Annotation of /trunk/rsyslog/rsyslog.conf
Parent Directory
| 
Revision Log
Revision 1338 -
(hide annotations)
(download)
Thu Jun 2 17:17:44 2011 UTC (12 years, 11 months ago) by niro
File size: 3998 byte(s)
Thu Jun 2 17:17:44 2011 UTC (12 years, 11 months ago) by niro
File size: 3998 byte(s)
-added rsyslog to the tree with full systemd compat
| 1 | niro | 1338 | # rsyslog v5: load input modules |
| 2 | # If you do not load inputs, nothing happens! | ||
| 3 | # You may need to set the module load path if modules are not found. | ||
| 4 | |||
| 5 | $ModLoad immark.so # provides --MARK-- message capability | ||
| 6 | $ModLoad imuxsock.so # provides support for local system logging (e.g. via logger command) | ||
| 7 | $ModLoad imklog.so # kernel logging (formerly provided by rklogd) | ||
| 8 | |||
| 9 | # Include configuration files from directory | ||
| 10 | $IncludeConfig /etc/rsyslog.d/* | ||
| 11 | |||
| 12 | # Check config syntax on startup and abort if unclean (default off) | ||
| 13 | #$AbortOnUncleanConfig on | ||
| 14 | |||
| 15 | # Reduce repeating messages (default off) | ||
| 16 | #$RepeatedMsgReduction on | ||
| 17 | |||
| 18 | # Log all kernel messages to the console. | ||
| 19 | # Logging much else clutters up the screen. | ||
| 20 | #kern.* /dev/console | ||
| 21 | |||
| 22 | # Log anything (except mail) of level info or higher. | ||
| 23 | # Don't log private authentication messages! | ||
| 24 | *.info;mail.none;authpriv.none;cron.none -/var/log/messages | ||
| 25 | |||
| 26 | # The authpriv file has restricted access. | ||
| 27 | authpriv.* /var/log/secure | ||
| 28 | |||
| 29 | # Log all the mail messages in one place. | ||
| 30 | mail.* -/var/log/maillog | ||
| 31 | |||
| 32 | # Log cron stuff | ||
| 33 | cron.* -/var/log/cron | ||
| 34 | |||
| 35 | # Everybody gets emergency messages | ||
| 36 | *.emerg * | ||
| 37 | |||
| 38 | # Save news errors of level crit and higher in a special file. | ||
| 39 | uucp,news.crit -/var/log/spooler | ||
| 40 | |||
| 41 | # Save boot messages also to boot.log | ||
| 42 | local7.* /var/log/boot.log | ||
| 43 | |||
| 44 | # More configuration examples: | ||
| 45 | # | ||
| 46 | # Remote Logging (we use TCP for reliable delivery) | ||
| 47 | # An on-disk queue is created for this action. If the remote host is | ||
| 48 | # down, messages are spooled to disk and sent when it is up again. | ||
| 49 | #$WorkDirectory /var/spool/rsyslog # where to place spool files | ||
| 50 | #$ActionQueueFileName uniqName # unique name prefix for spool files | ||
| 51 | #$ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible) | ||
| 52 | #$ActionQueueSaveOnShutdown on # save messages to disk on shutdown | ||
| 53 | #$ActionQueueType LinkedList # run asynchronously | ||
| 54 | #$ActionResumeRetryCount -1 # infinety retries if host is down | ||
| 55 | #$ActionResumeInterval 30 # retry interval | ||
| 56 | # remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional | ||
| 57 | #*.* @@remote-host | ||
| 58 | |||
| 59 | # Remote Logging with TCP + SSL/TLS | ||
| 60 | #$DefaultNetstreamDriver gtls | ||
| 61 | #$DefaultNetstreamDriverCAFile /etc/ssl/rsyslog/rsyslog_ca.cert.pem | ||
| 62 | #$DefaultNetstreamDriverCertFile /etc/ssl/rsyslog/rsyslog_CLIENT.cert.pem | ||
| 63 | #$DefaultNetstreamDriverKeyFile /etc/ssl/rsyslog/rsyslog_CLIENT.key.pem | ||
| 64 | #$ActionSendStreamDriverAuthMode x509/name # enable peer authentication | ||
| 65 | #$ActionSendStreamDriverPermittedPeer foo # authorize to send encrypted data to server foo | ||
| 66 | #$ActionSendStreamDriverMode 1 # run driver in TLS-only mode | ||
| 67 | |||
| 68 | # ######### Receiving Messages from Remote Hosts ########## | ||
| 69 | # TCP Syslog Server: | ||
| 70 | #$ModLoad imtcp # provides TCP syslog reception | ||
| 71 | #$TCPServerRun 10514 # start a TCP syslog server at port 10514 | ||
| 72 | |||
| 73 | # TCP + SSL/TLS Syslog Server: | ||
| 74 | #$ModLoad imtcp # provides TCP syslog reception | ||
| 75 | #$DefaultNetstreamDriver gtls # use gnuTLS for data encryption | ||
| 76 | #$DefaultNetstreamDriverCAFile /etc/ssl/rsyslog/rsyslog_ca.cert.pem | ||
| 77 | #$DefaultNetstreamDriverCertFile /etc/ssl/rsyslog/rsyslog_SERVER.cert.pem | ||
| 78 | #$DefaultNetstreamDriverKeyFile /etc/ssl/rsyslog/rsyslog_SERVER.key.pem | ||
| 79 | #$InputTCPServerStreamDriverMode 1 # run driver in TLS-only mode | ||
| 80 | #$InputTCPServerStreamDriverAuthMode x509/name # enable peer authentication | ||
| 81 | #$InputTCPServerStreamDriverPermittedPeer bar # authorize client named bar (one line per client) | ||
| 82 | #$TCPServerRun 10514 # start a TCP syslog server at port 10514 | ||
| 83 | |||
| 84 | # UDP Syslog Server: | ||
| 85 | #$ModLoad imudp.so # provides UDP syslog reception | ||
| 86 | #$UDPServerRun 514 # start a UDP syslog server at standard port 514 | ||
| 87 | |||
| 88 | # RELP Syslog Server: | ||
| 89 | #$ModLoad imrelp # provides RELP syslog reception | ||
| 90 | #$InputRELPServerRun 10515 # start a RELP syslog server at port 10515 |