1 # /etc/rsyslog.conf Configuration file for rsyslog.
3 # For more information see
4 # /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html
11 $ModLoad imuxsock # provides support for local system logging
12 $ModLoad immark # provides --MARK-- message capability
13 $MarkMessagePeriod 900 # mark messages appear every 15 Minutes
16 $InputTCPServerRun 514 # Accept TCP connections on the default syslog port
18 ###########################
19 #### GLOBAL DIRECTIVES ####
20 ###########################
23 # Use traditional timestamp format.
24 # To enable high precision timestamps, comment out the following line.
26 $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
29 # Set the default permissions for all log files.
38 # Include all config files in /etc/rsyslog.d/
40 $IncludeConfig /etc/rsyslog.d/*.conf
42 # Store any queues here. This directory is not created automatically, so it
44 $WorkDirectory /var/spool/rsyslog
46 # Use a (disk-assisted) main queue
47 # Use a linked list for queueing
48 $MainMsgQueueType LinkedList
49 # Name to use for the queue file
50 $MainMsgQueueFileName main
51 # save in-memory data if rsyslog shuts down
52 $MainMsgQueueSaveOnShutdown on
54 #######################
55 #### Local logging ####
56 #######################
58 # Discard all log entries not locally generated (note that the ~ here is the
59 # "discard" action, preventing the rules below from bein ran on these messages.
60 if $fromhost-ip != '127.0.0.1' then ~
63 # Log each facility into its own log
64 auth,authpriv.* /var/log/rsyslog/auth.log
65 cron.* -/var/log/rsyslog/user.log
66 daemon.* -/var/log/rsyslog/daemon.log
67 kern.* -/var/log/rsyslog/kern.log
68 lpr.* -/var/log/rsyslog/lpr.log
69 mail.* -/var/log/rsyslog/mail.log
70 user.* -/var/log/rsyslog/user.log
71 local0,local1,local2,\
72 local3,local4,local5,\
73 local6,local7.* -/var/log/rsyslog/local.log
75 # Omitted facilities: syslog, news, uucp, ftp
77 # All logs end up in syslog as weel as the corresponding facility log above
78 # (except for auth, mail which only end up in the facility log for privacy
79 # reasons and debug which only ends up in the debug log below to prevent
84 mail.none -/var/log/rsyslog/syslog
86 # Debug entries end up in debug.log as well as the corresponding facility log
87 # above (except for auth and mail, which only end up in the facility logs for
91 news.none;mail.none -/var/log/rsyslog/debug.log
93 # Emergencies are sent to everybody logged in.