Update example syslog.conf with relevant and modern defaults

Signed-off-by: Joachim Nilsson <troglobit@gmail.com>
2019-11-03 12:19:37 +01:00 · 2019-11-03 12:19:37 +01:00 · d63b2e68f6
commit d63b2e68f6
parent cebec1202b
1 changed files with 53 additions and 36 deletions
--- a/syslog.conf
+++ b/syslog.conf
@ -1,51 +1,68 @@
 # /etc/syslog.conf - Configuration file for syslogd(8)
 #
-# For info about the format of this file, see "man syslog.conf".
+# For information about the format of this file, see syslog.conf(5)
 #
-*.=debug			-/usr/adm/debug
-*.warning			/usr/adm/syslog

-# Store critical stuff in critical
 #
-*.=crit;kern.none               /var/adm/critical
+# First some standard log files.  Log by facility.
+#
+auth,authpriv.*			 /var/log/auth.log
+*.*;auth,authpriv.none		-/var/log/syslog
+
+#cron.*				/var/log/cron.log
+#daemon.*			-/var/log/daemon.log
+kern.*				-/var/log/kern.log
+#lpr.*				-/var/log/lpr.log
+mail.*				-/var/log/mail.log
+#user.*				-/var/log/user.log

-# Kernel messages are first, stored in the kernel file, 
-# critical messages and higher ones also go to another
-# host and to the console
 #
-kern.*				/var/adm/kernel
-kern.crit			@finlandia
-kern.crit			/dev/console
-kern.info;kern.!err		/var/adm/kernel-info
+# Logging for the mail system.  Split it up so that
+# it is easy to write scripts to parse these files.
+#
+#mail.info			-/var/log/mail.info
+#mail.warn			-/var/log/mail.warn
+mail.err			 /var/log/mail.err
+#mail.*;mail.!=info		-/var/log/mail
+#mail,news.=info 		-/var/log/info

 # The tcp wrapper loggs with mail.info, we display all
 # the connections on tty12
 #
-mail.=info			/dev/tty12
-
-# Store all mail concearning stuff in a file
-#
-mail.*;mail.!=info		-/var/adm/mail
-
-# Log all mail.info and news.info messages to info
-#
-mail,news.=info			-/var/adm/info
-
-# Log info and notice mesages to messages file
-#
-*.=info;*.=notice;mail.none	-/usr/adm/messages
-#*.=info;mail,news.none		-/usr/adm/messages
-
-# Emergency messages will be displayed using wall
-#
-*.=emerg                        *
-
-# Messages of the priority alert will be directed
-# to the operator
-#
-*.alert                         root,joey
+#mail.=info			/dev/tty12

 #
-# Drop your subsystem .conf file in /etc/syslog.d/
+# Some "catch-all" log files.
+#
+#*.=debug;\
+#	auth,authpriv.none;\
+#	news.none;mail.none	-/var/log/debug
+*.=info;*.=notice;*.=warn;\
+	auth,authpriv.none;\
+	cron,daemon.none;\
+	mail,news.none		-/var/log/messages
+
+# Store all critical eventes, except kernel logs in critical
+#
+#*.=crit;kern.none		/var/log/critical
+
+# Example of sending events to remote syslog server.
+# All events from notice and above, except auth, authpriv
+# and any kernel message are sent to server finlandia in
+# RFC5424 formatted output.
+#
+#*.notice;auth,authpriv.none;
+#	kern.none\		@finlandia	;RFC5424
+
+# Emergencies are sent to anyone logged in
+#
+*.=emerg			*
+
+# Priority alert and above are sent to the operator
+#
+#*.alert				root,joey
+
+#
+# Include all config files in /etc/syslog.d/
 #
 include /etc/syslog.d/*.conf