From 3321a45e66a3f53762a41154eb8abfcb88a4df3b Mon Sep 17 00:00:00 2001 From: Frank Brehm Date: Thu, 25 Feb 2016 18:59:23 +0100 Subject: [PATCH] Adding some rsyslog conf files --- basic/files/rsyslog.60-default.conf | 36 +++++++ basic/files/rsyslog.70-pb.conf | 31 ++++++ basic/files/rsyslog.conf | 142 ++++++++++++++++++++++++++++ 3 files changed, 209 insertions(+) create mode 100644 basic/files/rsyslog.60-default.conf create mode 100644 basic/files/rsyslog.70-pb.conf create mode 100644 basic/files/rsyslog.conf diff --git a/basic/files/rsyslog.60-default.conf b/basic/files/rsyslog.60-default.conf new file mode 100644 index 0000000..84d8d52 --- /dev/null +++ b/basic/files/rsyslog.60-default.conf @@ -0,0 +1,36 @@ +*.=debug;auth,authpriv,news,mail.none action( + type="omfile" + File="/var/log/debug.log" + FileOwner="root" + FileGroup="adm" +) + +*.info;auth,authpriv,cron,daemon,lpr,mail,news.none action( + type="omfile" + File="/var/log/messages" + FileOwner="root" + FileGroup="adm" +) + +# Uncomment the following directive to re-enable the +# deprecated "/var/log/syslog" log file (don't forget to re-enable log +# rotation in "/etc/logrotate.d/rsyslog" if you do that!) +#*.*;auth,authpriv.none,mail.none action( +# type="omfile" +# File="/var/log/syslog" +# FileOwner="root" +# FileGroup="adm" +#) + +*.emerg action( + type="omusrmsg" + Users="*" + action.execOnlyOnceEveryInterval="10" +) + +# Create an additional socket for the default chroot location +# (used by net-misc/openssh[hpn], see https://bugs.gentoo.org/490744) +#input(type="imuxsock" Socket="/var/empty/dev/log") + + +# vim: filetype=conf diff --git a/basic/files/rsyslog.70-pb.conf b/basic/files/rsyslog.70-pb.conf new file mode 100644 index 0000000..50fc39f --- /dev/null +++ b/basic/files/rsyslog.70-pb.conf @@ -0,0 +1,31 @@ +template ( + name="facility" + type="string" + string="/var/log/syslog.d/%syslogfacility-text%.log" +) + +*.* action( + type="omfile" + DynaFile="facility" + DirCreateMode="0755" + FileCreateMode="0644" + FileOwner="root" + FileGroup="adm" +) + +*.* action( + type="omfile" + File="/var/log/all.log" + FileOwner="root" + FileGroup="adm" + Sync="off" +) + +*.warn;news,mail.none action( + type="omfile" + File="/dev/tty12" + FileOwner="root" + FileGroup="root" +) + +# vim: filetype=conf diff --git a/basic/files/rsyslog.conf b/basic/files/rsyslog.conf new file mode 100644 index 0000000..79670fa --- /dev/null +++ b/basic/files/rsyslog.conf @@ -0,0 +1,142 @@ +# /etc/rsyslog.conf Configuration file for rsyslog. +# +# For more information see +# /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html + +# Check config syntax on startup and abort if unclean (default: off) +$AbortOnUncleanConfig on + +################# +#### MODULES #### +################# + +$ModLoad imuxsock # provides support for local system logging +$ModLoad imklog # provides kernel logging support +#$ModLoad immark # provides --MARK-- message capability +module(load="immark" Interval="3600") + +# provides UDP syslog reception +#$ModLoad imudp +#$UDPServerRun 514 + +# provides TCP syslog reception +#$ModLoad imtcp +#$InputTCPServerRun 514 + + +########################### +#### GLOBAL DIRECTIVES #### +########################### + +module(load="impstats" + interval="43200" + severity="7" + log.syslog="off" + /* need to turn log stream logging off! */ + log.file="/var/log/syslog.d/stats.log") + +# +# Use traditional timestamp format. +# To enable high precision timestamps, comment out the following line. +# +#$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat + +# +# Set the default permissions for all log files. +# +$FileOwner root +$FileGroup adm +$FileCreateMode 0640 +$DirCreateMode 0755 +$Umask 0022 + +module( + load="builtin:omfile" + Template="RSYSLOG_FileFormat" + FileCreateMode="0644" + DirCreateMode="0755" + fileOwnerNum="0" + fileGroupNum="0" + dirOwnerNum="0" + dirGroupNum="0" +) + +# +# Where to place spool and state files +# +$WorkDirectory /var/spool/rsyslog + +# +# Include all config files in /etc/rsyslog.d/ +# +$IncludeConfig /etc/rsyslog.d/*.conf + + +############### +#### RULES #### +############### + +# +# First some standard log files. Log by facility. +# +#auth,authpriv.* /var/log/auth.log +#*.*;auth,authpriv.none -/var/log/syslog +#cron.* /var/log/cron.log +#daemon.* -/var/log/daemon.log +#kern.* -/var/log/kern.log +#lpr.* -/var/log/lpr.log +#mail.* -/var/log/mail.log +#user.* -/var/log/user.log + +# +# Logging for the mail system. Split it up so that +# it is easy to write scripts to parse these files. +# +#mail.info -/var/log/mail.info +#mail.warn -/var/log/mail.warn +#mail.err /var/log/mail.err + +# +# Logging for INN news system. +# +#news.crit /var/log/news/news.crit +#news.err /var/log/news/news.err +#news.notice -/var/log/news/news.notice + +# +# Some "catch-all" log files. +# +#*.=debug;\ +# auth,authpriv.none;\ +# news.none;mail.none -/var/log/debug +#*.=info;*.=notice;*.=warn;\ +# auth,authpriv.none;\ +# cron,daemon.none;\ +# mail,news.none -/var/log/messages + +# +# Emergencies are sent to everybody logged in. +# +*.emerg :omusrmsg:* + +# +# I like to have messages displayed on the console, but only on a virtual +# console I usually leave idle. +# +#daemon,mail.*;\ +# news.=crit;news.=err;news.=notice;\ +# *.=debug;*.=info;\ +# *.=notice;*.=warn /dev/tty8 + +# The named pipe /dev/xconsole is for the `xconsole' utility. To use it, +# you must invoke `xconsole' with the `-file' option: +# +# $ xconsole -file /dev/xconsole [...] +# +# NOTE: adjust the list below, or you'll go crazy if you have a reasonably +# busy site.. +# +daemon.*;mail.*;\ + news.err;\ + *.=debug;*.=info;\ + *.=notice;*.=warn |/dev/xconsole -- 2.39.5