For When You Can't Have The Real Thing
[ start | index | login ]
start > Sun > Syslog-ng

Syslog-ng

Created by dave. Last edited by dave, 8 years and 305 days ago. Viewed 3,951 times. #3
[diff] [history] [edit] [rdf]
labels
attachments

Sample syslog-ng.conf for Solaris

Beware, this wiki software turns the dot-dot-dot into a single character unicode thing ( … ) that syslog-ng doesn't understand.

# syslog-ng.conf
#
# 1002.10 David Mackintosh
#

# Generic Format: log ($SOURCE, [$FILTER, [$FILTER, [...]] $DESTINATION

# Note that you have to define your sources, filters, and destinations # before you can use them.

# Program Options:

options { # use_fqdn(yes); # use_dns(yes); # dns_cache(yes); keep_hostname(yes); long_hostnames(off); sync(0); log_fifo_size(1024); };

# Sources:

source all_src { internal(); # messages from syslog-ng udp(); # messages from remote systems sun-streams("/dev/log" door("/etc/.syslog_door")); # local messages from the hosting sun };

# Filters: # Severities: I like filters set up this way as they simulate the effects of # traditional syslog.conf format. # filter f_notice { level(notice ... emerg);}; filter f_info { level(info ... emerg);}; filter f_debug { level(debug ... emerg);};

# If mail is going to a specific place, I like to keep it out of other places.

filter f_not_mail { not facility(mail); }; filter f_mail { facility(mail); };

# Destinations: # The leading "\n" character in the template is to work-around # a bug with netscreen syslogging.

destination messages { file("/var/adm/messages" template("\n$ISODATE $HOST $MSG"));}; destination syslog { file("/var/log/syslog");}; destination maillog { file("/var/log/maillog");};

# Magic per-host destinations: # Magic per-host destination (good for central syslog hosts). # Note that $HOST is the name of the system sending the update, NOT the # originating system (ie in a scenario where one log concentrator sends # logs on to another concentrator: if Host A sends to Host B, and host B # sends on to host C, which has this type of destination, then $HOST is # going to be B, even though the message originated on A.)

destination debug-per-host { file("/var/log/HOSTS/$HOST/debug.$YEAR-$MONTH-$DAY" owner(root) group(root) perm(0600) dir_perm(0700) template("\n$ISODATE $HOST $MSG") create_dirs(yes)); };

# Glue it all together:

log { source(all_src); filter(f_not_mail); filter(f_info); destination(messages); }; log { source(all_src); filter(f_mail); filter(f_info); destination(maillog); }; log { source(all_src); filter(f_debug); destination(debug-per-host); };

no comments | post comment
This is a collection of techical information, much of it learned the hard way. Consider it a lab book or a /info directory. I doubt much of it will be of use to anyone else.

Useful:


snipsnap.org | Copyright 2000-2002 Matthias L. Jugel and Stephan J. Schmidt