[syslog-ng] Re: syslog-ng Digest, Vol 16, Issue 5

Fernando Loureiro loureiro.fernando at gmail.com
Wed Aug 9 16:32:18 CEST 2006 

Here is my syslog-ng.conf



On 8/7/06, syslog-ng-request at lists.balabit.hu
<syslog-ng-request at lists.balabit.hu> wrote:
> Send syslog-ng mailing list submissions to
>         syslog-ng at lists.balabit.hu
>
> To subscribe or unsubscribe via the World Wide Web, visit
>         https://lists.balabit.hu/mailman/listinfo/syslog-ng
> or, via email, send a message with subject or body 'help' to
>         syslog-ng-request at lists.balabit.hu
>
> You can reach the person managing the list at
>         syslog-ng-owner at lists.balabit.hu
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of syslog-ng digest..."
>
>
> Today's Topics:
>
>    1. Re:  syslog-ng doesn't log messages (Sandor Geller)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Mon, 07 Aug 2006 10:36:41 +0200
> From: Sandor Geller <wildy at balabit.hu>
> Subject: Re: [syslog-ng] syslog-ng doesn't log messages
> To: Syslog-ng users' and developers' mailing list
>         <syslog-ng at lists.balabit.hu>
> Message-ID: <44D6FB99.5070804 at balabit.hu>
> Content-Type: text/plain; charset=ISO-8859-2
>
> Fernando Loureiro wrote:
> > I think everything is ok with my conf but it isn't working with some
> > applications such as openldap, apcupsd.
> >
> > Can somebody help me? Here is a part of my conf.
> >
> >
> > []s
> > -- Fernando
> >
> >
> > ------------------------------
> >
> > options {
> >         chain_hostnames(off);
> >         sync(0);
> >         use_dns(no);
> >         create_dirs(yes);
> >         };
> >
> > source kernsrc { file("/proc/kmsg"); internal(); };
> >
> > destination  openldap    { file("/var/log/openldap.log");                 };
> > destination  apcupsd     { file("/var/log/apcupsd.log");                  };
> >
> > filter  f_openldap  { program(slapd);                                   };
> > filter  f_apcupsd   { program(apcupsd);                                 };
> >
> > log { source(kernsrc); filter(f_openldap);
> > destination(openldap);          };
> > log { source(kernsrc); filter(f_apcupsd);
> > destination(apcupsd);           };
>
> This is a very incomplete configuration. You missed /dev/log, userspace
> processes don't log through /proc/mksg.
>
> --
> Sandor Geller
> wildy at balabit.hu
>
>
> ------------------------------
>
> _______________________________________________
> syslog-ng maillist  -  syslog-ng at lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
>
>
> End of syslog-ng Digest, Vol 16, Issue 5
> ****************************************
>
-------------- next part --------------
########################################################################
# Options
# 	
########################################################################
options { 
	chain_hostnames(off); 
	sync(0); 
	use_dns(no);  
	create_dirs(yes);
	};


########################################################################
# Source de onde serao lidos os logs
# 	No caso so serao lidos do arquivo. Nada chegara via rede!
########################################################################
source kernsrc { file("/proc/kmsg"); internal(); };


########################################################################
# Destinos para onde os logs serao armazenados 
# 	
########################################################################
destination  authlog 	 { file("/var/log/auth.log"); 	                  };
destination  syslog 	 { file("/var/log/syslog"); 	                  };
destination  cron 	 { file("/var/log/cron.log"); 	                  };
destination  daemon 	 { file("/var/log/daemon.log");                   };
destination  kern 	 { file("/var/log/kern.log"); file("/dev/tty12"); };
destination  user 	 { file("/var/log/user.log"); 	                  };
destination  mail 	 { file("/var/log/mail.log");  	                  };
destination  mailinfo 	 { file("/var/log/mail.info"); 	                  };
destination  mailwarn 	 { file("/var/log/mail.warn"); 	                  };
destination  mailerr 	 { file("/var/log/mail.err"); 	                  };
destination  debug 	 { file("/var/log/debug"); 	                  };
destination  messages 	 { file("/var/log/messages"); 	                  };
destination  console 	 { usertty("root"); 		                  };
destination  console_all { file("/dev/tty12"); 		                  };
destination  pax         { file("/var/log/pax.log"); 			  };
#destination  audit 	 { file("/var/log/audit.log"); 			  };
destination  openldap	 { file("/var/log/openldap.log");		  };
destination  apcupsd	 { file("/var/log/apcupsd.log");		  };
destination  nscd        { file("/var/log/nscd.log");                     };


########################################################################
# Filtros 
# 	
########################################################################
filter  f_auth 	    { facility (auth, authpriv);  			};
filter  f_syslog    { not facility(authpriv, mail); 			};
filter  f_cron 	    { facility(cron); 	                                };
filter  f_daemon    { facility(daemon); 				};
filter  f_kern 	    { facility(kern);                                   };
filter  f_mail      { facility(mail);                    		};
filter  f_user      { facility(user);                    		};
filter  f_openldap  { program(slapd);					};
filter  f_apcupsd   { program(apcupsd);					};
filter  f_uucp      { facility(cron);                    		};
filter  f_debug     { not facility(auth, authpriv, news, mail);  	};
filter  f_messages  { level(info..warn) 
                      and not facility(auth, authpriv, mail, news);  	};
filter  f_emergency { level(emerg);                      		};
filter  f_info      { level(info);                       		};
filter  f_warn      { level(warn);                       		};
filter  f_crit      { level(crit);                       		};
filter  f_err       { level(err);                        		};
filter  f_pax       { match("^PAX:.*");                  		};
#filter  f_audit     { match("^audit:.*");		        		};


########################################################################
# Log 
#	Conecta os filtros com os destinos	
########################################################################
log { source(kernsrc); 					destination(console_all);	};  # Log Default #
log { source(kernsrc); filter(f_auth);			destination(authlog);		};
log { source(kernsrc); filter(f_syslog);		destination(syslog);		};
log { source(kernsrc); filter(f_cron);			destination(cron);		};
log { source(kernsrc); filter(f_daemon);		destination(daemon);		};
log { source(kernsrc); filter(f_kern);			destination(kern);		};
log { source(kernsrc); filter(f_mail);			destination(mail);		};
log { source(kernsrc); filter(f_mail); filter(f_info);	destination(mailinfo);		};
log { source(kernsrc); filter(f_mail); filter(f_warn);	destination(mailwarn);		};
log { source(kernsrc); filter(f_mail); filter(f_err);	destination(mailerr);		};
log { source(kernsrc); filter(f_debug);			destination(debug);		};
log { source(kernsrc); filter(f_messages);		destination(messages);		};
log { source(kernsrc); filter(f_emergency);		destination(console);		};
log { source(kernsrc); filter(f_pax);           	destination(pax);		};
#log { source(kernsrc); filter(f_audit);			destination(audit);             };
log { source(kernsrc); filter(f_openldap);		destination(openldap);          };
log { source(kernsrc); filter(f_apcupsd);		destination(apcupsd);           };

More information about the syslog-ng mailing list