destination file is closed
# (default is 60) _reap (360);
# the number of lines buffered before written to file
# you might want to increase this if your disk is not catching with
# all the log messages you get or if you want less disk activity
# (say on a laptop)
# (default is 0)
# sync (0);
# the number of lines fitting in the output queue_fifo_size (2048);
# enable or disable directory creation for destination files_dirs (yes);
# default owner, group, and permissions for log files
# (defaults are 0, 0, 0 600)
# owner (root); (adm); (0640);
# default owner, group, and permissions for created directories
# (defaults are 0, 0, 0 700)
# dir_owner (root);
# dir_group (root); _ perm (0755);
# enable or disable DNS usage
# syslog-ng blocks on DNS queries, so enabling DNS may lead to
# a Denial of Service attack
# (default is yes) _dns (persist_only);
_ cache_hosts (/ etc/hosts);
# maximum length of message in bytes
# this is only limited by the program listening on the/dev/log Unix
# socket, glibc can handle arbitrary length log messages, but - for
# example - syslogd accepts only тисяча двадцять чотири bytes
# (default is 2048)
# log_msg_size (+2048);
# Disable statistic log messages._freq (0);
# Some program send log messages through a private implementation.
# and sometimes that implementation is bad. If this happen syslog-ng
# may recognise the program name as hostname. Whit this option
# we tell the syslog-ng that if a hostname match this regexp than that
# is not a real hostname._hostname ( ^ gconfd $ );
#_ sleep (20);
};
######
# sources
# all known message sourcess_all {
# message generated by Syslog-NG ();
# standard Linux log source (this is the default place for the syslog ()
# function to send logs to) stream (/dev/log );
# messages from the kernel (/proc/kmsg log_prefix ( kernel: ));
# use the following line if you want to receive remote UDP logging messages
# (this is equivalent to the -r syslogd flag) ();
};
######
# destinations
# some standard log filesdf_auth {file ( /var/log/$HOST/auth.lograquo;); }; df_syslog {file (/var/log/$ HOST/syslog ); }; df_cron {file ( /var/log/$HOST/cron.lograquo;); }; df_daemon {file ( /var/log/$HOST/daemon.lograquo;); }; df_kern {file ( /var/log/$HOST/kern.lograquo;); }; df_lpr {file ( /var/log/$HOST/lpr.lograquo;); }; df_mail {file ( /var/log/$HOST/mail.lograquo;); }; df_user {file ( /var/log/$HOST/user.lograquo;); }; df_uucp {file ( /var/log/$HOST/uucp.lograquo;); }; df_radius {file ( /var/log/$HOST/radius.lograquo;); };
# these files are meant for the mail system log files
# and provide re-usable destinations for {mail, cron, ...}. info,
# {mail, cron, ...}. notice, etc.df_facility_dot_info {file ( /var/log/$HOST/$FACILITY.inforaquo;); }; df_facility_dot_notice {file ( /var/log/$HOST/$FACILITY.noticeraquo;); }; df_facility_dot_warn {file ( /var/log/$HOST/$FACILITY.warnraquo;); }; df_facility_dot_err {file ( /var/log/$HOST/$FACILITY.errraquo;); }; df_facility_dot_crit {file ( /var/log/$HOST/$FACILITY.critraquo;); };
# these files are meant for the news system, and are kept separated
# because they should be owned by news instead of root df_news_dot_notice {file ( /var/log/$HOST/news/news.noticeraquo; owner ( news )); }; df_news_dot_err {file ( /var/log/$HOST/news/news.errraquo; owner ( news )); }; df_news_dot_crit {file ( /var/log/$HOST/news/news.critraquo; owner ( news )); };
# some more classical and useful files found in standard s...
