nk23x
11/7/2013 - 9:00 AM

rsyslog.conf - local rsyslogd

rsyslog.conf - local rsyslogd

##  /etc/rsyslog.conf   Configuration file for rsyslog.
##                      /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html

$ModLoad imuxsock # provides support for local system logging
$ModLoad imklog   # provides kernel logging support

## REMOTE LOGGING CFG >>

$ModLoad imudp
$ModLoad imtcp

## [REMOTEHOST] 
$UDPServerRun 514
$InputTCPServerRun 514

## << END OF REMOTE LOGGING CFG

$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat

$FileOwner root
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022

$WorkDirectory /var/spool/rsyslog

$IncludeConfig /etc/rsyslog.d/*.conf

## REMOTE LOGGING CFG >>

## [LOCALHOST] submit to remote host via tcp, ...
*.*   @@172.16.11.155:514

## [LOCALHOST] ... or via udp
# *.*  @other-server.example.net:10514

## [REMOTEHOST] LOGGING TEMPLATES: HOSTNAME .log
# $template PerHostLog,"/var/log/%HOSTNAME%.log"

## [REMOTEHOST] LOGGING TEMPLATES: IP ADDRESS .log
$template PerHostLog,"/var/log/%fromhost-ip%.log"

## [LOCALHOST] log all local5.* to /var/log/messages, ...
# local5.*  -/var/log/messages

## [REMOTEHOST] ... and all remote to ?PerHostLog 
if $fromhost-ip startswith '172.16.11.' then -?PerHostLog
 & ~

## << END OF REMOTE LOGGING CFG

*.*;auth;cron.*;daemon.*; kern.*  -/var/log/messages

mail.* /var/log/mail.log

*.=debug; auth,authpriv.none -/var/log/messages
*.=info;*.=notice;*.=warn -/var/log/messages

*.emerg                         :omusrmsg:*
##  /etc/rsyslog.conf   Configuration file for rsyslog.
##                      /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html

$ModLoad imuxsock # provides support for local system logging
$ModLoad imklog   # provides kernel logging support

$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat

$FileOwner root
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022

$WorkDirectory /var/spool/rsyslog

$IncludeConfig /etc/rsyslog.d/*.conf

*.*;auth;cron.*;daemon.*; kern.*  -/var/log/messages

mail.* /var/log/mail.log

*.=debug; auth,authpriv.none -/var/log/messages
*.=info;*.=notice;*.=warn -/var/log/messages

*.emerg                         :omusrmsg:*