Re: Followup: Syslog
- To: debian-security@lists.debian.org
- Subject: Re: Followup: Syslog
- From: Kenneth Vestergaard Schmidt <charon@debian.org>
- Date: Sun, 15 Apr 2001 22:55:46 +0200
- Message-id: <01041522554600.05077@silence>
- In-reply-to: <01041400083606.00484@silence>
- References: <01041400083606.00484@silence>
I've decided to try an either make my own syslogger, or contribute/modify one
of the existing. The current sysklogd simply doesn't meet my needs or demands.
Until I complete my "quest", here's my current syslog.conf, which I
personally believe to be better. Some people really like one big log - just
add a line saying something like "*.* -/var/log/syslog".
Please bear over with any errors, and the bad layout :)
P.S.: I hope it's not a cardinal sin to attach it, but it's only 1985 bytes.
Regards
Kenneth
# /etc/syslog.conf Configuration file for syslogd.
#
# For more information see syslog.conf(5)
# manpage.
#
# First some standard logfiles. Log by facility.
#
# Authentication?
auth,authpriv.* /var/log/auth.log
# This is evil :) Logs everything except auth/authpriv to syslog (I hate it.)
#*.*; auth,authpriv.none; -/var/log/syslog
#*.* /var/log/syslog
#cron.* /var/log/cron.log
daemon.* -/var/log/daemon.log
kern.*;kern.!=info;\
kern.!=debug -/var/log/kern.log
kern.info /var/log/kern.info
lpr.* -/var/log/lpr.log
#mail.* /var/log/mail.log
user.* -/var/log/user.log
uucp.* -/var/log/uucp.log
#
# Logging for the mail system. Split it up so that
# it is easy to write scripts to parse these files.
#
# Modified, so there's no duplicate info!
mail.debug;mail.!warning -/var/log/mail.info
mail.=warning -/var/log/mail.warning
mail.err /var/log/mail.err
# Logging for INN news system
#
news.crit /var/log/news/news.crit
news.=err /var/log/news/news.err
news.notice;news.!err -/var/log/news/news.notice
news.debug;news.!notice -/var/log/news/new.info
#
# Some `catch-all' logfiles.
#
*.=debug;\
auth,authpriv.none;\
news.none;mail.none; -/var/log/debug
*.=info;*.=notice;*.=warn;\
auth,authpriv.none;\
cron,daemon.none;\
kern.!=info;\
mail,news.none -/var/log/messages
#
# Emergencies are sent to everybody logged in.
#
*.emerg *
#
# I like to have messages displayed on the console, but only on a virtual
# console I usually leave idle.
#
#daemon,mail.*;\
# news.=crit;news.=err;news.=notice;\
# *.=debug;*.=info;\
# *.=notice;*.=warn /dev/tty8
# The named pipe /dev/xconsole is for the `xconsole' utility. To use it,
# you must invoke `xconsole' with the `-file' option:
#
# $ xconsole -file /dev/xconsole [...]
#
# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
# busy site..
#
daemon.*;mail.*;\
news.crit;news.err;news.notice;\
*.=debug;*.=info;\
*.=notice;*.=warn |/dev/xconsole
Reply to: