@version: 3.25 @include "scl.conf" options { chain_hostnames(off); time_reopen(10); time_reap(360); flush_lines(0); log_fifo_size(2048); owner("syslog"); group("adm"); perm(0640); create_dirs(yes); dir_perm(0755); use_dns(no); use_fqdn(no); stats_freq(0); }; ######################## # Sources ######################## source s_all { internal(); unix-dgram("/run/systemd/journal/dev-log"); unix-stream("/run/systemd/journal/dev-log"); system(); file("/proc/kmsg" program-override("kernel")); }; ### # Note we are inverting the priorities here and making the Flashblade configurations # under /etc/syslog-ng/conf.d have higher priority than the defaults. ### @include "/etc/syslog-ng/conf.d/*.conf" ######################## # Millisecond date template for syslog ######################## template template_millisecond_format { template("${R_DATE} ${HOST} ${MSGHDR}${MSG}\n"); template_escape(no); }; ######################## # Destinations ######################## destination d_auth { file("/var/log/auth.log" owner("syslog") group("adm") perm(0640)); }; destination d_syslog { file("/var/log/syslog" owner("syslog") group("adm") perm(0640) frac_digits(3) template(template_millisecond_format)); }; destination d_cron { file("/var/log/cron.log"); }; destination d_daemon { file("/var/log/daemon.log"); }; destination d_kern { file("/var/log/kern.log" owner("syslog") group("adm") perm(0640)); }; destination d_lpr { file("/var/log/lpr.log"); }; destination d_mail { file("/var/log/mail.log" owner("syslog") group("adm") perm(0640)); }; destination d_mail_err { file("/var/log/mail.err" owner("syslog") group("adm") perm(0640)); }; destination d_user { file("/var/log/user.log"); }; destination d_uucp { file("/var/log/uucp.log"); }; destination d_news_crit { file("/var/log/news/news.crit" owner("syslog") group("adm") perm(0640)); }; destination d_news_err { file("/var/log/news/news.err" owner("syslog") group("adm") perm(0640)); }; destination d_news_notice { file("/var/log/news/news.notice" owner("syslog") group("adm") perm(0640)); }; destination d_xconsole { pipe("/dev/xconsole"); }; destination d_snmpd { file("/var/log/purity/snmpd.log" owner("syslog") group("adm") perm(0640)); }; ######################## # Filters ######################## filter f_auth { facility(auth, authpriv); }; filter f_syslog { not facility(auth, authpriv, local6) and not program(ccm); }; filter f_kern { facility(kern); }; filter f_mail { facility(mail); }; filter f_news { facility(news); }; filter f_notice { level(notice .. emerg); }; filter f_err { level(err .. emerg); }; filter f_crit { level(crit .. emerg); }; filter f_xconsole { facility(daemon, mail) or level(warning .. debug) or (facility(news) and level(err)); }; filter f_snmpd { facility(local0) and program("snmpd"); }; ######################## # Log paths ######################## log { source(s_all); filter(f_auth); destination(d_auth); }; log { source(s_all); filter(f_syslog); destination(d_syslog); }; log { source(s_all); filter(f_kern); destination(d_kern); }; log { source(s_all); filter(f_mail); destination(d_mail); }; log { source(s_all); filter(f_mail); filter(f_err); destination(d_mail_err); }; log { source(s_all); filter(f_news); filter(f_crit); destination(d_news_crit); }; log { source(s_all); filter(f_news); filter(f_err); destination(d_news_err); }; log { source(s_all); filter(f_news); filter(f_notice); destination(d_news_notice); }; log { source(s_all); filter(f_xconsole); destination(d_xconsole); }; log { source(s_all); filter(f_snmpd); destination(d_snmpd); };