summaryrefslogtreecommitdiffstats
path: root/abs/core/syslog-ng
diff options
context:
space:
mode:
Diffstat (limited to 'abs/core/syslog-ng')
-rw-r--r--abs/core/syslog-ng/PKGBUILD31
-rwxr-xr-xabs/core/syslog-ng/syslog-ng39
-rw-r--r--abs/core/syslog-ng/syslog-ng.conf91
-rw-r--r--abs/core/syslog-ng/syslog-ng.logrotate7
4 files changed, 168 insertions, 0 deletions
diff --git a/abs/core/syslog-ng/PKGBUILD b/abs/core/syslog-ng/PKGBUILD
new file mode 100644
index 0000000..3e5b473
--- /dev/null
+++ b/abs/core/syslog-ng/PKGBUILD
@@ -0,0 +1,31 @@
+# $Id: PKGBUILD 2319 2008-05-31 21:01:41Z eric $
+# Maintainer: Judd Vinet <jvinet@zeroflux.org>
+pkgname=syslog-ng
+pkgver=2.0.9
+pkgrel=10
+pkgdesc="Next-generation syslogd with advanced networking and filtering capabilities"
+arch=(i686 x86_64)
+license=('GPL')
+groups=('base')
+url="http://www.balabit.com/network-security/syslog-ng/"
+depends=('logrotate' 'glibc')
+makedepends=('flex' 'glib2' 'eventlog' 'pkgconfig' 'tcp_wrappers')
+provides=('logger')
+backup=('etc/syslog-ng.conf' 'etc/logrotate.d/syslog-ng')
+source=(http://www.balabit.com/downloads/files/syslog-ng/sources/stable/src/$pkgname-$pkgver.tar.gz \
+ syslog-ng.conf syslog-ng.logrotate syslog-ng)
+md5sums=('2d4232f7167c2b4f48794e4f8f80e863' 'ee95af3a4f969f3759e477289305c8c6'\
+ '9714c7479119922b55a7992677ebecb5' '9bd98250cfa49e13fa3fa731b6040549')
+
+build() {
+ cd $startdir/src/$pkgname-$pkgver
+ ./configure --prefix=/usr --sysconfdir=/etc \
+ --localstatedir=/var/lib/syslog-ng --enable-tcp-wrapper \
+ --disable-spoof-source
+ make || return 1
+ make DESTDIR=$startdir/pkg install || return 1
+ install -d $startdir/pkg/var/lib/syslog-ng
+ install -D -m644 ../syslog-ng.conf $startdir/pkg/etc/syslog-ng.conf
+ install -D -m644 ../syslog-ng.logrotate $startdir/pkg/etc/logrotate.d/syslog-ng
+ install -D -m755 ../syslog-ng $startdir/pkg/etc/rc.d/syslog-ng
+}
diff --git a/abs/core/syslog-ng/syslog-ng b/abs/core/syslog-ng/syslog-ng
new file mode 100755
index 0000000..f9d14c7
--- /dev/null
+++ b/abs/core/syslog-ng/syslog-ng
@@ -0,0 +1,39 @@
+#!/bin/bash
+
+. /etc/rc.conf
+. /etc/rc.d/functions
+
+PID=`pidof -o %PPID /usr/sbin/syslog-ng`
+case "$1" in
+ start)
+ stat_busy "Starting Syslog-NG"
+ [ -z "$PID" ] && /usr/sbin/syslog-ng
+ if [ $? -gt 0 ]; then
+ stat_fail
+ else
+ add_daemon syslog-ng
+ stat_done
+ fi
+ ;;
+ stop)
+ stat_busy "Stopping Syslog-NG"
+ [ ! -z "$PID" ] && kill $PID &> /dev/null
+ if [ $? -gt 0 ]; then
+ stat_fail
+ else
+ rm -f /var/run/syslog-ng.pid
+# Removing stale syslog-ng.persist file. It's new location, as of 2.0.6-1, is /var/lib/syslog-ng/
+ rm -f /var/syslog-ng.persist
+ rm_daemon syslog-ng
+ stat_done
+ fi
+ ;;
+ restart)
+ $0 stop
+ sleep 1
+ $0 start
+ ;;
+ *)
+ echo "usage: $0 {start|stop|restart}"
+esac
+exit 0
diff --git a/abs/core/syslog-ng/syslog-ng.conf b/abs/core/syslog-ng/syslog-ng.conf
new file mode 100644
index 0000000..d941b6a
--- /dev/null
+++ b/abs/core/syslog-ng/syslog-ng.conf
@@ -0,0 +1,91 @@
+#
+# /etc/syslog-ng.conf
+#
+
+options {
+ sync (0);
+ time_reopen (10);
+ log_fifo_size (1000);
+ long_hostnames(off);
+ use_dns (no);
+ use_fqdn (no);
+ create_dirs (no);
+ keep_hostname (yes);
+ perm(0640);
+ group("log");
+};
+
+source src {
+ unix-stream("/dev/log");
+ internal();
+ file("/proc/kmsg");
+};
+
+destination authlog { file("/var/log/auth.log"); };
+destination syslog { file("/var/log/syslog.log"); };
+destination cron { file("/var/log/crond.log"); };
+destination daemon { file("/var/log/daemon.log"); };
+destination kernel { file("/var/log/kernel.log"); };
+destination lpr { file("/var/log/lpr.log"); };
+destination user { file("/var/log/user.log"); };
+destination uucp { file("/var/log/uucp.log"); };
+destination mail { file("/var/log/mail.log"); };
+destination news { file("/var/log/news.log"); };
+destination ppp { file("/var/log/ppp.log"); };
+destination debug { file("/var/log/debug.log"); };
+destination messages { file("/var/log/messages.log"); };
+destination errors { file("/var/log/errors.log"); };
+destination everything { file("/var/log/everything.log"); };
+destination iptables { file("/var/log/iptables.log"); };
+destination acpid { file("/var/log/acpid.log"); };
+destination console { usertty("root"); };
+
+# Log everything to vc12
+destination console_all { file("/dev/vc/12"); };
+
+filter f_auth { facility(auth); };
+filter f_authpriv { facility(auth, authpriv); };
+filter f_syslog { program(syslog-ng); };
+filter f_cron { facility(cron); };
+filter f_daemon { facility(daemon); };
+filter f_kernel { facility(kern) and not filter(f_iptables); };
+filter f_lpr { facility(lpr); };
+filter f_mail { facility(mail); };
+filter f_news { facility(news); };
+filter f_user { facility(user); };
+filter f_uucp { facility(cron); };
+filter f_news { facility(news); };
+filter f_ppp { facility(local2); };
+filter f_debug { not facility(auth, authpriv, news, mail); };
+filter f_messages { level(info..warn) and not facility(auth, authpriv, mail, news, cron) and not program(syslog-ng) and not filter(f_iptables); };
+filter f_everything { level(debug..emerg) and not facility(auth, authpriv); };
+filter f_emergency { level(emerg); };
+filter f_info { level(info); };
+filter f_notice { level(notice); };
+filter f_warn { level(warn); };
+filter f_crit { level(crit); };
+filter f_err { level(err); };
+filter f_iptables { match("IN=.*OUT="); };
+filter f_acpid { match("acpid"); };
+
+log { source(src); filter(f_acpid); destination(acpid); flags(final); };
+log { source(src); filter(f_authpriv); destination(authlog); };
+log { source(src); filter(f_syslog); destination(syslog); };
+log { source(src); filter(f_cron); destination(cron); };
+log { source(src); filter(f_daemon); destination(daemon); };
+log { source(src); filter(f_kernel); destination(kernel); };
+log { source(src); filter(f_lpr); destination(lpr); };
+log { source(src); filter(f_mail); destination(mail); };
+log { source(src); filter(f_news); destination(news); };
+log { source(src); filter(f_ppp); destination(ppp); };
+log { source(src); filter(f_user); destination(user); };
+log { source(src); filter(f_uucp); destination(uucp); };
+#log { source(src); filter(f_debug); destination(debug); };
+log { source(src); filter(f_messages); destination(messages); };
+log { source(src); filter(f_err); destination(errors); };
+log { source(src); filter(f_emergency); destination(console); };
+log { source(src); filter(f_everything); destination(everything); };
+log { source(src); filter(f_iptables); destination(iptables); };
+
+# Log everything to vc12
+#log { source(src); destination(console_all); };
diff --git a/abs/core/syslog-ng/syslog-ng.logrotate b/abs/core/syslog-ng/syslog-ng.logrotate
new file mode 100644
index 0000000..75da1b0
--- /dev/null
+++ b/abs/core/syslog-ng/syslog-ng.logrotate
@@ -0,0 +1,7 @@
+/var/log/messages.log /var/log/auth.log /var/log/mail.log /var/log/kernel.log /var/log/errors.log /var/log/daemon.log /var/log/user.log /var/log/iptables.log /var/log/everything.log /var/log/syslog.log /var/log/acpid.log {
+ missingok
+ sharedscripts
+ postrotate
+ /bin/kill -HUP `cat /var/run/syslog-ng.pid 2>/dev/null` 2> /dev/null || true
+ endscript
+}