Archive

Archive for April, 2007

syslog-ng

April 25th, 2007 No comments

Syslog-NG ist eine deutliche Verbesserung des alten Syslog daemons. Die Syntax und das Konzept ist jedoch nicht auf Anhieb klar.
Auf folgender Seite ist das Ganze gut dokumentiert und mit Beispielen hinterlegt:

http://www.reintechnisch.de/Inhalt/computer/admin/syslog-ng.html

Nach kurzer Zeit entstand für mich folgende Config:

# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.conf.gentoo,v 1.5 2005/05/12 05:46:10 mr_bones_ Exp $
#
# Syslog-ng default configuration file for Gentoo Linux
# contributed by Michael Sterrett

options {
chain_hostnames(off);
sync(0);

# The default action of syslog-ng 1.6.0 is to log a STATS line
# to the file every 10 minutes. That’s pretty ugly after a while.
# Change it to every 12 hours so you get a nice daily update of
# how many messages syslog-ng missed (0).
stats(43200);
};

source src { unix-stream(“/dev/log”); internal(); pipe(“/proc/kmsg”); };

destination messages { file(“/var/log/messages”); };
destination d_mail { file(“/var/log/mail”); };

# By default messages are logged to tty12…
destination console_all { file(“/dev/tty12”); };
# …if you intend to use /dev/console for programs like xconsole
# you can comment out the destination line above that references /dev/tty12
# and uncomment the line below.
#destination console_all { file(“/dev/console”); };

filter f_mail { facility(mail); };
filter fr_mail { not facility(mail); };

# /var/log/messages
# – all we do not log elsewhere
log { source(src);
destination(messages);
filter(fr_mail);
};

# /var/log/mail
# – all mail shit
log { source(src); filter(f_mail); destination(d_mail); };

# console
# – the rest
log { source(src); destination(console_all); };

Categories: Uncategorized Tags: