#
# Syslog-ng configuration.
# 

#
# what the default options are for files that it writes
#
options { sync(0); time_reopen(10); log_fifo_size(100); };

##############################################################
# Sources:
# where to listen for logs
# you can define arbitrary tcp and udp ports to listen on
###############################################################

source src { 
	unix-stream("/dev/log");
	tcp();
	udp();
	internal();
};

######################################################################
# Filters:
# these can be used and chained to filter certain logs into or
# out of a log. The filters are defined here then used elsewhere.
######################################################################


# eliminate pump renewals - pump makes lots of noise in the debug priority
filter pump_renewal {
   not program("pumpd") or not level(info,debug) ;
};

# imapd and ipop3d are noisy - remove their debug priority logs
filter imap_debug {
   not program("imapd") or not level(info,debug) ;
};
filter ipop3_debug {
   not program("ipop3d") or not level(info,debug);
};

# eliminate sshd debug messages
filter sshd_debug {
   not program("sshd") or not level(debug);
};

# eliminate ALL debug messages 
filter no_debug { not level(debug); };

# eliminate messages below warning level
filter at_least_warn { 
   level(warning..emerg) ;
};

#
# These are a test to see about making red hat-like logs on the remote host subdivided by hostname
#
# most of these are obvious :)

# stuff that would go into /var/log/messages
filter f_messages { level(info..warn) 
                    and not facility(auth, authpriv, mail, news, local7); 
  };

filter f_bootlog { facility(local7); };
filter f_authlog { facility(auth,authpriv); };
filter f_maillog { facility(mail); };
filter f_cronlog { facility(cron); };
filter f_kernlog { facility(kern); };
filter f_daemonlog { facility(daemon) and
                     level(info,warn,notice,err,crit,alert,emerg);
     };

##############################################################
# Destinations:
# this defnies what the file locations will ultimately be
# they will be used later to make a "log"
##############################################################

# the $HOST means substitute in the remote-hostname.
destination messages {
   file("/var/log/syslog-ng/rh-log/$HOST/messages" 
         sync(0) log_fifo_size(10) create_dirs(yes) 
         owner(root) group(system) perm(0660) dir_perm(0770));
};

destination bootlog {
   file("/var/log/syslog-ng/rh-log/$HOST/boot.log" 
         sync(0) log_fifo_size(10) create_dirs(yes) 
         owner(root) group(system) perm(0660) dir_perm(0770));
};

destination authlog {
   file("/var/log/syslog-ng/rh-log/$HOST/secure.log" 
         sync(0) log_fifo_size(10) create_dirs(yes) 
         owner(root) group(system) perm(0660) dir_perm(0770));
};

destination kernlog {
   file("/var/log/syslog-ng/rh-log/$HOST/kern.log" 
         sync(0) log_fifo_size(10) create_dirs(yes) 
         owner(root) group(system) perm(0660) dir_perm(0770));
};

destination maillog {
   file("/var/log/syslog-ng/rh-log/$HOST/mail.log" 
         sync(0) log_fifo_size(10) create_dirs(yes) 
         owner(root) group(system) perm(0660) dir_perm(0770));
};

destination cronlog {
   file("/var/log/syslog-ng/rh-log/$HOST/cron.log" 
         sync(0) log_fifo_size(10) create_dirs(yes) 
         owner(root) group(system) perm(0660) dir_perm(0770));
};

destination daemonlog {
   file("/var/log/syslog-ng/rh-log/$HOST/daemon.log" 
         sync(0) log_fifo_size(10) create_dirs(yes) 
         owner(root) group(system) perm(0660) dir_perm(0770));
};

destination facilitylog {
	file("/var/log/syslog-ng/$FACILITY.log" sync(0) log_fifo_size(10) owner(root) group(system) perm(0660) dir_perm(0770));
};

destination verbose {
        file("/var/log/syslog-ng/verbose/$FACILITY/$PRIORITY.log" sync(0) log_fifo_size(10) create_dirs(yes) owner(root) group(system) perm(0660) dir_perm(0770));
};

# an example of other variables you can use - this type of logging gets big
# and ugly, quickly.
#destination hosttree { 
#	file("/var/log/syslog-ng/hosts/$HOST/$PROGRAM/$PRIORITY.log" sync(0) log_fifo_size(10) create_dirs(yes) owner(root)
#group(system) perm(0660) dir_perm(0770));
#};


#################################################################
# Logs:
# This brings all of the above together to make a log - logs need:
# a source
# filters (if any)
# a destination
#################################################################

log { source(src);
      filter(f_messages);
      destination(messages);
};

log { source(src);
      filter(f_bootlog);
      destination(bootlog);
};

log { source(src);
      filter(f_maillog);
      destination(maillog);
};

log { source(src);
      filter(f_authlog);
      destination(authlog);
};

log { source(src);
      filter(f_cronlog);
      destination(cronlog);
};

log { source(src);
      filter(f_kernlog);
      destination(kernlog);
};

log { source(src);
      filter(f_daemonlog);
      destination(daemonlog);
};



log { source(src); 
      filter(sshd_debug); filter(no_debug); filter(pump_renewal);
      destination(verbose); 
};

log { source(src); 
      filter(sshd_debug);  filter(no_debug); filter(pump_renewal);
      destination(facilitylog); 
};