Created
July 18, 2020 16:04
-
-
Save blazewicz/1d0bc75bf3d58daa331652d7fa819a27 to your computer and use it in GitHub Desktop.
RainerScript config for rsyslog for Raspberry Pi OS with remote logging to separate files
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # /etc/rsyslog.conf configuration file for rsyslog | |
| # | |
| # For more information install rsyslog-doc and see | |
| # /usr/share/doc/rsyslog-doc/html/configuration/index.html | |
| ################### | |
| #### TEMPLATES #### | |
| ################### | |
| template(name="RemoteDynaFile" type="string" string="/var/log/remote/%HOSTNAME%.log") | |
| ################## | |
| #### RULESETS #### | |
| ################## | |
| ruleset(name="remote"){ | |
| action( | |
| type="omfile" | |
| template="RSYSLOG_FileFormat" | |
| dynaFile="RemoteDynaFile" | |
| fileOwner="root" | |
| fileGroup="adm" | |
| fileCreateMode="0640" | |
| dirOwner="root" | |
| dirGroup="adm" | |
| dirCreateMode="0755" | |
| ) | |
| } | |
| ################# | |
| #### MODULES #### | |
| ################# | |
| module(load="imuxsock") # provides support for local system logging | |
| module(load="imklog") # provides kernel logging support | |
| #module(load="immark") # provides --MARK-- message capability | |
| # provides UDP syslog reception | |
| # https://www.rsyslog.com/doc/v8-stable/configuration/modules/imudp.html | |
| module(load="imudp") | |
| input(type="imudp" port="514" ruleset="remote") | |
| # provides TCP syslog reception | |
| # https://www.rsyslog.com/doc/v8-stable/configuration/modules/imtcp.html | |
| module(load="imtcp") | |
| input(type="imtcp" port="514" ruleset="remote") | |
| # configure default local file logging | |
| # https://www.rsyslog.com/doc/v8-stable/configuration/modules/omfile.html | |
| module( | |
| load="builtin:omfile" | |
| template="RSYSLOG_FileFormat" | |
| fileOwner="root" | |
| fileGroup="adm" | |
| fileCreateMode="0640" | |
| dirOwner="root" | |
| dirGroup="adm" | |
| dirCreateMode="0755" | |
| ) | |
| ########################### | |
| #### GLOBAL DIRECTIVES #### | |
| ########################### | |
| # The global configuration object permits to set global parameters. | |
| # https://www.rsyslog.com/doc/v8-stable/rainerscript/global.html | |
| global( | |
| workDirectory="/var/spool/rsyslog" | |
| umask="0022" | |
| ) | |
| # The include() object is used to include configuration snippets stored elsewhere into the configuration. | |
| # https://www.rsyslog.com/doc/v8-stable/rainerscript/include.html | |
| include( | |
| file="/etc/rsyslog.d/*.conf" | |
| mode="optional" | |
| ) | |
| ############### | |
| #### RULES #### | |
| ############### | |
| # | |
| # First some standard log files. Log by facility. | |
| # | |
| auth,authpriv.* /var/log/auth.log | |
| *.*;auth,authpriv.none -/var/log/syslog | |
| #cron.* /var/log/cron.log | |
| daemon.* -/var/log/daemon.log | |
| kern.* -/var/log/kern.log | |
| lpr.* -/var/log/lpr.log | |
| mail.* -/var/log/mail.log | |
| user.* -/var/log/user.log | |
| # | |
| # Logging for the mail system. Split it up so that | |
| # it is easy to write scripts to parse these files. | |
| # | |
| mail.info -/var/log/mail.info | |
| mail.warn -/var/log/mail.warn | |
| mail.err /var/log/mail.err | |
| # | |
| # Some "catch-all" log files. | |
| # | |
| *.=debug;\ | |
| auth,authpriv.none;\ | |
| news.none;mail.none -/var/log/debug | |
| *.=info;*.=notice;*.=warn;\ | |
| auth,authpriv.none;\ | |
| cron,daemon.none;\ | |
| mail,news.none -/var/log/messages | |
| # | |
| # Emergencies are sent to everybody logged in. | |
| # | |
| *.emerg :omusrmsg:* |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment