projects / gentoo.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
version bump to 3.7 series
[gentoo.git] / app-admin / syslog-ng / files / 3.7 / syslog-ng.conf.gentoo.hardened
1 @version: 3.7
2 # Copyright 1999-2011 Gentoo Foundation
3 # Distributed under the terms of the GNU General Public License v2
4 # $Id$
5
6 # https://bugs.gentoo.org/show_bug.cgi?id=426814
7 @include "scl.conf"
8
9 #
10 # Syslog-ng configuration file, compatible with default hardened installations.
11 #
12
13 options {
14         threaded(yes);
15         chain_hostnames(no);
16         stats_freq(43200);
17 };
18
19 source src {
20     unix-dgram("/dev/log");
21     internal();
22 };
23 source kernsrc {
24     file("/proc/kmsg");
25 };
26
27 #source net { udp(); };
28 #log { source(net); destination(net_logs); };
29 #destination net_logs { file("/var/log/HOSTS/$HOST/$YEAR$MONTH$DAY.log"); };
30
31 destination authlog { file("/var/log/auth.log"); };
32 destination _syslog { file("/var/log/syslog"); };
33 destination cron { file("/var/log/cron.log"); };
34 destination daemon { file("/var/log/daemon.log"); };
35 destination kern { file("/var/log/kern.log"); file("/dev/tty12"); };
36 destination lpr { file("/var/log/lpr.log"); };
37 destination user { file("/var/log/user.log"); };
38 destination uucp { file("/var/log/uucp.log"); };
39 #destination ppp { file("/var/log/ppp.log"); };
40 destination mail { file("/var/log/mail.log"); };
41
42 destination avc { file("/var/log/avc.log"); };
43 destination audit { file("/var/log/audit.log"); };
44 destination pax { file("/var/log/pax.log"); };
45 destination grsec { file("/var/log/grsec.log"); };
46
47 destination mailinfo { file("/var/log/mail.info"); };
48 destination mailwarn { file("/var/log/mail.warn"); };
49 destination mailerr { file("/var/log/mail.err"); };
50
51 destination newscrit { file("/var/log/news/news.crit"); };
52 destination newserr { file("/var/log/news/news.err"); };
53 destination newsnotice { file("/var/log/news/news.notice"); };
54
55 destination debug { file("/var/log/debug"); };
56 destination messages { file("/var/log/messages"); };
57 destination console { usertty("root"); };
58 destination console_all { file("/dev/tty12"); };
59 #destination loghost { udp("loghost" port(999)); };
60
61 destination xconsole { pipe("/dev/xconsole"); };
62
63 filter f_auth { facility(auth); };
64 filter f_authpriv { facility(auth, authpriv); };
65 filter f_syslog { not facility(authpriv, mail); };
66 filter f_cron { facility(cron); };
67 filter f_daemon { facility(daemon); };
68 filter f_kern { facility(kern); };
69 filter f_lpr { facility(lpr); };
70 filter f_mail { facility(mail); };
71 filter f_user { facility(user); };
72 filter f_uucp { facility(uucp); };
73 #filter f_ppp { facility(ppp); };
74 filter f_news { facility(news); };
75 filter f_debug { not facility(auth, authpriv, news, mail); };
76 filter f_messages { level(info..warn)
77         and not facility(auth, authpriv, mail, news); };
78 filter f_emergency { level(emerg); };
79
80 filter f_info { level(info); };
81
82 filter f_notice { level(notice); };
83 filter f_warn { level(warn); };
84 filter f_crit { level(crit); };
85 filter f_err { level(err); };
86
87 filter f_avc { message(".*avc: .*"); };
88 filter f_audit { message("^(\\[.*\..*\] |)audit.*") and not message(".*avc: .*"); };
89 filter f_pax { message("^(\\[.*\..*\] |)PAX:.*"); };
90 filter f_grsec { message("^(\\[.*\..*\] |)grsec:.*"); };
91
92 log { source(src); filter(f_authpriv); destination(authlog); };
93 log { source(src); filter(f_syslog); destination(_syslog); };
94 log { source(src); filter(f_cron); destination(cron); };
95 log { source(src); filter(f_daemon); destination(daemon); };
96 log { source(kernsrc); filter(f_kern); destination(kern); };
97 log { source(src); filter(f_lpr); destination(lpr); };
98 log { source(src); filter(f_mail); destination(mail); };
99 log { source(src); filter(f_user); destination(user); };
100 log { source(src); filter(f_uucp); destination(uucp); };
101 log { source(kernsrc); filter(f_pax); destination(pax); };
102 log { source(kernsrc); filter(f_grsec); destination(grsec); };
103 log { source(kernsrc); filter(f_audit); destination(audit); };
104 log { source(kernsrc); filter(f_avc); destination(avc); };
105 log { source(src); filter(f_mail); filter(f_info); destination(mailinfo); };
106 log { source(src); filter(f_mail); filter(f_warn); destination(mailwarn); };
107 log { source(src); filter(f_mail); filter(f_err); destination(mailerr); };
108 log { source(src); filter(f_news); filter(f_crit); destination(newscrit); };
109 log { source(src); filter(f_news); filter(f_err); destination(newserr); };
110 log { source(src); filter(f_news); filter(f_notice); destination(newsnotice); };
111 log { source(src); filter(f_debug); destination(debug); };
112 log { source(src); filter(f_messages); destination(messages); };
113 log { source(src); filter(f_emergency); destination(console); };
114 #log { source(src); filter(f_ppp); destination(ppp); };
115 log { source(src); destination(console_all); };
Unnamed repository; edit this file 'description' to name the repository.