# /etc/syslog.conf - Configuration file for syslogd(8) # # For information about the format of this file, see syslog.conf(5) # # # First some standard log files. Log by facility. # auth,authpriv.* /var/log/auth.log # Everything except debug and security tokens, re-enable debug by # dropping '*.!=debug;', or enable /var/log/debug below *.*;*.!=debug;\ auth,authpriv.none -/var/log/syslog #cron.* /var/log/cron.log #daemon.* -/var/log/daemon.log kern.* -/var/log/kern.log #lpr.* -/var/log/lpr.log mail.* -/var/log/mail.log #user.* -/var/log/user.log # # Logging for the mail system. Split it up so that # it is easy to write scripts to parse these files. # #mail.info -/var/log/mail.info #mail.warn -/var/log/mail.warn mail.err /var/log/mail.err #mail.*;mail.!=info -/var/log/mail #mail,news.=info -/var/log/info # The tcp wrapper loggs with mail.info, we display all # the connections on tty12 # #mail.=info /dev/tty12 # # Some "catch-all" log files. # #*.=debug;\ # auth,authpriv.none;\ # news.none;mail.none -/var/log/debug *.=info;*.=notice;*.=warn;\ auth,authpriv.none;\ cron,daemon.none;\ mail,news.none -/var/log/messages # Store all critical eventes, except kernel logs in critical # #*.=crit;kern.none /var/log/critical # Example of sending events to remote syslog server. # All events from notice and above, except auth, authpriv # and any kernel message are sent to server finlandia in # RFC5424 formatted output. # #*.notice;auth,authpriv.none; # kern.none\ @finlandia ;RFC5424 # Emergencies are sent to anyone logged in # *.=emerg * # Priority alert and above are sent to the operator # #*.alert root,joey # # Secure mode, same as -s, none(0), on(1), full(2). When enabled # only logging to remote syslog server possible, with full secure # mode, not even that is possible. We default to prevent syslogd # from opening UDP/514 and receving messages from other systems. # secure_mode 1 # # Include all config files in /etc/syslog.d/ # include /etc/syslog.d/*.conf