@version: 3.0 # # Configuration file for syslog-ng under Debian. # Customized for sarava.org, originally developed by riseup.net # # see http://www.campin.net/syslog-ng/expanded-syslog-ng.conf # for examples. # # levels: emerg alert crit err warning notice info debug # ############################################################ ## global options options { chain_hostnames(0); time_reopen(10); time_reap(360); flush_lines(0); log_fifo_size(2048); create_dirs(yes); group(adm); perm(0640); dir_perm(0755); use_dns(no); }; ############################################################ ## universal source source s_all { internal(); unix-stream("/dev/log"); <% if (@log_kernel_msgs == true) -%> file("/proc/kmsg" program_override("kernel")); <% end -%> }; ############################################################ ## generic destinations destination df_facility_dot_info { file("/var/log/$FACILITY.info"); }; destination df_facility_dot_notice { file("/var/log/$FACILITY.notice"); }; destination df_facility_dot_warn { file("/var/log/$FACILITY.warn"); }; destination df_facility_dot_err { file("/var/log/$FACILITY.err"); }; destination df_facility_dot_crit { file("/var/log/$FACILITY.crit"); }; ############################################################ ## generic filters and rewrites # strip IP addresses # regexp thanks to micah and dsyslog rewrite r_strip {subst("(25[0-5]|2[0-4][0-9]|[0-1]?[0-9]?[0-9])([\\.\\-](25[0-5]|2[0-4][0-9]|[0-1]?[0-9]?[0-9])){3}", "0.0.0.0", value("MESSAGE"), flags("global"));}; filter f_at_least_info { level(info..emerg); }; filter f_at_least_notice { level(notice..emerg); }; filter f_at_least_warn { level(warn..emerg); }; filter f_at_least_err { level(err..emerg); }; filter f_at_least_crit { level(crit..emerg); }; ############################################################ ## auth.log filter f_auth { facility(auth, authpriv); }; destination df_auth { file("/var/log/auth.log"); }; log { source(s_all); filter(f_auth); rewrite(r_strip); destination(df_auth); }; ############################################################ ## daemon.log filter f_daemon { facility(daemon); }; destination df_daemon { file("/var/log/daemon.log"); }; log { source(s_all); filter(f_daemon); rewrite(r_strip); destination(df_daemon); }; ############################################################ ## kern.log filter f_kern { facility(kern); }; destination df_kern { file("/var/log/kern.log"); }; log { source(s_all); filter(f_kern); rewrite(r_strip); destination(df_kern); }; ############################################################ ## user.log filter f_user { facility(user); }; destination df_user { file("/var/log/user.log"); }; log { source(s_all); filter(f_user); rewrite(r_strip); destination(df_user); }; ############################################################ ## sympa.log filter f_sympa { program("^(sympa|bounced|archived|task_manager)"); }; destination d_sympa { file("/var/log/sympa.log"); }; log { source(s_all); filter(f_sympa); rewrite(r_strip); destination(d_sympa); flags(final); }; ############################################################ ## wwsympa.log filter f_wwsympa { program("^wwsympa"); }; destination d_wwsympa { file("/var/log/wwsympa.log"); }; log { source(s_all); filter(f_wwsympa); rewrite(r_strip); destination(d_wwsympa); flags(final); }; ############################################################ ## ldap.log filter f_ldap { program("slapd"); }; destination d_ldap { file("/var/log/ldap.log"); }; log { source(s_all); filter(f_ldap); rewrite(r_strip); destination(d_ldap); flags(final); }; ############################################################ ## postfix.log # special source because of chroot jail #source s_postfix { unix-stream("/var/spool/postfix/dev/log" keep-alive(yes)); }; filter f_postfix { program("^postfix/"); }; destination d_postfix { file("/var/log/postfix.log"); }; log { source(s_all); filter(f_postfix); rewrite(r_strip); destination(d_postfix); flags(final); }; ############################################################ ## courier.log filter f_courier { program("courier|imap|pop"); }; destination d_courier { file("/var/log/courier.log"); }; log { source(s_all); filter(f_courier); rewrite(r_strip); destination(d_courier); flags(final); }; ############################################################ ## maildrop.log filter f_maildrop { program("^maildrop"); }; destination d_maildrop { file("/var/log/maildrop.log"); }; log { source(s_all); filter(f_maildrop); rewrite(r_strip); destination(d_courier); flags(final); }; ############################################################ ## mail.log filter f_mail { facility(mail); }; destination df_mail { file("/var/log/mail.log"); }; log { source(s_all); filter(f_mail); rewrite(r_strip); destination(df_mail); }; ############################################################ ## messages.log filter f_messages { level(debug,info,notice) and not facility(auth,authpriv,daemon,mail,user,kern); }; destination df_messages { file("/var/log/messages.log"); }; log { source(s_all); filter(f_messages); rewrite(r_strip); destination(df_messages); }; ############################################################ ## errors.log filter f_errors { level(warn,err,crit,alert,emerg) and not facility(auth,authpriv,daemon,mail,user,kern); }; destination df_errors { file("/var/log/errors.log"); }; log { source(s_all); filter(f_errors); rewrite(r_strip); destination(df_errors); }; ############################################################ ## emergencies filter f_emerg { level(emerg); }; destination du_all { usertty("*"); }; log { source(s_all); filter(f_emerg); rewrite(r_strip); destination(du_all); }; ############################################################ ## console messages filter f_xconsole { facility(daemon,mail) or level(debug,info,notice,warn) or (facility(news) and level(crit,err,notice)); }; destination dp_xconsole { pipe("/dev/xconsole"); }; log { source(s_all); filter(f_xconsole); rewrite(r_strip); destination(dp_xconsole); };