1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
|
### Autogenerated by system_syslog.py ###
#### MODULES ####
# Load input modules for local logging and kernel logging
# Old-style log file format with low-precision timestamps
# A modern-style logfile format with high-precision timestamps and timezone info
# RSYSLOG_FileFormat
module(load="builtin:omfile" Template="RSYSLOG_TraditionalFileFormat")
module(load="imuxsock") # provides support for local system logging
module(load="imklog") # provides kernel logging support
# Import logs from journald
module(
load="imjournal"
StateFile="/var/spool/rsyslog/imjournal.state" # Persistent state file to track the journal cursor
Ratelimit.Interval="0" # Disable rate limiting (set to "0" for no limit)
RateLimit.Burst="0"
)
###########################
#### GLOBAL DIRECTIVES ####
###########################
# Log specific programs to auth.log, then stop further processing
if (
$programname == "CRON" or
$programname == "sudo" or
$programname == "su"
) then {
action(type="omfile" file="/var/log/auth.log")
stop
}
global(workDirectory="/var/spool/rsyslog")
###############
#### RULES ####
###############
# Send emergency messages to all logged-in users
*.emerg action(type="omusrmsg" users="*")
{% if marker is vyos_defined %}
# Load the immark module for periodic --MARK-- message capability
module(load="immark" interval="{{ marker.interval }}")
{% endif %}
{% if preserve_fqdn is vyos_defined %}
# Preserve the fully qualified domain name (FQDN) in log messages
global(preserveFQDN="on")
{% if preserve_fqdn.host_name is vyos_defined and preserve_fqdn.domain_name is vyos_defined %}
# Set the local hostname for log messages
global(localHostname="{{ preserve_fqdn.host_name }}.{{ preserve_fqdn.domain_name }}")
{% endif %}
{% endif %}
#### GLOBAL LOGGING ####
{% if local.facility is vyos_defined %}
{% set tmp = [] %}
{% if local.facility is vyos_defined %}
{% for facility, facility_options in local.facility.items() %}
{% set _ = tmp.append(facility.replace('all', '*') ~ "." ~ facility_options.level.replace('all', 'debug')) %}
{% endfor %}
if prifilt("{{ tmp | join(',') }}") then {
action(
type="omfile"
file="/var/log/messages"
queue.size="262144"
rotation.sizeLimitCommand="/usr/sbin/logrotate {{ logrotate }}"
)
}
{% endif %}
{% endif %}
#### CONSOLE LOGGING ####
{% if console.facility is vyos_defined %}
{% set tmp = [] %}
{% if console.facility is vyos_defined %}
{% for facility, facility_options in console.facility.items() %}
{% set _ = tmp.append(facility.replace('all', '*') ~ "." ~ facility_options.level.replace('all', 'debug')) %}
{% endfor %}
if prifilt("{{ tmp | join(',') }}") then {
action(type="omfile" file="/dev/console")
}
{% endif %}
{% endif %}
#### REMOTE LOGGING ####
{% if remote is vyos_defined %}
{% for remote_name, remote_options in remote.items() %}
{% set tmp = [] %}
{% if remote_options.facility is vyos_defined %}
{% for facility, facility_options in remote_options.facility.items() %}
{% set _ = tmp.append(facility.replace('all', '*') ~ "." ~ facility_options.level.replace('all', 'debug')) %}
{% endfor %}
{% set _ = tmp.sort() %}
# Remote syslog to {{ remote_name }}
if prifilt("{{ tmp | join(',') }}") then {
action(
type="omfwd"
# Remote syslog server where we send our logs to
target="{{ remote_name | bracketize_ipv6 }}"
# Port on the remote syslog server
port="{{ remote_options.port }}"
protocol="{{ remote_options.protocol }}"
{% if remote_options.format.include_timezone is vyos_defined %}
template="SyslogProtocol23Format"
{% endif %}
TCP_Framing="{{ 'octed-counted' if remote_options.format.octet_counted is vyos_defined else 'traditional' }}"
{% if source_address is vyos_defined %}
# Sender IP address
Address="{{ source_address }}"
{% endif %}
{% if vrf is vyos_defined %}
Device="{{ vrf }}"
{% endif %}
)
}
{% endif %}
{% endfor %}
{% endif %}
# Include all configuration files in /etc/rsyslog.d/
include(file="/etc/rsyslog.d/*.conf")
|
