[syslog-ng]syslog-ng.conf.5 patch
Jose Pedro Oliveira
syslog-ng@lists.balabit.hu
Wed, 09 Feb 2005 12:51:49 +0000
This is a multi-part message in MIME format.
--------------070704010305010307020905
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 8bit
Balasz,
Two more patches:
1) doc/syslog-ng.conf.5
The syslog-ng.conf.5 manpage patch *only* updates the
information regarding the Global Options.
Problems:
The global option "long_hostnames" is only documented
in the contrib/syslog-ng.conf.doc file (not in the SGML
file). The global option "check_hostname" is only
documented in the SGML file (not in the syslog-ng.conf.doc).
2) contrib/syslog-ng.conf.doc
The syslog-ng.conf.doc patch corrects the source type
of /proc/kmsg (pipe -> file).
Shouldn't this file be better located in the doc directory?
(if this file is relocated, the contrib/README file will
also need to be updated).
Regards,
jpo
--
José Pedro Oliveira
mailto: jpo@di.uminho.pt * http://gsd.di.uminho.pt/~jpo
--------------070704010305010307020905
Content-Type: text/plain;
name="syslog-ng.conf.doc.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="syslog-ng.conf.doc.patch"
diff -ruN syslog-ng-1.6.6+20050208-orig/contrib/syslog-ng.conf.doc syslog-ng-1.6.6+20050208/contrib/syslog-ng.conf.doc
--- syslog-ng-1.6.6+20050208-orig/contrib/syslog-ng.conf.doc 2003-04-10 11:51:00.000000000 +0100
+++ syslog-ng-1.6.6+20050208/contrib/syslog-ng.conf.doc 2005-02-09 03:33:53.370583904 +0000
@@ -283,7 +283,7 @@
# source src
# {
# internal();
-# pipe("/proc/kmsg" log_prefix("kernel: "));
+# file("/proc/kmsg" log_prefix("kernel: "));
# tcp(ip(127.0.0.1) port(4800) keep-alive(yes));
# udp();
# unix-stream("/dev/log");
@@ -304,7 +304,7 @@
{ internal(); };
source s_kernel
- { pipe("/proc/kmsg" log_prefix("kernel: ")); };
+ { file("/proc/kmsg" log_prefix("kernel: ")); };
source s_tcp
{ tcp(port(4800) keep-alive(yes) max_connections(100)); };
--------------070704010305010307020905
Content-Type: text/plain;
name="syslog-ng.conf.5.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="syslog-ng.conf.5.patch"
diff -ruN syslog-ng-1.6.6+20050208-orig/doc/syslog-ng.conf.5 syslog-ng-1.6.6+20050208/doc/syslog-ng.conf.5
--- syslog-ng-1.6.6+20050208-orig/doc/syslog-ng.conf.5 1999-07-10 16:58:32.000000000 +0100
+++ syslog-ng-1.6.6+20050208/doc/syslog-ng.conf.5 2005-02-09 03:23:45.813946000 +0000
@@ -89,11 +89,130 @@
Where optn can be any of the following:
-* mark(n) set mark frequency to n seconds
-
-* sync(n) set sync frequence to n lines (can be overridden locally)
-
-* long_hostnames(yes|no) set long hostname generation on or off
+.TP
+.B bad_hostname(regex)
+A regexp which matches hostnames which should not be taken as such.
+
+.TP
+.B chain_hostnames(yes|no)
+Enable or disable the chained hostname format.
+
+.TP
+.B check_hostname(yes|no)
+Enable or disable whether the hostname contains valid characters.
+
+.TP
+.B create_dirs(yes|no)
+Enable or disable directory creation for destination files.
+
+.TP
+.B dir_owner(uid)
+User id.
+
+.TP
+.B dir_group(gid)
+Group id.
+
+.TP
+.B dir_perm(perm)
+Permission value (octal mask).
+
+.TP
+.B dns_cache(yes|no)
+Enable or disable DNS cache usage.
+
+.TP
+.B dns_cache_expire(n)
+Number of seconds while a successful lookup is cached.
+
+.TP
+.B dns_cache_expire_failed(n)
+Number of seconds while a failed lookup is cached.
+
+.TP
+.B dns_cache_size(n)
+Number of hostnames in the DNS cache.
+
+.TP
+.B gc_busy_threshold(n)
+Sets the threshold value for the garbage collector, when syslog-ng is
+busy. GC phase starts when the number of allocated objects reach this
+number. Default: 3000.
+
+.TP
+.B gc_idle_threshold(n)
+Sets the threshold value for the garbage collector, when syslog-ng is
+idle. GC phase starts when the number of allocated objects reach this
+number. Default: 100.
+
+.TP
+.B group(gid)
+Group id.
+
+.TP
+.B keep_hostname(yes|no)
+Enable or disable hostname rewriting.
+
+.TP
+.B log_fifo_size(n)
+The number of lines fitting to the output queue.
+
+.TP
+.B log_msg_size(n)
+Maximum length of message in bytes.
+
+.TP
+.B long_hostnames(yes|no)
+Set long hostname generation on or off. This options appears to only
+really have an affect on the local system, which removes the source of
+the log. As an example, normally the local logs will state
+src@hostname, but with this feature off, the source is not reported.
+
+.TP
+.B mark(n)
+The number of seconds between two MARK lines.
+NOTE: not implemented yet.
+
+.TP
+.B owner(uid)
+User id.
+
+.TP
+.B perm(perm)
+Permission value (octal mask).
+
+.TP
+.B stats(n)
+The number of seconds between two STATS.
+
+.TP
+.B sync(n)
+The number of lines buffered before written to file
+(can be overridden locally).
+
+.TP
+.B time_reap(n)
+The time to wait before an idle destination file is closed.
+
+.TP
+.B time_reopen(n)
+The time to wait before a died connection is reestablished.
+
+.TP
+.B use_dns(yes|no)
+Enable or disable DNS usage. syslog-ng blocks on DNS queries, so
+enabling DNS may lead to a Denial of Service attack. To prevent DoS,
+protect your syslog-ng network endpoint with firewall rules, and make
+sure that all hosts, which may get to syslog-ng is resolvable.
+
+.TP
+.B use_fqdn(yes|no)
+Add Fully Qualified Domain Name instead of short hostname.
+
+.TP
+.B use_time_recvd(yes|no)
+Use the time a message is received instead of the one specified in the
+message.
.SH FILES
/etc/syslog-ng/syslog-ng.conf
--------------070704010305010307020905--