diff options
Diffstat (limited to 'abs/core/syslog-ng')
-rw-r--r-- | abs/core/syslog-ng/PKGBUILD | 31 | ||||
-rwxr-xr-x | abs/core/syslog-ng/syslog-ng | 39 | ||||
-rw-r--r-- | abs/core/syslog-ng/syslog-ng.conf | 91 | ||||
-rw-r--r-- | abs/core/syslog-ng/syslog-ng.logrotate | 7 |
4 files changed, 168 insertions, 0 deletions
diff --git a/abs/core/syslog-ng/PKGBUILD b/abs/core/syslog-ng/PKGBUILD new file mode 100644 index 0000000..3e5b473 --- /dev/null +++ b/abs/core/syslog-ng/PKGBUILD @@ -0,0 +1,31 @@ +# $Id: PKGBUILD 2319 2008-05-31 21:01:41Z eric $ +# Maintainer: Judd Vinet <jvinet@zeroflux.org> +pkgname=syslog-ng +pkgver=2.0.9 +pkgrel=10 +pkgdesc="Next-generation syslogd with advanced networking and filtering capabilities" +arch=(i686 x86_64) +license=('GPL') +groups=('base') +url="http://www.balabit.com/network-security/syslog-ng/" +depends=('logrotate' 'glibc') +makedepends=('flex' 'glib2' 'eventlog' 'pkgconfig' 'tcp_wrappers') +provides=('logger') +backup=('etc/syslog-ng.conf' 'etc/logrotate.d/syslog-ng') +source=(http://www.balabit.com/downloads/files/syslog-ng/sources/stable/src/$pkgname-$pkgver.tar.gz \ + syslog-ng.conf syslog-ng.logrotate syslog-ng) +md5sums=('2d4232f7167c2b4f48794e4f8f80e863' 'ee95af3a4f969f3759e477289305c8c6'\ + '9714c7479119922b55a7992677ebecb5' '9bd98250cfa49e13fa3fa731b6040549') + +build() { + cd $startdir/src/$pkgname-$pkgver + ./configure --prefix=/usr --sysconfdir=/etc \ + --localstatedir=/var/lib/syslog-ng --enable-tcp-wrapper \ + --disable-spoof-source + make || return 1 + make DESTDIR=$startdir/pkg install || return 1 + install -d $startdir/pkg/var/lib/syslog-ng + install -D -m644 ../syslog-ng.conf $startdir/pkg/etc/syslog-ng.conf + install -D -m644 ../syslog-ng.logrotate $startdir/pkg/etc/logrotate.d/syslog-ng + install -D -m755 ../syslog-ng $startdir/pkg/etc/rc.d/syslog-ng +} diff --git a/abs/core/syslog-ng/syslog-ng b/abs/core/syslog-ng/syslog-ng new file mode 100755 index 0000000..f9d14c7 --- /dev/null +++ b/abs/core/syslog-ng/syslog-ng @@ -0,0 +1,39 @@ +#!/bin/bash + +. /etc/rc.conf +. /etc/rc.d/functions + +PID=`pidof -o %PPID /usr/sbin/syslog-ng` +case "$1" in + start) + stat_busy "Starting Syslog-NG" + [ -z "$PID" ] && /usr/sbin/syslog-ng + if [ $? -gt 0 ]; then + stat_fail + else + add_daemon syslog-ng + stat_done + fi + ;; + stop) + stat_busy "Stopping Syslog-NG" + [ ! -z "$PID" ] && kill $PID &> /dev/null + if [ $? -gt 0 ]; then + stat_fail + else + rm -f /var/run/syslog-ng.pid +# Removing stale syslog-ng.persist file. It's new location, as of 2.0.6-1, is /var/lib/syslog-ng/ + rm -f /var/syslog-ng.persist + rm_daemon syslog-ng + stat_done + fi + ;; + restart) + $0 stop + sleep 1 + $0 start + ;; + *) + echo "usage: $0 {start|stop|restart}" +esac +exit 0 diff --git a/abs/core/syslog-ng/syslog-ng.conf b/abs/core/syslog-ng/syslog-ng.conf new file mode 100644 index 0000000..d941b6a --- /dev/null +++ b/abs/core/syslog-ng/syslog-ng.conf @@ -0,0 +1,91 @@ +# +# /etc/syslog-ng.conf +# + +options { + sync (0); + time_reopen (10); + log_fifo_size (1000); + long_hostnames(off); + use_dns (no); + use_fqdn (no); + create_dirs (no); + keep_hostname (yes); + perm(0640); + group("log"); +}; + +source src { + unix-stream("/dev/log"); + internal(); + file("/proc/kmsg"); +}; + +destination authlog { file("/var/log/auth.log"); }; +destination syslog { file("/var/log/syslog.log"); }; +destination cron { file("/var/log/crond.log"); }; +destination daemon { file("/var/log/daemon.log"); }; +destination kernel { file("/var/log/kernel.log"); }; +destination lpr { file("/var/log/lpr.log"); }; +destination user { file("/var/log/user.log"); }; +destination uucp { file("/var/log/uucp.log"); }; +destination mail { file("/var/log/mail.log"); }; +destination news { file("/var/log/news.log"); }; +destination ppp { file("/var/log/ppp.log"); }; +destination debug { file("/var/log/debug.log"); }; +destination messages { file("/var/log/messages.log"); }; +destination errors { file("/var/log/errors.log"); }; +destination everything { file("/var/log/everything.log"); }; +destination iptables { file("/var/log/iptables.log"); }; +destination acpid { file("/var/log/acpid.log"); }; +destination console { usertty("root"); }; + +# Log everything to vc12 +destination console_all { file("/dev/vc/12"); }; + +filter f_auth { facility(auth); }; +filter f_authpriv { facility(auth, authpriv); }; +filter f_syslog { program(syslog-ng); }; +filter f_cron { facility(cron); }; +filter f_daemon { facility(daemon); }; +filter f_kernel { facility(kern) and not filter(f_iptables); }; +filter f_lpr { facility(lpr); }; +filter f_mail { facility(mail); }; +filter f_news { facility(news); }; +filter f_user { facility(user); }; +filter f_uucp { facility(cron); }; +filter f_news { facility(news); }; +filter f_ppp { facility(local2); }; +filter f_debug { not facility(auth, authpriv, news, mail); }; +filter f_messages { level(info..warn) and not facility(auth, authpriv, mail, news, cron) and not program(syslog-ng) and not filter(f_iptables); }; +filter f_everything { level(debug..emerg) and not facility(auth, authpriv); }; +filter f_emergency { level(emerg); }; +filter f_info { level(info); }; +filter f_notice { level(notice); }; +filter f_warn { level(warn); }; +filter f_crit { level(crit); }; +filter f_err { level(err); }; +filter f_iptables { match("IN=.*OUT="); }; +filter f_acpid { match("acpid"); }; + +log { source(src); filter(f_acpid); destination(acpid); flags(final); }; +log { source(src); filter(f_authpriv); destination(authlog); }; +log { source(src); filter(f_syslog); destination(syslog); }; +log { source(src); filter(f_cron); destination(cron); }; +log { source(src); filter(f_daemon); destination(daemon); }; +log { source(src); filter(f_kernel); destination(kernel); }; +log { source(src); filter(f_lpr); destination(lpr); }; +log { source(src); filter(f_mail); destination(mail); }; +log { source(src); filter(f_news); destination(news); }; +log { source(src); filter(f_ppp); destination(ppp); }; +log { source(src); filter(f_user); destination(user); }; +log { source(src); filter(f_uucp); destination(uucp); }; +#log { source(src); filter(f_debug); destination(debug); }; +log { source(src); filter(f_messages); destination(messages); }; +log { source(src); filter(f_err); destination(errors); }; +log { source(src); filter(f_emergency); destination(console); }; +log { source(src); filter(f_everything); destination(everything); }; +log { source(src); filter(f_iptables); destination(iptables); }; + +# Log everything to vc12 +#log { source(src); destination(console_all); }; diff --git a/abs/core/syslog-ng/syslog-ng.logrotate b/abs/core/syslog-ng/syslog-ng.logrotate new file mode 100644 index 0000000..75da1b0 --- /dev/null +++ b/abs/core/syslog-ng/syslog-ng.logrotate @@ -0,0 +1,7 @@ +/var/log/messages.log /var/log/auth.log /var/log/mail.log /var/log/kernel.log /var/log/errors.log /var/log/daemon.log /var/log/user.log /var/log/iptables.log /var/log/everything.log /var/log/syslog.log /var/log/acpid.log { + missingok + sharedscripts + postrotate + /bin/kill -HUP `cat /var/run/syslog-ng.pid 2>/dev/null` 2> /dev/null || true + endscript +} |