catkin

For rsyslog mailing list 10 Jul 2016

Jul 10th, 2016
56
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. # /etc/rsyslog.conf Configuration file for rsyslog.
  2. #
  3. # For more information see
  4. # /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html
  5.  
  6. # 10 Jul 2016 Charles for Task #2170
  7. # * Exploratory config to generate per-day clients' logs with the accustomed
  8. # Debian log names (auth.log, daemon.log, debug.log, kern.log, mail.error,
  9. # mail.info, mail.log, mail.warn, messages, syslog and user.log) and
  10. # content
  11.  
  12. #################
  13. #### MODULES ####
  14. #################
  15.  
  16. module(load="imuxsock") # provides support for local system logging
  17. module(load="imklog") # provides kernel logging support
  18. #module(load="immark") # provides --MARK-- message capability
  19.  
  20. # provides UDP syslog reception
  21. module(load="imudp")
  22. input(type="imudp" port="514")
  23.  
  24. # provides TCP syslog reception
  25. #module(load="imtcp")
  26. #input(type="imtcp" port="514")
  27.  
  28. # Change omfile's default parameters (so they do not have to be set in every action)
  29. # @@@@@ Setting tempate MyMsgFormat here was not effective
  30. module(
  31. load="builtin:omfile"
  32. dirCreateMode="0750"
  33. dirGroup="adm"
  34. dirOwner="root"
  35. fileCreateMode="0640"
  36. fileGroup="adm"
  37. fileOwner="root"
  38. #template="MyMsgFormat"
  39. )
  40.  
  41. ###########################
  42. #### GLOBAL DIRECTIVES ####
  43. ###########################
  44.  
  45. #
  46. # Use traditional timestamp format.
  47. # To enable high precision timestamps, comment out the following line.
  48. #
  49. $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
  50.  
  51. #
  52. # Set the default permissions for all local log files.
  53. #
  54. $FileOwner root
  55. $FileGroup adm
  56. $FileCreateMode 0640
  57. $DirCreateMode 0755
  58. $Umask 0022
  59.  
  60. #
  61. # Where to place spool and state files
  62. #
  63. $WorkDirectory /var/spool/rsyslog
  64.  
  65. # Exploratory config @@@@@ move to /etc/rsyslog.d/ when working
  66. template (name="PerHostPerDayAuthLog" type="string" string="/var/log/%HOSTNAME%/%$YEAR%-%$MONTH%-%$DAY%.auth.log")
  67. template (name="PerHostPerDayDaemonLog" type="string" string="/var/log/%HOSTNAME%/%$YEAR%-%$MONTH%-%$DAY%.daemon.log")
  68. template (name="PerHostPerDayDebugLog" type="string" string="/var/log/%HOSTNAME%/%$YEAR%-%$MONTH%-%$DAY%.debug.log")
  69. template (name="PerHostPerDayKernLog" type="string" string="/var/log/%HOSTNAME%/%$YEAR%-%$MONTH%-%$DAY%.kern.log")
  70. template (name="PerHostPerDayMailError" type="string" string="/var/log/%HOSTNAME%/%$YEAR%-%$MONTH%-%$DAY%.mail.error")
  71. template (name="PerHostPerDayMailInfo" type="string" string="/var/log/%HOSTNAME%/%$YEAR%-%$MONTH%-%$DAY%.mail.info")
  72. template (name="PerHostPerDayMailLog" type="string" string="/var/log/%HOSTNAME%/%$YEAR%-%$MONTH%-%$DAY%.mail.log")
  73. template (name="PerHostPerDayMailWarn" type="string" string="/var/log/%HOSTNAME%/%$YEAR%-%$MONTH%-%$DAY%.mail.warn")
  74. template (name="PerHostPerDayMessages" type="string" string="/var/log/%HOSTNAME%/%$YEAR%-%$MONTH%-%$DAY%.messages")
  75. template (name="PerHostPerDaySyslog" type="string" string="/var/log/%HOSTNAME%/%$YEAR%-%$MONTH%-%$DAY%.syslog")
  76. template (name="PerHostPerDayUserLog" type="string" string="/var/log/%HOSTNAME%/%$YEAR%-%$MONTH%-%$DAY%.user.log")
  77.  
  78. template (name="MyMsgFormat" type="string"
  79. string="%TIMESTAMP:::date-rfc3339% %HOSTNAME:R:^[^.]*\\.[^.]*--end:% %syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n"
  80. )
  81.  
  82. ruleset(name="imudp"){
  83. auth,authpriv.* action(type="omfile" dynaFile="PerHostPerDayAuthLog" template="MyMsgFormat")
  84. *.*;auth,authpriv.none action(type="omfile" dynaFile="PerHostPerDaySyslog" template="MyMsgFormat")
  85. daemon.* action(type="omfile" dynaFile="PerHostPerDayDaemonLog" template="MyMsgFormat")
  86. kern.* action(type="omfile" dynaFile="PerHostPerDayKernLog" template="MyMsgFormat")
  87. mail.* action(type="omfile" dynaFile="PerHostPerDayMailLog" template="MyMsgFormat")
  88. user.* action(type="omfile" dynaFile="PerHostPerDayUserLog" template="MyMsgFormat")
  89. mail.info action(type="omfile" dynaFile="PerHostPerDayMailInfo" template="MyMsgFormat")
  90. mail.warn action(type="omfile" dynaFile="PerHostPerDayMailWarn" template="MyMsgFormat")
  91. mail.err action(type="omfile" dynaFile="PerHostPerDayMailError" template="MyMsgFormat")
  92. *.=debug;\
  93. auth,authpriv.none;\
  94. news.none;mail.none action(type="omfile" dynaFile="PerHostPerDayDebugLog" template="MyMsgFormat")
  95. *.=info;*.=notice;*.=warn;\
  96. auth,authpriv.none;\
  97. cron,daemon.none;\
  98. mail,news.none action(type="omfile" dynaFile="PerHostPerDayMessages" template="MyMsgFormat")
  99. }
  100. input(type="imudp" port="514" ruleset="imudp")
  101.  
  102. #
  103. # Include all config files in /etc/rsyslog.d/
  104. #
  105. $IncludeConfig /etc/rsyslog.d/*.conf
  106.  
  107.  
  108. ###############
  109. #### RULES ####
  110. ###############
  111.  
  112. #
  113. # First some standard log files. Log by facility.
  114. #
  115. auth,authpriv.* /var/log/auth.log
  116. *.*;auth,authpriv.none -/var/log/syslog
  117. #cron.* /var/log/cron.log
  118. daemon.* -/var/log/daemon.log
  119. kern.* -/var/log/kern.log
  120. lpr.* -/var/log/lpr.log
  121. mail.* -/var/log/mail.log
  122. user.* -/var/log/user.log
  123.  
  124. #
  125. # Logging for the mail system. Split it up so that
  126. # it is easy to write scripts to parse these files.
  127. #
  128. mail.info -/var/log/mail.info
  129. mail.warn -/var/log/mail.warn
  130. mail.err /var/log/mail.err
  131.  
  132. #
  133. # Logging for INN news system.
  134. #
  135. news.crit /var/log/news/news.crit
  136. news.err /var/log/news/news.err
  137. news.notice -/var/log/news/news.notice
  138.  
  139. #
  140. # Some "catch-all" log files.
  141. #
  142. *.=debug;\
  143. auth,authpriv.none;\
  144. news.none;mail.none -/var/log/debug
  145. *.=info;*.=notice;*.=warn;\
  146. auth,authpriv.none;\
  147. cron,daemon.none;\
  148. mail,news.none -/var/log/messages
  149.  
  150. #
  151. # Emergencies are sent to everybody logged in.
  152. #
  153. *.emerg :omusrmsg:*
RAW Paste Data