summaryrefslogtreecommitdiff
path: root/src/etc/rsyslog.conf
blob: c28e9b53790eb442550bf7e885095ee824fada63 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
#################
#### MODULES ####
#################

$ModLoad imuxsock # provides support for local system logging
$ModLoad imklog   # provides kernel logging support (previously done by rklogd)
#$ModLoad immark  # provides --MARK-- message capability

$OmitLocalLogging off
$SystemLogSocketName /run/systemd/journal/syslog

$KLogPath /proc/kmsg

###########################
#### GLOBAL DIRECTIVES ####
###########################

# The lines below cause all listed daemons/processes to be logged into
# /var/log/auth.log, then drops the message so it does not also go to the
# regular syslog so that messages are not duplicated

$outchannel auth_log,/var/log/auth.log
if  $programname == 'CRON' or
    $programname == 'sudo' or
    $programname == 'su'
    then :omfile:$auth_log

if $programname == 'CRON' or
    $programname == 'sudo' or
    $programname == 'su'
    then stop

# Use traditional timestamp format.
# To enable high precision timestamps, comment out the following line.
# A modern-style logfile format similar to TraditionalFileFormat, buth with high-precision timestamps and timezone information
#$ActionFileDefaultTemplate RSYSLOG_FileFormat
# The "old style" default log file format with low-precision timestamps
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat

# Filter duplicated messages
$RepeatedMsgReduction on

#
# Set the default permissions for all log files.
#
$FileOwner root
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022

#
# Stop excessive logging of sudo
#
:msg, contains, " pam_unix(sudo:session): session opened for user root(uid=0) by" ~
:msg, contains, "pam_unix(sudo:session): session closed for user root" ~

#
# Include all config files in /etc/rsyslog.d/
#
$IncludeConfig /etc/rsyslog.d/*.conf

###############
#### RULES ####
###############
# Emergencies are sent to everybody logged in.
*.emerg                         :omusrmsg:*