=?iso-8859-1?Q?Re:_[syslog-ng]Sample_Redhat_configuration=3F?=

[Jay Guerette]

> Can anyone provide some sample configurations for Redhat 7.1 systems,
> both as a central log server and it's clients?

This conf duplicates the default RedHat:

# syslog-ng.conf
options {
	long_hostnames(off);
	sync(0);
};

source syslog {
	internal();
	file(/proc/kmsg);
	unix-stream(/dev/log);
	udp(ip(0.0.0.0) port(514));
};

destination secure {
	file(/var/log/secure);
};
destination messages {
	file(/var/log/messages);
};
destination cron {
	file(/var/log/cron);
};
destination maillog {
	file(/var/log/maillog);
};
destination boot.log {
	file(/var/log/boot.log);
};
destination console {
	file(/dev/console);
};

filter f_console{
	facility(kern)
	or level(emerg);
};
filter f_messages {
	level(info..warn)
	and not facility(authpriv, mail, cron);
};
filter f_authpriv {
	facility(authpriv);
};
filter f_mail {
	facility(mail);
};
filter f_cron {
	facility(cron);
};
filter f_local7 {
	facility(local7);
};

# kern.* /dev/console
# *.emerg *
log {
	source(syslog);
	filter(f_console);
	destination(console);
};

# *.info;mail.none;authpriv.none;cron.none /var/log/messages
log {
	source(syslog);
	filter(f_messages);
	destination(messages);
};

# authpriv.* /var/log/secure
log {
	source(syslog);
	filter(f_authpriv);
	destination(secure);
};

# mail.* /var/log/maillog
log {
	source(syslog);
	filter(f_mail);
	destination(maillog);
};

# cron.* /var/log/cron
log {
	source(syslog);
	filter(f_cron);
	destination(cron);
};

# local7.* /var/log/boot.log
log {
	source(syslog);
	filter(f_local7);
	destination(boot.log);
};


And this is the SysV init script to put it /etc/init.d/:
(note it uses the original syslogd.pid so you don't have to reconfigure
anythingelse, like logrotate, etc.; you can also put configuration options
in /etc/sysconfig/syslog-ng, just like syslog)

#!/bin/bash
#
# syslog-ng        Starts syslog-ng/klogd.
#

# Source function library.
. /etc/init.d/functions

[ -f /sbin/syslog-ng ] || exit 0
[ -f /sbin/klogd ] || exit 0

# Source config
if [ -f /etc/sysconfig/syslog-ng ] ; then
	. /etc/sysconfig/syslog-ng
else
	SYSLOG_NG_OPTIONS="-p /var/run/syslogd.pid -f /etc/syslog-
ng.conf"
	KLOGD_OPTIONS="-2"
fi

RETVAL=0

umask 077

start() {
 	echo -n $"Starting system logger: "
	daemon syslog-ng $SYSLOG_NG_OPTIONS
	RETVAL=$?
	echo
	echo -n $"Starting kernel logger: "
	daemon klogd $KLOGD_OPTIONS
	echo
	[ $RETVAL -eq 0 ] && touch /var/lock/subsys/syslog-ng
	return $RETVAL
}
stop() {
	echo -n $"Shutting down kernel logger: "
	killproc klogd
	echo
	echo -n $"Shutting down system logger: "
	killproc syslog-ng
	RETVAL=$?
	echo
	[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/syslog-ng
	return $RETVAL
}
rhstatus() {
	status syslog-ng
	status klogd
}
restart() {
	stop
	start
}

case "$1" in
  start)
  	start
	;;
  stop)
  	stop
	;;
  status)
  	rhstatus
	;;
  restart|reload)
  	restart
	;;
  condrestart)
  	[ -f /var/lock/subsys/syslog-ng ] && restart || :
	;;
  *)
	echo $"Usage: $0 {start|stop|status|restart|condrestart}"
	exit 1
esac

exit $?