1 files changed, 62 insertions, 146 deletions
diff --git a/remote/modules/rsyslogd/data/etc/rsyslog.conf b/remote/modules/rsyslogd/data/etc/rsyslog.conf
index e2548c99..3099f250 100644
--- a/remote/modules/rsyslogd/data/etc/rsyslog.conf
+++ b/remote/modules/rsyslogd/data/etc/rsyslog.conf
@@ -1,169 +1,85 @@
-##
-## === When you're using remote logging, enable on-disk queues ===  
-## === in rsyslog.d/remote.conf. When neccesary also set the   ===
-## === SYSLOG_REQUIRES_NETWORK=yes in /etc/sysconfig/syslog,   ===
-## === e.g. when rsyslog has to receive on a specific IP only. ===
-##
-## Note, that when the MYSQL, PGSQL, GSSAPI, GnuTLS or SNMP modules
-## (provided in separate rsyslog-module-* packages) are enabled, the
-## configuration can't be used on a system with /usr on a remote
-## filesystem, except on newer systems where initrd mounts /usr.
-## [The modules are linked against libraries installed bellow of
-##  /usr thus also installed in /usr/lib*/rsyslog because of this.]
-##
-
+#  /etc/rsyslog.conf    Configuration file for rsyslogd.
 #
-# if you experience problems, check
-# http://www.rsyslog.com/troubleshoot for assistance
-# and report them at http://bugzilla.novell.com/
+#                       For more information see
+#                       /usr/share/doc/rsyslog/html/rsyslog_conf.html
+#
+# First some standard logfiles.  Log by facility.
 #
 
-# since rsyslog v3: load input modules
-# If you do not load inputs, nothing happens!
-
-# provides --MARK-- message capability (every 1 hour)
-$ModLoad immark.so
+$ModLoad imuxsock # provides support for local system logging
+$ModLoad imklog   # provides kernel logging support (previously done by rklogd)
+$ModLoad immark
 $MarkMessagePeriod      3600
-
-# provides support for local system logging (e.g. via logger command)
-$ModLoad imuxsock.so
-
-# reduce dupplicate log messages (last message repeated n times)
 $RepeatedMsgReduction   on
 
-# kernel logging (may be also provided by /sbin/klogd)
-# see also http://www.rsyslog.com/doc-imklog.html.
-$ModLoad imklog.so
-# set log level 1 (same as in /etc/sysconfig/syslog).
-$klogConsoleLogLevel    1
-
-# Use rsyslog native, rfc5424 conform log format as default
-# ($ActionFileDefaultTemplate RSYSLOG_FileFormat).
-#
-# To change a single file to use obsolete BSD syslog format
-# (rfc 3164, no high-precision timestamps), set the variable
-# bellow or append ";RSYSLOG_FileFormat" to the filename.
-# See
-#   http://www.rsyslog.com/doc/rsyslog_conf_templates.html
-# for more informations.
-#
-#$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
-
-#
-# Include config generated by /etc/init.d/syslog script
-# using the SYSLOGD_ADDITIONAL_SOCKET* variables in the
-# /etc/sysconfig/syslog file.
-#
-#$IncludeConfig /var/run/rsyslog/additional-log-sockets.conf
-
-#
-# Include config files, that the admin provided? :
-#
-$IncludeConfig /etc/rsyslog.d/*.conf
-
 
-###
-# print most important on tty10 and on the xconsole pipe
-#
-if	( \
-	    /* kernel up to warning except of firewall  */ \
-	    ($syslogfacility-text == 'kern')      and      \
-	    ($syslogseverity <= 4 /* warning */ ) and not  \
-	    ($msg contains 'IN=' and $msg contains 'OUT=') \
-	) or ( \
-	    /* up to errors except of facility authpriv */ \
-	    ($syslogseverity <= 3 /* errors  */ ) and not  \
-	    ($syslogfacility-text == 'authpriv')           \
-	) \
-then	/dev/tty10
-&	|/dev/console
+if      ( \
+            /* kernel up to warning except of firewall  */ \
+            ($syslogfacility-text == 'kern')      and      \
+            ($syslogseverity <= 4 /* warning */ ) and not  \
+            ($msg contains 'IN=' and $msg contains 'OUT=') \
+        ) or ( \
+            /* up to errors except of facility authpriv */ \
+            ($syslogseverity <= 3 /* errors  */ ) and not  \
+            ($syslogfacility-text == 'authpriv')           \
+        ) \
+then    /dev/tty10
+&       |/dev/console
 
 
-# Emergency messages to everyone logged on (wall)
-*.emerg					 :omusrmsg:*
-
-# enable this, if you want that root is informed
-# immediately, e.g. of logins
-#*.alert				root
-
 
+auth,authpriv.*                 /var/log/auth.log
+*.*;auth,authpriv.none          -/var/log/syslog
+#cron.*                         /var/log/cron.log
+daemon.*                        -/var/log/daemon.log
+kern.*                          -/var/log/kern.log
+lpr.*                           -/var/log/lpr.log
+mail.*                          -/var/log/mail.log
+user.*                          -/var/log/user.log
 #
-# firewall messages into separate file and stop their further processing
+# Logging for the mail system.  Split it up so that
+# it is easy to write scripts to parse these files.
 #
-if	($syslogfacility-text == 'kern') and \
-	($msg contains 'IN=' and $msg contains 'OUT=') \
-then	-/var/log/firewall
-&	~
-
-
+mail.info                       -/var/log/mail.info
+mail.warn                       -/var/log/mail.warn
+mail.err                        /var/log/mail.err
 #
-# acpid messages into separate file and stop their further processing
+# Logging for INN news system
 #
-# => all acpid messages for debuging (uncomment if needed):
-#if	($programname == 'acpid' or $syslogtag == '[acpid]:') then \
-#	-/var/log/acpid
+news.crit                       /var/log/news/news.crit
+news.err                        /var/log/news/news.err
+news.notice                     -/var/log/news/news.notice
 #
-# => up to notice (skip info and debug)
-if	($programname == 'acpid' or $syslogtag == '[acpid]:') and \
-	($syslogseverity <= 5 /* notice */) \
-then	-/var/log/acpid
-&	~
-
-
+# Some `catch-all' logfiles.
 #
-# NetworkManager into separate file and stop their further processing
+*.=debug;\
+        auth,authpriv.none;\
+        news.none;mail.none     -/var/log/debug
+*.=info;*.=notice;*.=warn;\
+        auth,authpriv.none;\
+        cron,daemon.none;\
+        mail,news.none          -/var/log/messages
 #
-if      ($programname == 'NetworkManager') or \
-	($programname startswith 'nm-') \
-then	-/var/log/NetworkManager
-&	~
-
-
+# Emergencies are sent to everybody logged in.
 #
-# email-messages
-#
-mail.*					-/var/log/mail
-mail.info				-/var/log/mail.info
-mail.warning				-/var/log/mail.warn
-mail.err				 /var/log/mail.err
-
-
+*.emerg                         *
 #
-# news-messages
+# I like to have messages displayed on the console, but only on a virtual
+# console I usually leave idle.
 #
-news.crit				-/var/log/news/news.crit
-news.err				-/var/log/news/news.err
-news.notice				-/var/log/news/news.notice
-# enable this, if you want to keep all news messages
-# in one file
-#news.*					-/var/log/news.all
-
-
+#daemon,mail.*;\
+#       news.=crit;news.=err;news.=notice;\
+#       *.=debug;*.=info;\
+#       *.=notice;*.=warn       /dev/tty8
+# The named pipe /dev/xconsole is for the `xconsole' utility.  To use it,
+# you must invoke `xconsole' with the `-file' option:
 #
-# Warnings in one file
+#    $ xconsole -file /dev/xconsole [...]
 #
-*.=warning;*.=err			-/var/log/warn
-*.crit					 /var/log/warn
-
-
+# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
+#      busy site..
 #
-# the rest in one file
-#
-*.*;mail.none;news.none			-/var/log/messages
-
-
-#
-# enable this, if you want to keep all messages
-# in one file
-#*.*					-/var/log/allmessages
-
-
-#
-# Some foreign boot scripts require local7
-#
-local0.*;local1.*			-/var/log/localmessages
-local2.*;local3.*			-/var/log/localmessages
-local4.*;local5.*			-/var/log/localmessages
-local6.*;local7.*			-/var/log/localmessages
-
-###
+daemon.*;mail.*;\
+        news.err;\
+        *.=debug;*.=info;\
+        *.=notice;*.=warn       |/dev/console