1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
|
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN" "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd" [
<!ENTITY % general-entities SYSTEM "../general.ent">
%general-entities;
]>
<sect1 id="ch-system-syslogng" xreflabel="Syslog-ng" role="wrap">
<title>Syslog-ng-&syslog-ng-version;</title>
<?dbhtml filename="syslogng.html"?>
<indexterm zone="ch-system-syslogng"><primary sortas="a-Syslogng">Syslog-ng</primary></indexterm>
<sect2 role="package"><title/>
<para>The Syslog-ng package contains programs for logging system messages, such
as those given by the kernel when unusual things happen.</para>
<segmentedlist>
<segtitle>&buildtime;</segtitle>
<segtitle>&diskspace;</segtitle>
<seglistitem><seg>Unchecked</seg><seg>Unchecked</seg></seglistitem>
</segmentedlist>
<segmentedlist>
<segtitle>Syslog-ng installation depends on</segtitle>
<seglistitem><seg>Unchecked</seg></seglistitem>
</segmentedlist>
</sect2>
<sect2 role="installation">
<title>Installation of Syslog-ng</title>
<para>Prepare Syslog-ng for compilation:</para>
<screen><userinput>./configure --prefix=/usr --sysconfdir=/etc</userinput></screen>
<para>Compile the package:</para>
<screen><userinput>make</userinput></screen>
<para>Install the package:</para>
<screen><userinput>make install</userinput></screen>
</sect2>
<sect2 id="conf-syslogng" role="configuration"><title>Configuring Syslog-ng</title>
<indexterm zone="conf-syslogng">
<primary sortas="a-Syslogng">Syslog-ng</primary>
<secondary>configuring</secondary></indexterm>
<indexterm zone="conf-syslogng"><primary sortas="e-/etc/syslog-ng/syslog-ng.conf">/etc/syslog-ng/syslog-ng.conf</primary></indexterm>
<para>Create a new <filename>/etc/syslog-ng/syslog-ng.conf</filename> file by
running the following:</para>
<screen><userinput>mkdir -p /etc/syslog-ng
cat > /etc/syslog-ng/syslog-ng.conf << "EOF"
<literal># Begin /etc/syslog-ng/syslog-ng.conf
options { sync (0);
time_reopen (10);
log_fifo_size (1000);
long_hostnames(off);
use_dns (no);
use_fqdn (no);
create_dirs (no);
keep_hostname (yes);
};
source src { unix-stream("/dev/log");
internal();
pipe("/proc/kmsg");
};
destination authlog { file("/var/log/authorize.log"); };
destination syslog { file("/var/log/syslog.log"); };
destination cron { file("/var/log/cron.log"); };
destination daemon { file("/var/log/daemon.log"); };
destination kernel { file("/var/log/kernel.log"); };
destination lpr { file("/var/log/lpr.log"); };
destination user { file("/var/log/user.log"); };
destination uucp { file("/var/log/uucp.log"); };
destination mail { file("/var/log/mail.log"); };
destination news { file("/var/log/news.log"); };
destination debug { file("/var/log/debug.log"); };
destination messages { file("/var/log/messages.log"); };
destination everything { file("/var/log/everything.log"); };
destination console { usertty("root"); };
destination console_all { file("/dev/tty12"); };
filter f_auth { facility(auth); };
filter f_authpriv { facility(auth, authpriv); };
filter f_syslog { not facility(authpriv, mail); };
filter f_cron { facility(cron); };
filter f_daemon { facility(daemon); };
filter f_kernel { facility(kern); };
filter f_lpr { facility(lpr); };
filter f_mail { facility(mail); };
filter f_news { facility(news); };
filter f_user { facility(user); };
filter f_uucp { facility(uucp); };
filter f_debug { not facility(auth, authpriv, news, mail); };
filter f_messages { level(info..warn) and not facility(auth, authpriv, mail, news); };
filter f_everything { level(debug..emerg) and not facility(auth, authpriv); };
filter f_emergency { level(emerg); };
filter f_info { level(info); };
filter f_notice { level(notice); };
filter f_warn { level(warn); };
filter f_crit { level(crit); };
filter f_err { level(err); };
log { source(src); filter(f_authpriv); destination(authlog); };
log { source(src); filter(f_syslog); destination(syslog); };
log { source(src); filter(f_cron); destination(cron); };
log { source(src); filter(f_daemon); destination(daemon); };
log { source(src); filter(f_kernel); destination(kernel); };
log { source(src); filter(f_lpr); destination(lpr); };
log { source(src); filter(f_mail); destination(mail); };
log { source(src); filter(f_news); destination(news); };
log { source(src); filter(f_user); destination(user); };
log { source(src); filter(f_uucp); destination(uucp); };
log { source(src); filter(f_debug); destination(debug); };
log { source(src); filter(f_messages); destination(messages); };
log { source(src); filter(f_emergency); destination(console); };
log { source(src); filter(f_everything); destination(everything); };
log { source(src); destination(console_all); };
# END /etc/syslog-ng/syslog-ng.conf</literal>
EOF</userinput></screen>
</sect2>
<sect2 id="contents-syslogng" role="content"><title>Contents of Syslog-ng</title>
<segmentedlist>
<segtitle>Installed programs</segtitle>
<seglistitem><seg>Unchecked</seg></seglistitem>
</segmentedlist>
<variablelist><bridgehead renderas="sect3">Short Descriptions</bridgehead>
<?dbfo list-presentation="list"?>
<varlistentry id="syslog-ng">
<term><command>syslog-ng</command></term>
<listitem>
<indexterm zone="ch-system-syslogng"><primary sortas="b-syslog-ng">syslog-ng</primary></indexterm>
<para>Logs the messages that system programs
offer for logging. Every logged message contains at least a date stamp and a
hostname, and normally the program's name too, but that depends on how
trusting the logging daemon is told to be.</para>
</listitem>
</varlistentry>
</variablelist>
</sect2>
</sect1>
|
