| 1 | # /etc/rsyslog.conf Configuration file for rsyslog. |
| 2 | # |
| 3 | # For more information see |
| 4 | # /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html |
| 5 | |
| 6 | |
| 7 | ################# |
| 8 | #### MODULES #### |
| 9 | ################# |
| 10 | |
| 11 | $ModLoad imuxsock # provides support for local system logging |
| 12 | $ModLoad imklog # provides kernel logging support |
| 13 | $ModLoad immark # provides --MARK-- message capability |
| 14 | |
| 15 | # provides UDP syslog reception |
| 16 | $ModLoad imudp |
| 17 | $UDPServerRun 514 |
| 18 | |
| 19 | # provides TCP syslog reception |
| 20 | #$ModLoad imtcp |
| 21 | #$InputTCPServerRun 514 |
| 22 | |
| 23 | |
| 24 | ########################### |
| 25 | #### GLOBAL DIRECTIVES #### |
| 26 | ########################### |
| 27 | |
| 28 | # |
| 29 | # Use traditional timestamp format. |
| 30 | # To enable high precision timestamps, comment out the following line. |
| 31 | # |
| 32 | $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat |
| 33 | |
| 34 | # |
| 35 | # Set the default permissions for all log files. |
| 36 | # |
| 37 | $FileOwner root |
| 38 | $FileGroup adm |
| 39 | $FileCreateMode 0640 |
| 40 | $DirCreateMode 0755 |
| 41 | $Umask 0022 |
| 42 | |
| 43 | # |
| 44 | # Where to place spool and state files |
| 45 | # |
| 46 | $WorkDirectory /var/spool/rsyslog |
| 47 | |
| 48 | # |
| 49 | # Include all config files in /etc/rsyslog.d/ |
| 50 | # |
| 51 | $IncludeConfig /etc/rsyslog.d/*.conf |
| 52 | |
| 53 | |
| 54 | ############### |
| 55 | #### RULES #### |
| 56 | ############### |
| 57 | |
| 58 | # |
| 59 | # First some standard log files. Log by facility. |
| 60 | # |
| 61 | auth,authpriv.* /var/log/auth.log |
| 62 | *.*;auth,authpriv.none -/var/log/syslog |
| 63 | #cron.* /var/log/cron.log |
| 64 | daemon.* -/var/log/daemon.log |
| 65 | kern.* -/var/log/kern.log |
| 66 | lpr.* -/var/log/lpr.log |
| 67 | mail.* -/var/log/mail.log |
| 68 | user.* -/var/log/user.log |
| 69 | |
| 70 | # |
| 71 | # Logging for the mail system. Split it up so that |
| 72 | # it is easy to write scripts to parse these files. |
| 73 | # |
| 74 | mail.info -/var/log/mail.info |
| 75 | mail.warn -/var/log/mail.warn |
| 76 | mail.err /var/log/mail.err |
| 77 | |
| 78 | # |
| 79 | # Logging for INN news system. |
| 80 | # |
| 81 | news.crit /var/log/news/news.crit |
| 82 | news.err /var/log/news/news.err |
| 83 | news.notice -/var/log/news/news.notice |
| 84 | |
| 85 | # |
| 86 | # Some "catch-all" log files. |
| 87 | # |
| 88 | *.=debug;\ |
| 89 | auth,authpriv.none;\ |
| 90 | news.none;mail.none -/var/log/debug |
| 91 | *.=info;*.=notice;*.=warn;\ |
| 92 | auth,authpriv.none;\ |
| 93 | cron,daemon.none;\ |
| 94 | mail,news.none -/var/log/messages |
| 95 | |
| 96 | # |
| 97 | # Emergencies are sent to everybody logged in. |
| 98 | # |
| 99 | *.emerg :omusrmsg:* |
| 100 | |
| 101 | # |
| 102 | # I like to have messages displayed on the console, but only on a virtual |
| 103 | # console I usually leave idle. |
| 104 | # |
| 105 | #daemon,mail.*;\ |
| 106 | # news.=crit;news.=err;news.=notice;\ |
| 107 | # *.=debug;*.=info;\ |
| 108 | # *.=notice;*.=warn /dev/tty8 |
| 109 | |
| 110 | # The named pipe /dev/xconsole is for the `xconsole' utility. To use it, |
| 111 | # you must invoke `xconsole' with the `-file' option: |
| 112 | # |
| 113 | # $ xconsole -file /dev/xconsole [...] |
| 114 | # |
| 115 | # NOTE: adjust the list below, or you'll go crazy if you have a reasonably |
| 116 | # busy site.. |
| 117 | # |
| 118 | daemon.*;mail.*;\ |
| 119 | news.err;\ |
| 120 | *.=debug;*.=info;\ |
| 121 | *.=notice;*.=warn |/dev/xconsole |