[syslog-ng]'debug' priority?
Loic Minier
syslog-ng@lists.balabit.hu
Tue, 9 Mar 2004 09:57:24 +0100
--EVF5PPMfhYS0aIcm
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Nate Campi <nate@campin.net> - Mon, Mar 08, 2004:
> Unless a sample syslog-ng config file claims to do the exact same thing
> as a syslog daemon which comes with a certain UNIX, it would be foolish
> to assume that it does.
While we're at it, here's a syslog-ng.conf which reproduces the
standard syslogd default behavior under Solaris 8. Requires 1.6.
--
Loïc Minier <lool@dooz.org>
--EVF5PPMfhYS0aIcm
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="syslog-ng.conf"
#
# Configuration file for syslog-ng under Solaris 8 or greater
#
# here are the standard syslog levels:
# emerg alert crit err warning notice info debug
# aliases for these levels are deprecated
######
# options
options {
# the time to wait before a died connection is reestablished
# (default is 60)
time_reopen(10);
# the time to wait before an idle destination file is closed
# (default is 60)
time_reap(360);
# the number of lines buffered before written to file
# (default is 0)
sync(1);
# the number of lines fitting to the output queue
log_fifo_size(2048);
# enable or disable directory creation for destination files
create_dirs(yes);
# default owner, group, and permissions for log files
# (defaults are 0, 0, 0600)
#owner(root);
#group(root);
perm(0644);
# default owner, group, and permissions for created directories
# (defaults are 0, 0, 0700)
#dir_owner(root);
#dir_group(root);
dir_perm(0755);
# enable or disable DNS usage
# syslog-ng blocks on DNS queries, so enabling DNS may lead to
# a Denial of Service attack
# (default is yes)
use_dns(no);
# maximum length of message in bytes
# syslog messages on Solaris should have been truncated at 1024
# (default is 2048)
log_msg_size(4096);
};
######
# sources
# all known message sources
source s_all {
internal();
sun-streams("/dev/log" door("/etc/.syslog_door"));
udp(ip(127.0.0.1));
};
######
# destinations
# system console
destination df_dev_sysmsg {
# /dev/sysmsg is a symlink, don't overwrite its rights
file("/dev/sysmsg" perm(0777) owner(root) group(other)
template("$DATE $HOST $MSG\n"));
};
# standard /var/adm/messages file
destination df_var_adm_messages {
file("/var/adm/messages" template("$DATE $HOST $MSG\n"));
};
# standard /var/log/syslog file
destination df_var_log_syslog {
file("/var/log/syslog" template("$DATE $HOST $MSG\n"));
};
# operator's ttys
destination du_operator {
usertty("operator" template("$DATE $HOST $MSG\n"));
};
# root's ttys
destination du_root {
usertty("root" template("$DATE $HOST $MSG\n"));
};
# all tty's
destination du_all {
usertty("*" template("$DATE $HOST $MSG\n"));
};
######
# filters
# standard syslog rule 1
# *.err;kern.notice;auth.notice
filter f_std_1 {
level(err..emerg) or ((facility(kern) or facility(auth)) and level(notice..emerg));
};
# standard syslog rule 2
# *.err;kern.debug;daemon.notice;mail.crit
filter f_std_2 {
level(err..emerg) or (facility(kern) and level(debug..emerg)) or (facility(daemon) and level(notice..emerg)) or (facility(mail) and level(crit..emerg));
};
# standard syslog rule 3
# *.alert;kern.err;daemon.err
filter f_std_3 {
level(alert..emerg) or (facility(kern) and level(err..emerg)) or (facility(daemon) and level(err..emerg));
};
# standard syslog rule 4
# *.alert
filter f_std_4 {
level(alert..emerg);
};
# standard syslog rule 5
# *.emerg
filter f_std_5 {
level(emerg);
};
# standard syslog rule 6
# mail.debug
filter f_std_6 {
facility(mail) and level(debug..emerg);
};
######
# logs (order matters)
# standard syslog rule 1
log {
source(s_all);
filter(f_std_1);
destination(df_dev_sysmsg);
};
# standard syslog rule 2
log {
source(s_all);
filter(f_std_2);
destination(df_var_adm_messages);
};
# standard syslog rule 3
log {
source(s_all);
filter(f_std_3);
destination(du_operator);
};
# standard syslog rule 4
log {
source(s_all);
filter(f_std_4);
destination(du_root);
};
# standard syslog rule 5
log {
source(s_all);
filter(f_std_5);
destination(du_all);
};
# standard syslog rule 6
log {
source(s_all);
filter(f_std_6);
destination(df_var_log_syslog);
};
--EVF5PPMfhYS0aIcm--