@version:3.25
@include "scl.conf"

# syslog-ng configuration file.
# See syslog-ng(8) and syslog-ng.conf(5) for more information.
# Note: it also sources additional configuration files (*.conf)
#       located in /etc/syslog-ng/conf.d/


#
# Options
#
options {
    flush_lines (0);
    time_reopen (10);
    log_fifo_size (1000);
    chain_hostnames (off);
    use_dns (no);
    use_fqdn (no);
    create_dirs (yes);
    keep_hostname (yes);
};


#
# Sources
#

# Local system logs
source s_sys { system(); internal(); };

# Remote system logs, standard syslog ports on TCP/UDP
source s_netsys  { udp(port({{ sysloghost_netsys_port }})); tcp(port({{ sysloghost_netsys_port }})); };

# Remote netconsole logs, Linux kernel messages over the network
source s_netcons { udp(port({{ sysloghost_netcons_port }})); tcp(port({{ sysloghost_netcons_port }})); };

# Remote temporal logs, stuff that might log often and be archived for only a short time
source s_nettemp { udp(port({{ sysloghost_nettemp_port }})); tcp(port({{ sysloghost_nettemp_port }})); };


#
# Destinations
#
destination d_cons { file("/dev/console"); };
destination d_mesg { file("/var/log/messages"); };
destination d_auth { file("/var/log/secure"); };
destination d_mail { file("/var/log/maillog" flush_lines(10)); };
destination d_spol { file("/var/log/spooler"); };
destination d_boot { file("/var/log/boot.log"); };
destination d_cron { file("/var/log/cron"); };
destination d_kern { file("/var/log/kern"); };
destination d_localall { file("/var/log/localall.log"); };
destination d_mlal { usertty("*"); };

destination d_nas_syslog { file("{{ sysloghost_share_mountpoint }}/$HOST.syslog.log.$R_YEAR$R_MONTH$R_DAY"); };
destination d_nas_netcons { file("{{ sysloghost_share_mountpoint }}/$HOST.netconsole.log.$R_YEAR$R_MONTH$R_DAY"); };
destination d_nas_localtest { file("/var/log/all.log.$R_YEAR$R_MONTH$R_DAY"); };
destination d_nas_nettemp { file("{{ sysloghost_share_mountpoint }}/$HOST.temporal.log.$R_YEAR$R_MONTH$R_DAY"); };


#
# Filters
#
filter f_kernel     { facility(kern); };
filter f_default    { level(info..emerg) and
                        not (facility(mail)
                        or facility(authpriv) 
                        or facility(cron)); };
filter f_auth       { facility(authpriv); };
filter f_mail       { facility(mail); };
filter f_emergency  { level(emerg); };
filter f_news       { facility(uucp) or
                        (facility(news) 
                        and level(crit..emerg)); };
filter f_boot   { facility(local7); };
filter f_cron   { facility(cron); };


#
# Logs
#
#log { source(s_sys); filter(f_kernel); destination(d_cons); };
log { source(s_sys); filter(f_kernel); destination(d_kern); };
log { source(s_sys); filter(f_default); destination(d_mesg); };
log { source(s_sys); filter(f_auth); destination(d_auth); };
log { source(s_sys); filter(f_mail); destination(d_mail); };
log { source(s_sys); filter(f_emergency); destination(d_mlal); };
log { source(s_sys); filter(f_news); destination(d_spol); };
log { source(s_sys); filter(f_boot); destination(d_boot); };
log { source(s_sys); filter(f_cron); destination(d_cron); };

log { source(s_sys); destination(d_localall); destination(d_nas_syslog); };
log { source(s_netsys); destination(d_nas_syslog); };
log { source(s_netcons); destination(d_nas_netcons); };
log { source(s_nettemp); destination(d_nas_nettemp); };


#
# Other
#
# Source additional configuration files (.conf extension only)
@include "/etc/syslog-ng/conf.d/*.conf"


# vim:ft=syslog-ng:ai:si:ts=4:sw=4:et: