Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # /etc/rsyslog.conf configuration file for rsyslog
- #
- # For more information install rsyslog-doc and see
- # /usr/share/doc/rsyslog-doc/html/configuration/index.html
- #################
- #### MODULES ####
- #################
- module(load="imuxsock") # provides support for local system logging
- module(load="imklog") # provides kernel logging support
- module(load="immark") # provides --MARK-- message capability
- # provides UDP syslog reception
- #module(load="imudp")
- #input(type="imudp" port="514")
- # provides TCP syslog reception
- #module(load="imtcp")
- #input(type="imtcp" port="514")
- ###########################
- #### GLOBAL DIRECTIVES ####
- ###########################
- #
- # Use traditional timestamp format.
- # To enable high precision timestamps, comment out the following line.
- #
- $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
- #
- # Set the default permissions for all log files.
- #
- $FileOwner root
- $FileGroup adm
- $FileCreateMode 0777
- $DirCreateMode 0777
- $Umask 0022
- #
- # Where to place spool and state files
- #
- $WorkDirectory /var/spool/rsyslog
- #
- # Include all config files in /etc/rsyslog.d/
- #
- $IncludeConfig /etc/rsyslog.d/*.conf
- ###############
- #### RULES ####
- ###############
- *.=info /var/log/info.log
- & stop
- if $msg contains 'bookstore' and $syslogseverity != 6 and $timestamp % 86400 >= 28800 and $timestamp % 86400 <= 57600 then /var/log/bookstore.log
- if $msg contains 'bookstore' and $syslogseverity != 6 and ($timestamp % 86400 < 28800 or $timestamp % 86400 > 57600) then /var/log/afterhours.log
- kern.* /var/log/kern.log
- auth.* /var/log/auth.log
- *.*;auth,authpriv,kern.none /var/log/syslog
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement