# file is managed by puppet # An "In-Memory Queue" is created for remote logging. $WorkDirectory <%= scope.lookupvar('rsyslog::spool_dir') -%> # where to place spool files $ActionQueueFileName queue # unique name prefix for spool files $ActionQueueMaxDiskSpace <%= scope.lookupvar('rsyslog::client::spool_size') -%> # spool space limit (use as much as possible) $ActionQueueSaveOnShutdown on # save messages to disk on shutdown $ActionQueueType LinkedList # run asynchronously $ActionResumeRetryCount -1 # infinety retries if host is down <% if scope.lookupvar('rsyslog::client::actionfiletemplate') -%> # Using specified format for default logging fromat: $ActionFileDefaultTemplate <%= scope.lookupvar('rsyslog::client::actionfiletemplate') %> <% else -%> #Using default format for default logging fromat: $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat <% end -%> <% if scope.lookupvar('rsyslog::client::log_auth_local') or scope.lookupvar('rsyslog::client::log_local') -%> <% if scope.lookupvar('rsyslog::client::ssl') -%> # Setup SSL connection. # CA/Cert $DefaultNetStreamDriverCAFile <%= scope.lookupvar('rsyslog::client::ssl_ca') %> # Connection settings. $DefaultNetstreamDriver gtls $ActionSendStreamDriverMode 1 $ActionSendStreamDriverAuthMode anon <% end -%> <% if scope.lookupvar('rsyslog::client::log_remote') -%> # Log to remote syslog server using <%= scope.lookupvar('rsyslog::client::remote_type') %> <% if scope.lookupvar('rsyslog::client::remote_type') == 'tcp' -%> *.* @@<%= scope.lookupvar('rsyslog::client::server') -%>:<%= scope.lookupvar('rsyslog::client::port') -%>;RSYSLOG_ForwardFormat <% else -%> *.* @<%= scope.lookupvar('rsyslog::client::server') -%>:<%= scope.lookupvar('rsyslog::client::port') -%>;RSYSLOG_ForwardFormat <% end -%> <% end -%> # Logging locally. <% if scope.lookupvar('rsyslog::log_style') == 'debian' -%> # Log auth messages locally auth,authpriv.* /var/log/auth.log <% elsif scope.lookupvar('rsyslog::log_style') == 'redhat' -%> # Log auth messages locally auth,authpriv.* /var/log/secure <% end -%> <% end -%> <% if scope.lookupvar('rsyslog::client::preserve_fqdn') -%> # Tell rsyslog to use FQDN and not short server names $PreserveFQDN on <% end -%> <% if scope.lookupvar('rsyslog::client::log_local') -%> <% if scope.lookupvar('rsyslog::log_style') == 'debian' -%> # First some standard log files. Log by facility. # *.*;auth,authpriv.none -/var/log/syslog cron.* /var/log/cron.log daemon.* -/var/log/daemon.log kern.* -/var/log/kern.log #lpr.* -/var/log/lpr.log mail.* -/var/log/mail.log user.* -/var/log/user.log # # Logging for the mail system. Split it up so that # it is easy to write scripts to parse these files. # mail.info -/var/log/mail.info mail.warn -/var/log/mail.warn mail.err /var/log/mail.err # # Logging for INN news system. # news.crit /var/log/news/news.crit news.err /var/log/news/news.err news.notice -/var/log/news/news.notice # # Some "catch-all" log files. # *.=debug;\ auth,authpriv.none;\ news.none;mail.none -/var/log/debug *.=info;*.=notice;*.=warn;\ auth,authpriv.none;\ cron,daemon.none;\ mail,news.none -/var/log/messages # # I like to have messages displayed on the console, but only on a virtual # console I usually leave idle. # #daemon,mail.*;\ # news.=crit;news.=err;news.=notice;\ # *.=debug;*.=info;\ # *.=notice;*.=warn /dev/tty8 # The named pipe /dev/xconsole is for the `xconsole' utility. To use it, # you must invoke `xconsole' with the `-file' option: # # $ xconsole -file /dev/xconsole [...] # # NOTE: adjust the list below, or you'll go crazy if you have a reasonably # busy site.. # daemon.*;mail.*;\ news.err;\ *.=debug;*.=info;\ *.=notice;*.=warn |/dev/xconsole <% elsif scope.lookupvar('rsyslog::log_style') == 'redhat' -%> # Log all kernel messages to the console. # Logging much else clutters up the screen. #kern.* /dev/console # Log anything (except mail) of level info or higher. # Don't log private authentication messages! *.info;mail.none;authpriv.none;cron.none /var/log/messages # Log all the mail messages in one place. mail.* -/var/log/maillog # Log cron stuff cron.* /var/log/cron # Everybody gets emergency messages *.emerg * # Save news errors of level crit and higher in a special file. uucp,news.crit -/var/log/spooler # Save boot messages also to boot.log local7.* -/var/log/boot.log <% end -%> <% end -%>