Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # /etc/rsyslog.conf Configuration file for rsyslog.
- #
- # For more information see
- # /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html
- #################
- #### MODULES ####
- #################
- $MaxMessageSize 64k
- module(load="imuxsock") # provides support for local system logging
- #module(load="imklog") # provides kernel logging support
- #module(load="immark") # provides --MARK-- message capability
- module(load="imfile" PollingInterval="10")
- # provides UDP syslog reception
- module(load="imudp")
- input(type="imudp" port="514")
- # provides TCP syslog reception
- module(load="imtcp")
- input(type="imtcp" port="514")
- ###########################
- #### GLOBAL DIRECTIVES ####
- ###########################
- #
- # Use traditional timestamp format.
- # To enable high precision timestamps, comment out the following line.
- #
- #$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
- #
- # Set the default permissions for all log files.
- #
- $FileOwner root
- $FileGroup adm
- $FileCreateMode 0640
- $DirCreateMode 0755
- $Umask 0022
- #
- # Where to place spool and state files
- #
- $WorkDirectory /var/spool/rsyslog
- #
- # Include all config files in /etc/rsyslog.d/
- #
- $IncludeConfig /etc/rsyslog.d/*.conf
- ###############
- #### RULES ####
- ###############
- #
- # First some standard log files. Log by facility.
- #
- auth,authpriv.* /var/log/auth.log
- *.*;auth,authpriv.none -/var/log/syslog
- #cron.* /var/log/cron.log
- daemon.* -/var/log/daemon.log
- kern.* -/var/log/kern.log
- lpr.* -/var/log/lpr.log
- mail.* -/var/log/mail.log
- user.* -/var/log/user.log
- #
- # Logging for the mail system. Split it up so that
- # it is easy to write scripts to parse these files.
- #
- mail.info -/var/log/mail.info
- mail.warn -/var/log/mail.warn
- mail.err /var/log/mail.err
- #
- # Some "catch-all" log files.
- #
- *.=debug;
- auth,authpriv.none;
- news.none;mail.none -/var/log/debug
- *.=info;*.=notice;*.=warn;
- auth,authpriv.none;
- cron,daemon.none;
- mail,news.none -/var/log/messages
- #
- # Emergencies are sent to everybody logged in.
- #
- *.emerg :omusrmsg:*
- $template DatadogFormat,"xxxxxxxxxxxxxxxxxxxx <%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% - - - %msg%n"
- ruleset(name="infiles") {
- action(type="omfwd" target="intake.logs.datadoghq.com" protocol="tcp" port="514" template="DatadogFormat")
- }
- input(type="imfile" ruleset="infiles" Tag="mkmd" File="/var/log/apache2/access.log")
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement