Annotation of src/etc/syslog.conf, Revision 1.16
1.16 ! camield 1: # $OpenBSD: syslog.conf,v 1.15 2005/05/05 19:11:28 jmc Exp $
1.2 deraadt 2: #
1.3 millert 3:
1.12 camield 4: *.notice;auth,authpriv,cron,ftp,kern,lpr,mail,user.none /var/log/messages
1.16 ! camield 5: kern.debug;syslog,user.info /var/log/messages
1.3 millert 6: auth.info /var/log/authlog
7: authpriv.debug /var/log/secure
8: cron.info /var/cron/log
9: daemon.info /var/log/daemon
10: ftp.info /var/log/xferlog
11: lpr.debug /var/log/lpd-errs
12: mail.info /var/log/maillog
13: #uucp.info /var/log/uucp
14:
1.14 beck 15: # Uncomment this line to send "important" messages to the system
1.15 jmc 16: # console: be aware that this could create lots of output.
1.16 ! camield 17: #*.err;auth.notice;authpriv.none;kern.debug;mail.crit /dev/console
1.14 beck 18:
19: # Uncomment this to have all messages of notice level and higher
20: # as well as all authentication messages sent to root.
1.16 ! camield 21: #*.notice;auth.debug root
1.14 beck 22:
23: # Everyone gets emergency messages.
1.3 millert 24: *.emerg *
25:
1.16 ! camield 26: # Uncomment to log to a central host named "loghost". You need to run
1.5 deraadt 27: # syslogd with the -u option on the remote host if you are using this.
28: # (This is also required to log info from things like routers and
29: # ISDN-equipment). If you run -u, you are vulnerable to syslog bombing,
1.16 ! camield 30: # and should consider blocking external syslog packets.
1.3 millert 31: #*.notice;auth,authpriv,cron,ftp,kern,lpr,mail,user.none @loghost
1.16 ! camield 32: #auth,daemon,syslog,user.info;authpriv,kern.debug @loghost
1.6 millert 33:
34: # Uncomment to log messages from sudo(8) and chat(8) to their own
1.16 ! camield 35: # respective log files. Matches are done based on the program name.
1.6 millert 36: # Program-specific logs:
37: #!sudo
38: #*.* /var/log/sudo
39: #!chat
40: #*.* /var/log/chat