[37de9d1] | 1 | <?xml version="1.0" encoding="ISO-8859-1"?>
|
---|
| 2 | <!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
|
---|
[eb2ad67] | 3 | "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
|
---|
[37de9d1] | 4 | <!ENTITY % general-entities SYSTEM "../../general.ent">
|
---|
| 5 | %general-entities;
|
---|
| 6 | ]>
|
---|
| 7 |
|
---|
| 8 | <sect1 id="ch-system-rsyslog" xreflabel="rsyslog" role="wrap">
|
---|
| 9 | <?dbhtml filename="rsyslog.html"?>
|
---|
| 10 |
|
---|
| 11 | <title>Rsyslog-&rsyslog-version;</title>
|
---|
| 12 |
|
---|
| 13 | <indexterm zone="ch-system-rsyslog">
|
---|
| 14 | <primary sortas="a-rsyslog">rsyslog</primary>
|
---|
| 15 | </indexterm>
|
---|
| 16 |
|
---|
| 17 | <sect2 role="package">
|
---|
| 18 | <title/>
|
---|
| 19 |
|
---|
| 20 | <para>The rsyslog package contains programs for logging system messages,
|
---|
| 21 | such as those given by the kernel when unusual things happen.</para>
|
---|
| 22 |
|
---|
| 23 | </sect2>
|
---|
| 24 |
|
---|
| 25 | <sect2 role="installation">
|
---|
[13e20ae] | 26 | <title>Installation of Rsyslog</title>
|
---|
[37de9d1] | 27 |
|
---|
| 28 | <para os="a">Prepare Rsyslog for compilation:</para>
|
---|
| 29 |
|
---|
| 30 | <screen os="b"><userinput>./configure --prefix=/usr --sbindir=/sbin</userinput></screen>
|
---|
| 31 |
|
---|
| 32 | <para os="c">Compile the package:</para>
|
---|
| 33 |
|
---|
[8260ff5d] | 34 | <screen os="d"><userinput>make</userinput></screen>
|
---|
[37de9d1] | 35 |
|
---|
| 36 | <para os="e">This package does not come with a test suite.</para>
|
---|
| 37 |
|
---|
| 38 | <para os="f">Install the package:</para>
|
---|
| 39 |
|
---|
| 40 | <screen os="g"><userinput>make install</userinput></screen>
|
---|
| 41 |
|
---|
[3a14187] | 42 | <para os="h">Create a directory for expansion snippets:</para>
|
---|
| 43 |
|
---|
| 44 | <screen os="i"><userinput>install -dv /etc/rsyslog.d</userinput></screen>
|
---|
| 45 |
|
---|
[37de9d1] | 46 | </sect2>
|
---|
| 47 |
|
---|
| 48 | <sect2 id="conf-rsyslog" role="configuration">
|
---|
| 49 | <title>Configuring rsyslog</title>
|
---|
| 50 |
|
---|
| 51 | <indexterm zone="conf-rsyslog">
|
---|
| 52 | <primary sortas="a-rsyslog">rsyslog</primary>
|
---|
| 53 | <secondary>configuring</secondary></indexterm>
|
---|
| 54 |
|
---|
| 55 | <indexterm zone="conf-rsyslog">
|
---|
| 56 | <primary sortas="e-/etc/rsyslog.conf">/etc/rsyslog.conf</primary>
|
---|
| 57 | </indexterm>
|
---|
| 58 |
|
---|
| 59 | <para>Create a new <filename>/etc/rsyslog.conf</filename> file by running
|
---|
| 60 | the following:</para>
|
---|
| 61 |
|
---|
| 62 | <screen><userinput>cat > /etc/rsyslog.conf << "EOF"
|
---|
| 63 | <literal># Begin /etc/rsyslog.conf
|
---|
| 64 |
|
---|
| 65 | # CLFS configuration of rsyslog. For more info use man rsyslog.conf
|
---|
| 66 |
|
---|
| 67 | #######################################################################
|
---|
| 68 | # Rsyslog Modules
|
---|
| 69 |
|
---|
| 70 | # Support for Local System Logging
|
---|
| 71 | $ModLoad imuxsock.so
|
---|
| 72 |
|
---|
| 73 | # Support for Kernel Logging
|
---|
| 74 | $ModLoad imklog.so
|
---|
| 75 |
|
---|
| 76 | #######################################################################
|
---|
| 77 | # Global Options
|
---|
| 78 |
|
---|
| 79 | # Use traditional timestamp format.
|
---|
| 80 | $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
|
---|
| 81 |
|
---|
| 82 | # Set the default permissions for all log files.
|
---|
| 83 | $FileOwner root
|
---|
| 84 | $FileGroup root
|
---|
| 85 | $FileCreateMode 0640
|
---|
| 86 | $DirCreateMode 0755
|
---|
| 87 |
|
---|
[b25f67d] | 88 | # Provides UDP reception
|
---|
| 89 | $ModLoad imudp
|
---|
| 90 | $UDPServerRun 514
|
---|
| 91 |
|
---|
[85956ca] | 92 | # Disable Repeating of Entries
|
---|
[b25f67d] | 93 | $RepeatedMsgReduction on
|
---|
| 94 |
|
---|
[3a14187] | 95 | #######################################################################
|
---|
| 96 | # Include Rsyslog Config Snippets
|
---|
| 97 |
|
---|
| 98 | $IncludeConfig /etc/rsyslog.d/*.conf
|
---|
| 99 |
|
---|
[37de9d1] | 100 | #######################################################################
|
---|
| 101 | # Standard Log Files
|
---|
| 102 |
|
---|
| 103 | auth,authpriv.* /var/log/auth.log
|
---|
| 104 | *.*;auth,authpriv.none -/var/log/syslog
|
---|
| 105 | daemon.* -/var/log/daemon.log
|
---|
| 106 | kern.* -/var/log/kern.log
|
---|
| 107 | lpr.* -/var/log/lpr.log
|
---|
| 108 | mail.* -/var/log/mail.log
|
---|
| 109 | user.* -/var/log/user.log
|
---|
| 110 |
|
---|
| 111 | # Catch All Logs
|
---|
| 112 | *.=debug;\
|
---|
| 113 | auth,authpriv.none;\
|
---|
| 114 | news.none;mail.none -/var/log/debug
|
---|
| 115 | *.=info;*.=notice;*.=warn;\
|
---|
| 116 | auth,authpriv.none;\
|
---|
| 117 | cron,daemon.none;\
|
---|
| 118 | mail,news.none -/var/log/messages
|
---|
| 119 |
|
---|
[85956ca] | 120 | # Emergencies are shown to everyone
|
---|
[37de9d1] | 121 | *.emerg *
|
---|
| 122 |
|
---|
| 123 | # End /etc/rsyslog.conf</literal>
|
---|
| 124 | EOF</userinput></screen>
|
---|
| 125 |
|
---|
| 126 | </sect2>
|
---|
| 127 |
|
---|
| 128 | <sect2 id="contents-rsyslog" role="content">
|
---|
| 129 | <title>Contents of rsyslog</title>
|
---|
| 130 |
|
---|
| 131 | <segmentedlist>
|
---|
| 132 | <segtitle>Installed programs</segtitle>
|
---|
[61ad0b7f] | 133 | <segtitle>Installed directory</segtitle>
|
---|
[37de9d1] | 134 |
|
---|
| 135 | <seglistitem>
|
---|
| 136 | <seg>rsyslogd</seg>
|
---|
[61ad0b7f] | 137 | <seg>/usr/lib/rsyslog</seg>
|
---|
[37de9d1] | 138 | </seglistitem>
|
---|
| 139 | </segmentedlist>
|
---|
| 140 |
|
---|
| 141 | <variablelist>
|
---|
| 142 | <bridgehead renderas="sect3">Short Descriptions</bridgehead>
|
---|
| 143 | <?dbfo list-presentation="list"?>
|
---|
| 144 | <?dbhtml list-presentation="table"?>
|
---|
| 145 |
|
---|
| 146 | <varlistentry id="rsyslogd">
|
---|
| 147 | <term><command>rsyslogd</command></term>
|
---|
| 148 | <listitem>
|
---|
| 149 | <para>Logs the messages that system programs offer for logging.
|
---|
| 150 | Every logged message contains at least a date stamp and a hostname,
|
---|
| 151 | and normally the program's name too, but that depends on how
|
---|
| 152 | trusting the logging daemon is told to be.</para>
|
---|
| 153 | <indexterm zone="ch-system-rsyslog rsyslogd">
|
---|
[665937ac] | 154 | <primary sortas="b-rsyslogd">rsyslogd</primary>
|
---|
[37de9d1] | 155 | </indexterm>
|
---|
| 156 | </listitem>
|
---|
| 157 | </varlistentry>
|
---|
| 158 |
|
---|
| 159 | </variablelist>
|
---|
| 160 |
|
---|
| 161 | </sect2>
|
---|
| 162 |
|
---|
| 163 | </sect1>
|
---|