syslog-ng.conf
@version: 3.2
# We need the above to avoid HOLY CRAP ERROR OUTPUT
#
# File: /etc/syslog-ng/syslog-ng.conf
# Title: Syslog-NG Main Configuration File
# System: Ishikawa
# Version: 1.0
# License: BSD
# Author: Justin Uni Griggs
# References: http://www.gentoo.org/doc/en/security/security-handbook.xml?part=1&chap=3#doc_chap4
# http://lists.centos.org/pipermail/centos/2011-March/108530.html
# Revisions: 1.0
#
#
# Define Basic Options
#
options {
chain_hostnames(no);
#
# Syslog-NG does some silly things. Like posting stats every ten minutes
# and making marks constantly. We're going to reduce stats to once a day
# and marks to once an hour.
#
stats_freq(43200);
mark_freq(3600);
};
#
# Define our Sources
#
# Default /dev/log for Linux
source src { unix-stream("/dev/log" max-connections(256)); internal(); };
# Catch kernel messages
source kernsrc { file("/proc/kmsg"); };
# Define nginx fifo
#source nginx_info { pipe("/var/log/nginx/access.log" program_override("nginx-access-log: ")); };
#source nginx_err { pipe("/var/log/nginx/error.log" program_override("nginx-error-log: ")); };
#
# Define our Destinations
#
# System Default Logs
destination authlog { file("/var/log/syslog-ng/auth.log"); };
destination syslog { file("/var/log/syslog-ng/sys.log"); };
destination cron { file("/var/log/syslog-ng/cron.log"); };
destination daemon { file("/var/log/syslog-ng/daemon.log"); };
destination emergency { file("/var/log/syslog-ng/emergency.log"); };
destination kern { file("/var/log/syslog-ng/kern.log"); };
destination user { file("/var/log/syslog-ng/user.log"); };
destination debug { file("/var/log/syslog-ng/debug.log"); };
destination messages { file("/var/log/syslog-ng/messages.log"); };
destination console { usertty("root"); };
destination console_all { file("/dev/tty12"); };
# Mail Server Logs
destination mail { file("/var/log/syslog-ng/mail.log"); };
destination mailinfo { file("/var/log/syslog-ng/mail.info.log"); };
destination mailwarn { file("/var/log/syslog-ng/mail.warn.log"); };
destination mailerr { file("/var/log/syslog-ng/mail.err.log"); };
# nginx Server Logs
#destination nginxinfo { file("/var/log/syslog-ng/nginx.info.log"); };
#destination nginxerr { file("/var/log/syslog-ng/nginx.err.log"); };
#
# Define Filters
#
filter f_authpriv { facility(auth, authpriv); };
filter f_syslog { not facility(authpriv, mail); };
filter f_cron { facility(cron); };
filter f_daemon { facility(daemon); };
filter f_kern { facility(kern); };
filter f_lpr { facility(lpr); };
filter f_mail { facility(mail); };
filter f_user { facility(user); };
filter f_debug { not facility(auth, authpriv, news, mail); };
filter f_messages { level(info..warn) and not facility(auth, authpriv, mail, news); };
filter f_emergency { level(emerg); };
filter f_info { level(info); };
filter f_notice { level(notice); };
filter f_warn { level(warn); };
filter f_crit { level(crit); };
filter f_err { level(err); };
filter f_failed { message("failed"); };
filter f_denied { message("denied"); };
# nginx Filters
#filter f_nginxinfo { program("nginx-access-log: "); };
#filter f_nginxerr { program("nginx-error-log: "); };
#
# Take the inputs, filter it, output to logs.
#
log { source(src); filter(f_authpriv); destination(authlog); };
log { source(src); filter(f_syslog); destination(syslog); };
log { source(src); filter(f_cron); destination(cron); };
log { source(src); filter(f_daemon); destination(daemon); };
log { source(src); filter(f_emergency); destination(emergency); };
log { source(kernsrc); filter(f_kern); destination(kern); };
log { source(src); filter(f_mail); destination(mail); };
log { source(src); filter(f_user); destination(user); };
log { source(src); filter(f_mail); filter(f_info); destination(mailinfo); };
log { source(src); filter(f_mail); filter(f_warn); destination(mailwarn); };
log { source(src); filter(f_mail); filter(f_err); destination(mailerr); };
log { source(src); filter(f_debug); destination(debug); };
log { source(src); filter(f_messages); destination(messages); };
log { source(src); filter(f_emergency); destination(console); };
log { source(src); destination(console_all); };
# nginx Logging
#log { source(nginx_info); filter(f_nginxinfo); destination(nginxinfo); };
#log { source(nginx_err); filter(f_nginxerr); destination(nginxerr); };
转载于:https://blog.51cto.com/appop/890183