Commit 503ff308 authored by thomas.forbriger's avatar thomas.forbriger

syslog-ng [DOC]: syslog configuration

- update syslog-ng configuration file to be applicable to syslog-ng 3.7.1
- place some notes regarding syslog service in README
parent cd2b9e19
......@@ -3,4 +3,36 @@ this is <README.syslog>
how csback uses the system logger
---------------------------------
csback tools log their activity and the result status of the processes through
system log services. They essentially use two different mechanisms to send log
messages:
1. Shell scripts commonly use /usr/bin/logger which sends messages to the
system directly such that they are received through /dev/log or similar.
2. Python programs use csbacklog.py which makes use of tools provided by
python package logging.handlers. This sends log messages to localhost port
3333 and requires a matching reception mechanism.
Log messages are expected to be written to /var/log/csback.log and
additionally to /var/log/csback.status if critical. A configuration file
csback_syslog-ng.conf for syslog-ng is provided.
Notice:
- csbackntfy.py is used to scan the log files and to create messages reports
on the terminal or to be sent via email. This tool is not able to read ISO
formatted time stamps. Therefore do not use ISODATE in the configuration
file!
- csbackntfy.py creates a default sender address from general system settings
(user name and full qualified hostname). It will abort if no full qualified
hostname is available. If your host is not known to name server (DNS
service) place an appropriate line in /etc/hosts for the loopback IP.
Example:
127.0.0.1 host.full-qualified.domain.name host localhost
where host.full-qualified.domain.name represents the full qualified
hostname.
----- END OF README.syslog -----
......@@ -3,11 +3,15 @@
# csback syslog-ng V3.0 snippet by Daniel Armbruster
#
# Copy the content of this file to /etc/syslog-ng/syslog-ng.conf or simply add
#
# include "path/to/this/file";
# Alternatively copy this file to /etc/syslog-ng/conf.d
#
# -----------------------------------------------------------------------------
# $Id$
# This version was tested with syslog-ng 3.7.1
#
# The configuration expects a source called "src" being defined in the system
# configration.
#
# See README.syslog for general comments.
# -----------------------------------------------------------------------------
#
# REVISION:
......@@ -17,45 +21,48 @@
# 2016/07/15 V1.3 csback uses strange source definitions
# a recent version of syslog-ng complains
# the changes make csback messages be properly logged
# 2016/07/25 V1.4 adjust to operate correctly with recent version of
# syslog
#
# =============================================================================
# general
options {
chain_hostnames(no);
use_dns(persist_only);
dns_cache_hosts(/etc/hosts);
# use network port for phython logging mechanism
source csback {
tcp(ip(0.0.0.0) port(3333));
udp(ip(0.0.0.0) port(3333));
};
# csback related
source csback {
tcp(ip(127.0.0.1) port(3333));
udp(ip(127.0.0.1) port(3333));
};
filter fil_csback { match('^csback' value(MSG)); };
filter fil_csback { match('.*csback.*'); };
destination csbacklog {
file("/var/log/csback.log"
perm(0644) fsync(yes)
template("$DATE $HOST $MSG\n")
template("${DATE} ${FULLHOST} ${MSGHDR}${MSG}\n")
template-escape(no));
};
log { source(src); source(csback); filter(fil_csback); destination(csbacklog); };
log { source(csback); source(src);
filter(fil_csback);
destination(csbacklog); };
# log CRITICAL messages to additional status file (for csbackntfy)
destination csbackStatus {
file("/var/log/csback.status"
perm(0666) fsync(yes)
template("$DATE $HOST $MSG\n")
template("${DATE} ${FULLHOST} ${MSGHDR}${MSG}\n")
template-escape(no));
};
filter fil_csbackCritical { message('.*csback.*CRITICAL.*'); };
log { source(src); source(csback); filter(fil_csbackCritical); destination(csbackStatus); };
filter fil_csbackCritical { match('.*csback.*CRITICAL.*'); };
log { source(csback); source(src);
filter(fil_csbackCritical);
destination(csbackStatus); };
# BFO2LSDF related
#source BFOLSDFsrc { unix-stream("/dev/log"); internal(); };
filter fil_BFO2LSDF { message('.*BFO2LSDF.*'); };
log { source(src); filter(fil_BFO2LSDF); destination(csbacklog); };
filter fil_BFO2LSDF { match('.*BFO2LSDF.*'); };
log { source(csback); source(src);
filter(fil_BFO2LSDF);
destination(csbacklog); };
# csclean related
filter fil_csclean { message('.*csclean.*'); };
log { source(src); filter(fil_csclean); destination(csbacklog); };
filter fil_csclean { match('.*csclean.*'); };
log { source(csback); source(src);
filter(fil_csclean);
destination(csbacklog); };
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment