# An "In-Memory Queue" is created for remote logging.
$WorkDirectory <%= scope.lookupvar('rsyslog::spool_dir') -%>    # where to place spool files
$ActionQueueFileName queue      # unique name prefix for spool files
$ActionQueueMaxDiskSpace <%= scope.lookupvar('rsyslog::client::spool_size') -%>     # spool space limit (use as much as possible)
$ActionQueueSaveOnShutdown on   # save messages to disk on shutdown
$ActionQueueType LinkedList     # run asynchronously
$ActionResumeRetryCount -1      # infinety retries if host is down
<% if scope.lookupvar('rsyslog::client::log_templates') and ! scope.lookupvar('rsyslog::client::log_templates').empty?-%>

# Define custom logging templates
<% scope.lookupvar('rsyslog::client::log_templates').flatten.compact.each do |log_template| -%>
$template <%= log_template['name'] %>,"<%= log_template['template'] %>"
<% end -%>
<% end -%>
<% if scope.lookupvar('rsyslog::client::actionfiletemplate') -%>

# Using specified format for default logging format:
$ActionFileDefaultTemplate <%= scope.lookupvar('rsyslog::client::actionfiletemplate') %>
<% else -%>

#Using default format for default logging format:
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
<% end -%>
<% if scope.lookupvar('rsyslog::client::ssl') -%>

# Setup SSL connection.
# CA/Cert
$DefaultNetStreamDriverCAFile <%= scope.lookupvar('rsyslog::client::ssl_ca') %>

# Connection settings.
$DefaultNetstreamDriver gtls
$ActionSendStreamDriverMode 1
$ActionSendStreamDriverAuthMode anon
<% end -%>
<% if scope.lookupvar('rsyslog::client::remote_servers')  -%>

<% scope.lookupvar('rsyslog::client::remote_servers').flatten.compact.each do |server| -%>
<% if server['pattern'] and server['pattern'] != ''-%>
<% pattern = server['pattern'] -%>
<% else -%>
<% pattern = '*.*' -%>
<% end -%>
<% if server['protocol'] == 'TCP' or server['protocol'] == 'tcp'-%>
<% protocol = '@@' -%>
<% protocol_type = 'TCP' -%>
<% else -%>
<% protocol = '@' -%>
<% protocol_type = 'UDP' -%>
<% end -%>
<% if server['host'] and server['host'] != ''-%>
<% host = server['host'] -%>
<% else -%>
<% host = 'localhost' -%>
<% end -%>
<% if server['port'] and server['port'] != ''-%>
<% port = server['port'] -%>
<% else -%>
<% port = '514' -%>
<% end -%>
<% if server['format'] -%>
<% format = ";#{server['format']}" -%>
<% format_type = server['format'] -%>
<% else -%>
<% format = '' -%>
<% format_type = 'the default' -%>
<% end -%>
# Sending logs that match <%= pattern %> to <%= host %> via <%= protocol_type %> on <%= port %> using <%=format_type %> format.
<%= pattern %> <%= protocol %><%= host %>:<%= port %><%= format %>
<% end -%>
<% elsif scope.lookupvar('rsyslog::client::log_remote') -%>

# Log to remote syslog server using <%= scope.lookupvar('rsyslog::client::remote_type') %>
<% if scope.lookupvar('rsyslog::client::remote_type') == 'tcp' -%>
*.* @@<%= scope.lookupvar('rsyslog::client::server') -%>:<%= scope.lookupvar('rsyslog::client::port') -%>;<%= scope.lookupvar('remote_forward_format') -%>
<% else -%>
*.* @<%= scope.lookupvar('rsyslog::client::server') -%>:<%= scope.lookupvar('rsyslog::client::port') -%>;<%= scope.lookupvar('remote_forward_format') -%>
<% end -%>
<% end -%>
<% if scope.lookupvar('rsyslog::client::log_auth_local') or scope.lookupvar('rsyslog::client::log_local') -%>

# Logging locally.

<% if scope.lookupvar('rsyslog::log_style') == 'debian' -%>
# Log auth messages locally
auth,authpriv.*                 /var/log/auth.log
<% elsif scope.lookupvar('rsyslog::log_style') == 'redhat' -%>
# Log auth messages locally
auth,authpriv.*                 /var/log/secure
<% end -%>
<% end -%>
<% if scope.lookupvar('rsyslog::client::log_local') -%>
<% if scope.lookupvar('rsyslog::log_style') == 'debian' -%>
# First some standard log files.  Log by facility.
#
*.*;auth,authpriv.none         -/var/log/syslog
cron.*                          /var/log/cron.log
daemon.*                       -/var/log/daemon.log
kern.*                         -/var/log/kern.log
#lpr.*                          -/var/log/lpr.log
mail.*                         -/var/log/mail.log
user.*                         -/var/log/user.log

#
# Logging for the mail system.  Split it up so that
# it is easy to write scripts to parse these files.
#
mail.info                      -/var/log/mail.info
mail.warn                      -/var/log/mail.warn
mail.err                        /var/log/mail.err

#
# Logging for INN news system.
#
news.crit                       /var/log/news/news.crit
news.err                        /var/log/news/news.err
news.notice                     -/var/log/news/news.notice

#
# Some "catch-all" log files.
#
*.=debug;\
       auth,authpriv.none;\
       news.none;mail.none     -/var/log/debug
*.=info;*.=notice;*.=warn;\
       auth,authpriv.none;\
       cron,daemon.none;\
       mail,news.none          -/var/log/messages

#
# I like to have messages displayed on the console, but only on a virtual
# console I usually leave idle.
#
#daemon,mail.*;\
#       news.=crit;news.=err;news.=notice;\
#       *.=debug;*.=info;\
#       *.=notice;*.=warn       /dev/tty8

# The named pipe /dev/xconsole is for the `xconsole' utility.  To use it,
# you must invoke `xconsole' with the `-file' option:
#
#    $ xconsole -file /dev/xconsole [...]
#
# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
#      busy site..
#
daemon.*;mail.*;\
        news.err;\
        *.=debug;*.=info;\
        *.=notice;*.=warn       |/dev/xconsole
<% elsif scope.lookupvar('rsyslog::log_style') == 'redhat' -%>
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.*                                                 /dev/console

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none                /var/log/messages

# Log all the mail messages in one place.
mail.*                         -/var/log/maillog


# Log cron stuff
cron.*                         /var/log/cron

# Everybody gets emergency messages
<% if @rsyslog_version and @rsyslog_version.split('.')[0].to_i >= 8 -%>
*.emerg       :omusrmsg:*
<% else -%>
*.emerg				*
<% end -%>

# Save news errors of level crit and higher in a special file.
uucp,news.crit                 -/var/log/spooler

# Save boot messages also to boot.log
local7.*                       -/var/log/boot.log
<% end -%>
<% end -%>