-@version: 3.5
+@version: 3.16
+@include "scl.conf"
#
-# Syslog-ng configuration for PLD Linux
+# Syslog-ng configuration for TLD Linux
#
# See syslog-ng(8) and syslog-ng.conf(5) for more information.
#
threaded(yes);
};
-source s_sys {
- file ("/proc/kmsg" program_override("kernel"));
- unix-stream("/dev/log" max-connections(1000) log_iw_size(100000));
-# if using systemd, comment out the line above, and uncomment line below
-# unix-dgram("/run/systemd/journal/syslog");
+source s_sys {
+ system();
internal();
};
-# uncomment the line below if you want to setup syslog server
-#source s_net { udp(); };
+# uncomment the line below and change ip/port if you want to run syslog server
+#source s_net udp(ip(192.168.1.100),port(514));
-# if using systemd, an IP address instead of name may be required here
#destination d_loghost { udp("loghost" port(514)); };
destination d_kern { file("/var/log/kernel"); };
destination d_mail { file("/var/log/maillog"); };
destination d_uucp { file("/var/log/spooler"); };
destination d_debug { file("/var/log/debug"); };
-destination d_cron { file("/var/log/cron" owner(root) group(crontab) perm(0660)); };
+destination d_cron { file("/var/log/cron"); };
destination d_syslog { file("/var/log/syslog"); };
destination d_daemon { file("/var/log/daemon"); };
destination d_lpr { file("/var/log/lpr"); };
destination d_postgres { file("/var/log/pgsql"); };
destination d_freshclam { file("/var/log/freshclam.log"); };
-# Log iptables messages to separate file
-destination d_iptables { file("/var/log/iptables"); };
+destination d_shorewall { file("/var/log/shorewall"); };
destination d_console { usertty("root"); };
#destination d_console_all { file("/dev/tty12"); };
destination d_newserr { file("/var/log/news/news.err" owner(news) group(news)); };
destination d_newsnotice { file("/var/log/news/news.notice" owner(news) group(news)); };
+# uncomment the line below if you want to run syslog server
+#destination d_from_net { file("/var/log/$HOST.log" owner(root) group(root) perm(0644) dir_perm(0700) create_dirs(yes)); };
+
# Filters for standard syslog(3) facilities
#filter f_audit { facility(audit); };
filter f_authpriv { facility(authpriv, auth); };
filter f_freshclam { program(freshclam); };
filter f_ppp { program(pppd) or program(chat); };
filter f_postgres { program(postgres); };
-filter f_iptables { match("IN=[A-Za-z0-9\.]* OUT=[A-Za-z0-9\.]*" value("MESSAGE")); };
+filter f_shorewall { facility(kern) and match("Shorewall:" value("MESSAGE")); };
+
+# uncomment the line below if you want to run syslog server
+#log { source(s_net); destination(d_from_net); flags(final); };
+
+# log shorewall to separate log file by default
+log { source(s_src); filter(f_shorewall); destination(d_shorewall); flags(final); };
log { source(s_sys); filter(f_authpriv); destination(d_authlog); };
log { source(s_sys); filter(f_cron); destination(d_cron); };
log { source(s_sys); filter(f_daemon); filter(f_ppp); destination(d_ppp); };
log { source(s_sys); filter(f_local6); filter(f_freshclam); destination(d_freshclam); };
log { source(s_sys); filter(f_local0); filter(f_postgres); destination(d_postgres); };
-#log { source(s_sys); filter(f_iptables); destination(d_iptables); };
log { source(s_sys); filter(p_emergency); destination(d_console); };
#log { source(s_sys); destination(d_console_all); };
TLD / packages / syslog-ng.git / blobdiff