diff options
author | Silvio Rhatto <rhatto@riseup.net> | 2015-08-02 15:46:32 -0300 |
---|---|---|
committer | Silvio Rhatto <rhatto@riseup.net> | 2015-08-02 15:46:32 -0300 |
commit | 466774152ff8ab9327af180be65a8319f272dea1 (patch) | |
tree | 2344a74f7c576c8b8ac18312aad80b402911d07d | |
parent | 7d059ee449d12d24f88f8cd8ac94718193b81d21 (diff) | |
download | puppet-syslog-ng-466774152ff8ab9327af180be65a8319f272dea1.tar.gz puppet-syslog-ng-466774152ff8ab9327af180be65a8319f272dea1.tar.bz2 |
Customize syslog-ng on jessie
-rw-r--r-- | templates/syslog-ng.conf_jessie.erb | 390 |
1 files changed, 248 insertions, 142 deletions
diff --git a/templates/syslog-ng.conf_jessie.erb b/templates/syslog-ng.conf_jessie.erb index afbd011..eb84f45 100644 --- a/templates/syslog-ng.conf_jessie.erb +++ b/templates/syslog-ng.conf_jessie.erb @@ -1,163 +1,269 @@ @version: 3.5 @include "scl.conf" @include "`scl-root`/system/tty10.conf" +# +# Configuration file for syslog-ng under Debian. +# Customized for sarava.org, originally developed by riseup.net +# +# see http://www.campin.net/syslog-ng/expanded-syslog-ng.conf +# for examples. +# +# levels: emerg alert crit err warning notice info debug +# -# Syslog-ng configuration file, compatible with default Debian syslogd -# installation. +############################################################ +## global options -# First, set some global options. -options { chain_hostnames(off); flush_lines(0); use_dns(no); use_fqdn(no); - owner("root"); group("adm"); perm(0640); stats_freq(0); - bad_hostname("^gconfd$"); +options { + chain_hostnames(0); + time_reopen(10); + time_reap(360); + flush_lines(0); + log_fifo_size(2048); + create_dirs(yes); + group(adm); + perm(0640); + dir_perm(0755); + use_dns(no); }; -######################## -# Sources -######################## -# This is the default behavior of sysklogd package -# Logs may come from unix stream, but not from another machine. -# -source s_src { - system(); - internal(); +############################################################ +## universal source + +source s_all { + internal(); + unix-stream("/dev/log"); +<% if (log_kernel_msgs == true) -%> + file("/proc/kmsg" program_override("kernel")); +<% end -%> }; -# If you wish to get logs from remote machine you should uncomment -# this and comment the above source line. -# -#source s_net { tcp(ip(127.0.0.1) port(1000)); }; +############################################################ +## generic destinations -######################## -# Destinations -######################## -# First some standard logfile -# -destination d_auth { file("/var/log/auth.log"); }; -destination d_cron { file("/var/log/cron.log"); }; -destination d_daemon { file("/var/log/daemon.log"); }; -destination d_kern { file("/var/log/kern.log"); }; -destination d_lpr { file("/var/log/lpr.log"); }; -destination d_mail { file("/var/log/mail.log"); }; -destination d_syslog { file("/var/log/syslog"); }; -destination d_user { file("/var/log/user.log"); }; -destination d_uucp { file("/var/log/uucp.log"); }; - -# This files are the log come from the mail subsystem. -# -destination d_mailinfo { file("/var/log/mail.info"); }; -destination d_mailwarn { file("/var/log/mail.warn"); }; -destination d_mailerr { file("/var/log/mail.err"); }; +destination df_facility_dot_info { file("/var/log/$FACILITY.info"); }; +destination df_facility_dot_notice { file("/var/log/$FACILITY.notice"); }; +destination df_facility_dot_warn { file("/var/log/$FACILITY.warn"); }; +destination df_facility_dot_err { file("/var/log/$FACILITY.err"); }; +destination df_facility_dot_crit { file("/var/log/$FACILITY.crit"); }; -# Logging for INN news system -# -destination d_newscrit { file("/var/log/news/news.crit"); }; -destination d_newserr { file("/var/log/news/news.err"); }; -destination d_newsnotice { file("/var/log/news/news.notice"); }; +############################################################ +## generic filters and rewrites -# Some `catch-all' logfiles. -# -destination d_debug { file("/var/log/debug"); }; -destination d_error { file("/var/log/error"); }; -destination d_messages { file("/var/log/messages"); }; +# strip IP addresses +# regexp thanks to micah and dsyslog +rewrite r_strip {subst("(25[0-5]|2[0-4][0-9]|[0-1]?[0-9]?[0-9])([\\.\\-](25[0-5]|2[0-4][0-9]|[0-1]?[0-9]?[0-9])){3}", "0.0.0.0", value("MESSAGE"), flags("global"));}; -# The root's console. -# -destination d_console { usertty("root"); }; +filter f_at_least_info { level(info..emerg); }; +filter f_at_least_notice { level(notice..emerg); }; +filter f_at_least_warn { level(warn..emerg); }; +filter f_at_least_err { level(err..emerg); }; +filter f_at_least_crit { level(crit..emerg); }; -# Virtual console. -# -destination d_console_all { file(`tty10`); }; +filter rrdcached { not program(rrdcached); }; -# The named pipe /dev/xconsole is for the nsole' utility. To use it, -# you must invoke nsole' with the -file' option: -# -# $ xconsole -file /dev/xconsole [...] -# -destination d_xconsole { pipe("/dev/xconsole"); }; +############################################################ +## auth.log -# Send the messages to an other host -# -#destination d_net { tcp("127.0.0.1" port(1000) log_fifo_size(1000)); }; - -# Debian only -destination d_ppp { file("/var/log/ppp.log"); }; - -######################## -# Filters -######################## -# Here's come the filter options. With this rules, we can set which -# message go where. - -filter f_dbg { level(debug); }; -filter f_info { level(info); }; -filter f_notice { level(notice); }; -filter f_warn { level(warn); }; -filter f_err { level(err); }; -filter f_crit { level(crit .. emerg); }; - -filter f_debug { level(debug) and not facility(auth, authpriv, news, mail); }; -filter f_error { level(err .. emerg) ; }; -filter f_messages { level(info,notice,warn) and - not facility(auth,authpriv,cron,daemon,mail,news); }; - -filter f_auth { facility(auth, authpriv) and not filter(f_debug); }; -filter f_cron { facility(cron) and not filter(f_debug); }; -filter f_daemon { facility(daemon) and not filter(f_debug); }; -filter f_kern { facility(kern) and not filter(f_debug); }; -filter f_lpr { facility(lpr) and not filter(f_debug); }; -filter f_local { facility(local0, local1, local3, local4, local5, - local6, local7) and not filter(f_debug); }; -filter f_mail { facility(mail) and not filter(f_debug); }; -filter f_news { facility(news) and not filter(f_debug); }; -filter f_syslog3 { not facility(auth, authpriv, mail) and not filter(f_debug); }; -filter f_user { facility(user) and not filter(f_debug); }; -filter f_uucp { facility(uucp) and not filter(f_debug); }; - -filter f_cnews { level(notice, err, crit) and facility(news); }; -filter f_cother { level(debug, info, notice, warn) or facility(daemon, mail); }; - -filter f_ppp { facility(local2) and not filter(f_debug); }; -filter f_console { level(warn .. emerg); }; - -######################## -# Log paths -######################## -log { source(s_src); filter(f_auth); destination(d_auth); }; -log { source(s_src); filter(f_cron); destination(d_cron); }; -log { source(s_src); filter(f_daemon); destination(d_daemon); }; -log { source(s_src); filter(f_kern); destination(d_kern); }; -log { source(s_src); filter(f_lpr); destination(d_lpr); }; -log { source(s_src); filter(f_syslog3); destination(d_syslog); }; -log { source(s_src); filter(f_user); destination(d_user); }; -log { source(s_src); filter(f_uucp); destination(d_uucp); }; - -log { source(s_src); filter(f_mail); destination(d_mail); }; -#log { source(s_src); filter(f_mail); filter(f_info); destination(d_mailinfo); }; -#log { source(s_src); filter(f_mail); filter(f_warn); destination(d_mailwarn); }; -#log { source(s_src); filter(f_mail); filter(f_err); destination(d_mailerr); }; - -log { source(s_src); filter(f_news); filter(f_crit); destination(d_newscrit); }; -log { source(s_src); filter(f_news); filter(f_err); destination(d_newserr); }; -log { source(s_src); filter(f_news); filter(f_notice); destination(d_newsnotice); }; -#log { source(s_src); filter(f_cnews); destination(d_console_all); }; -#log { source(s_src); filter(f_cother); destination(d_console_all); }; - -#log { source(s_src); filter(f_ppp); destination(d_ppp); }; - -log { source(s_src); filter(f_debug); destination(d_debug); }; -log { source(s_src); filter(f_error); destination(d_error); }; -log { source(s_src); filter(f_messages); destination(d_messages); }; - -log { source(s_src); filter(f_console); destination(d_console_all); - destination(d_xconsole); }; -log { source(s_src); filter(f_crit); destination(d_console); }; - -# All messages send to a remote site -# -#log { source(s_src); destination(d_net); }; +filter f_auth { facility(auth, authpriv); }; +destination df_auth { file("/var/log/auth.log"); }; +log { + source(s_all); + filter(f_auth); + rewrite(r_strip); + destination(df_auth); +}; + +############################################################ +## daemon.log + +filter f_daemon { facility(daemon); }; +destination df_daemon { file("/var/log/daemon.log"); }; +log { + source(s_all); + filter(f_daemon); + filter(rrdcached); + rewrite(r_strip); + destination(df_daemon); +}; + +############################################################ +## kern.log + +filter f_kern { facility(kern); }; +destination df_kern { file("/var/log/kern.log"); }; +log { + source(s_all); + filter(f_kern); + rewrite(r_strip); + destination(df_kern); +}; + +############################################################ +## user.log + +filter f_user { facility(user); }; +destination df_user { file("/var/log/user.log"); }; +log { + source(s_all); + filter(f_user); + rewrite(r_strip); + destination(df_user); +}; + +############################################################ +## sympa.log + +filter f_sympa { program("^(sympa|bounced|archived|task_manager)"); }; +destination d_sympa { file("/var/log/sympa.log"); }; +log { + source(s_all); + filter(f_sympa); + rewrite(r_strip); + destination(d_sympa); + flags(final); +}; + +############################################################ +## wwsympa.log + +filter f_wwsympa { program("^wwsympa"); }; +destination d_wwsympa { file("/var/log/wwsympa.log"); }; +log { + source(s_all); + filter(f_wwsympa); + rewrite(r_strip); + destination(d_wwsympa); + flags(final); +}; + +############################################################ +## ldap.log + +filter f_ldap { program("slapd"); }; +destination d_ldap { file("/var/log/ldap.log"); }; +log { + source(s_all); + filter(f_ldap); + rewrite(r_strip); + destination(d_ldap); + flags(final); +}; + +############################################################ +## postfix.log + +# special source because of chroot jail +#source s_postfix { unix-stream("/var/spool/postfix/dev/log" keep-alive(yes)); }; +filter f_postfix { program("^postfix/"); }; +destination d_postfix { file("/var/log/postfix.log"); }; +log { + source(s_all); + filter(f_postfix); + rewrite(r_strip); + destination(d_postfix); + flags(final); +}; + +############################################################ +## courier.log + +filter f_courier { program("courier|imap|pop"); }; +destination d_courier { file("/var/log/courier.log"); }; +log { + source(s_all); + filter(f_courier); + rewrite(r_strip); + destination(d_courier); + flags(final); +}; + +############################################################ +## maildrop.log + +filter f_maildrop { program("^maildrop"); }; +destination d_maildrop { file("/var/log/maildrop.log"); }; +log { + source(s_all); + filter(f_maildrop); + rewrite(r_strip); + destination(d_courier); + flags(final); +}; + +############################################################ +## mail.log + +filter f_mail { facility(mail); }; +destination df_mail { file("/var/log/mail.log"); }; + +log { + source(s_all); + filter(f_mail); + rewrite(r_strip); + destination(df_mail); +}; + +############################################################ +## messages.log + +filter f_messages { + level(debug,info,notice) + and not facility(auth,authpriv,daemon,mail,user,kern); +}; +destination df_messages { file("/var/log/messages.log"); }; +log { + source(s_all); + filter(f_messages); + rewrite(r_strip); + destination(df_messages); +}; + +############################################################ +## errors.log + +filter f_errors { + level(warn,err,crit,alert,emerg) + and not facility(auth,authpriv,daemon,mail,user,kern); +}; +destination df_errors { file("/var/log/errors.log"); }; +log { + source(s_all); + filter(f_errors); + rewrite(r_strip); + destination(df_errors); +}; + +############################################################ +## emergencies + +filter f_emerg { level(emerg); }; +destination du_all { usertty("*"); }; +log { + source(s_all); + filter(f_emerg); + rewrite(r_strip); + destination(du_all); +}; + +############################################################ +## console messages + +filter f_xconsole { + facility(daemon,mail) + or level(debug,info,notice,warn) + or (facility(news) + and level(crit,err,notice)); +}; +destination dp_xconsole { pipe("/dev/xconsole"); }; +log { + source(s_all); + filter(f_xconsole); + rewrite(r_strip); + destination(dp_xconsole); +}; ### # Include all config files in /etc/syslog-ng/conf.d/ ### @include "/etc/syslog-ng/conf.d/*.conf" - |