo); };
+log { source(s_src); filter(f_cron); destination(d_cron); };
+log { source(s_src); filter(f_daemon); destination(d_daemon); };
+log { source(s_src); filter(f_kern); destination(d_kern); };
+log { source(s_src); filter(f_lpr); destination(d_lpr); };
+log { source(s_src); filter(f_user); destination(d_user); };
+log { source(s_src); filter(f_uucp); destination(d_uucp); };
+
+log { source(s_src); filter(f_mail); destination(d_mail); };
+log { source(s_src); filter(f_mail); filter(f_info); destination(d_mailinfo); };
+log { source(s_src); filter(f_mail); filter(f_warn); destination(d_mailwarn); };
+log { source(s_src); filter(f_mail); filter(f_err); destination(d_mailerr); };
+
+log { source(s_src); filter(f_news); filter(f_crit); destination(d_newscrit); };
+log { source(s_src); filter(f_news); filter(f_err); destination(d_newserr); };
+log { source(s_src); filter(f_news); filter(f_notice); destination(d_newsnotice); };
+#log { source(s_src); filter(f_cnews); destination(d_console_all); };
+#log { source(s_src); filter(f_cother); destination(d_console_all); };
+
+#log { source(s_src); filter(f_ppp); destination(d_ppp); };
+
+log { source(s_src); filter(f_debug); destination(d_debug); };
+log { source(s_src); filter(f_error); destination(d_error); };
+log { source(s_src); filter(f_messages); destination(d_messages); };
+log { source(s_src); filter(f_syslog3); destination(d_syslog); };
+log { source(s_src); filter(f_console); destination(d_console_all);
+				    destination(d_xconsole); };
+log { source(s_src); filter(f_crit); destination(d_console); };
+
+#
+# 
+# All messages send to a remote site
+#
+#log { source(s_src); destination(d_net); };
+
+###
+# Include all config files in /etc/syslog-ng/conf.d/
+###
+@include "/etc/syslog-ng/conf.d/*.conf"