options use_dns no chain_hostnames off sync The default action of sysl

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
options {
use_dns(no);
chain_hostnames(off);
sync(0);
# The default action of syslog-ng 1.6.0 is to log a STATS line
# to the file every 10 minutes. That's pretty ugly after a while.
# Change it to every 12 hours so you get a nice daily update of
# how many messages syslog-ng missed (0).
stats(43200);
perm(0644);
};
source local {
unix-stream("/dev/log" max-connections(256));
internal();
file("/proc/kmsg");
};
destination console_all { file("/dev/tty12"); };
destination auth { file("/var/log/auth.log"); };
destination cron { file("/var/log/cron"); };
destination kern { file("/var/log/kern.log"); };
destination mail { file("/var/log/maillog"); };
destination pppd { file("/var/log/pppd.log"); };
destination debug { file("/var/log/debug.log"); };
destination msgs { file("/var/log/messages"); };
filter auth { facility(auth, authpriv); };
filter cron { facility(cron); };
filter kern { facility(kern); };
filter mail { facility(mail); };
filter pppd { program("pppd"); };
filter debug { level(debug)
and not facility(auth, authpriv, cron, kern, mail)
and not program("pppd")
; };
filter msgs { level(info..emerg)
and not facility(auth, authpriv, cron, kern, mail)
and not program("pppd")
; };
log { source(local); destination(console_all); };
log { source(local); filter(auth); destination(auth); };
log { source(local); filter(cron); destination(cron); };
log { source(local); filter(kern); destination(kern); };
log { source(local); filter(mail); destination(mail); };
log { source(local); filter(pppd); destination(pppd); };
log { source(local); filter(debug); destination(debug); };
log { source(local); filter(msgs); destination(msgs); };
source acorp {
# I bind to 0.0.0.0 as it's laptop, so I have no static IP
# and I filter messages using iptables
udp(ip(0.0.0.0) port(514));
};
destination acorp { file("/var/log/acorp.log"); };
log { source(acorp); destination(acorp); };