ports/sysutils/syslog-ng/files/syslog-ng.conf

# syslog-ng configuration file for OpenBSD.
# This should provide behavior similar to OpenBSD's syslog.conf(5).

@version: 3.38
@requires openbsd
@include "scl.conf"

options { 
	use_dns(no);
	dns_cache(no);
	create_dirs(no);
	keep_hostname(yes);
};

source s_local {
	openbsd();
	unix-dgram ("/dev/log");
	internal();
};

#source s_net {
#	udp(port(514));
#};

destination d_console	{ file("/dev/console");		};
destination d_messages	{ file("/var/log/messages" owner(root) group(wheel) perm(0644));	};
destination d_authlog	{ file("/var/log/authlog" owner(root) group(wheel) perm(0640));	};
destination d_secure	{ file("/var/log/secure" owner(root) group(wheel) perm(0600));	};
destination d_cronlog	{ file("/var/cron/log" owner(root) group(wheel) perm(0600));	};
destination d_daemon	{ file("/var/log/daemon" owner(root) group(wheel) perm(0640));	};
destination d_xferlog	{ file("/var/log/xferlog" owner(root) group(wheel) perm(0640));	};
destination d_lpderrs	{ file("/var/log/lpd-errs" owner(root) group(wheel) perm(0640));	};
destination d_maillog	{ file("/var/log/maillog" owner(root) group(wheel) perm(0600));	};
destination d_doaslog	{ file("/var/log/doas");	};
destination d_ttyall	{ usertty("*");			};
destination d_ttyroot	{ usertty("root");		};
destination d_loghost	{ udp("loghost" port(514));	};

filter f_notice {
	level(notice .. emerg)
	and not(facility(auth,authpriv,cron,ftp,kern,lpr,mail,user));
};
filter f_kerndebug {
	level(debug .. emerg) and facility(kern);
};
filter f_msginfo {
	level(info .. emerg) and facility(syslog,user);
};
filter f_authinfo {
	level(info .. emerg) and facility(auth);
};
filter f_authprivdebug {
	level(debug .. emerg) and facility(authpriv);
};
filter f_croninfo {
	level(info .. emerg) and facility(cron);
};
filter f_daemoninfo {
	level(info .. emerg) and facility(daemon);
};
filter f_ftpinfo {
	level(info .. emerg) and facility(ftp);
};
filter f_lprdebug {
	level(debug .. emerg) and facility(lpr);
};
filter f_mailinfo {
	level(info .. emerg) and facility(mail);
};
filter f_emerg {
	level(emerg);
};
filter f_to_console {
	not (facility(authpriv)) and
	((level(notice .. emerg) and facility(auth))
	or (level(debug .. emerg) and facility(kern))
	or (level(crit .. emerg) and facility(mail))
	or level(err .. emerg));
};
filter f_to_root {
	(level(debug .. emerg) and facility(auth))
	or (level(notice .. emerg));
};
filter f_to_loghost {
	(level(notice .. emerg) and
	  not (facility(auth,authpriv,cron,ftp,kern,lpr,mail,user)))
	or (level(info .. emerg) and facility(auth,daemon,syslog,user))
	or (level(debug .. emerg) and facility(authpriv,kern));
};
filter f_prog_doas {
	program("doas");
};

log { source(s_local); filter(f_notice);	destination(d_messages);};
log { source(s_local); filter(f_kerndebug);	destination(d_messages);};
log { source(s_local); filter(f_msginfo);	destination(d_messages);};
log { source(s_local); filter(f_authinfo);	destination(d_authlog);	};
log { source(s_local); filter(f_authprivdebug);	destination(d_secure);	};
log { source(s_local); filter(f_croninfo);	destination(d_cronlog);	};
log { source(s_local); filter(f_daemoninfo);	destination(d_daemon);	};
log { source(s_local); filter(f_ftpinfo);	destination(d_xferlog);	};
log { source(s_local); filter(f_lprdebug);	destination(d_lpderrs);	};
log { source(s_local); filter(f_mailinfo);	destination(d_maillog);	};

# Uncomment this line to send "important" messages to the system
# console: be aware that this could create lots of output.
#log { source(s_local); filter(f_to_console);	destination(d_console);	};

# Uncomment this to have all messages of notice level and higher
# as well as all authentication messages sent to root.
#log { source(s_local); filter(f_to_root);	destination(d_ttyroot);	};

# Uncomment if you want everyone to get emergency messages.
#log { source(s_local); filter(f_emerg);	destination(d_ttyall);	};

# Uncomment to log to a central host named "loghost".
#log { source(s_local); filter(f_to_loghost);	destination(d_loghost);	};

# Uncomment to log messages from doas(1) to its own log file.  Matches are done
# based on the program name.
# Program-specific logs:
#log { source(s_local); filter(f_prog_doas);	destination(d_doaslog);	};

# Uncomment to log messages from the network.
# Note: it is recommended to specify a different destination here.
#log { source(s_net); destination(d_messages); };
SecBSD's official ports repository 2023-08-16 22:26:55 +00:00			`# syslog-ng configuration file for OpenBSD.`
			`# This should provide behavior similar to OpenBSD's syslog.conf(5).`

			`@version: 3.38`
			`@requires openbsd`
			`@include "scl.conf"`

			`options {`
			`use_dns(no);`
			`dns_cache(no);`
			`create_dirs(no);`
			`keep_hostname(yes);`
			`};`

			`source s_local {`
			`openbsd();`
			`unix-dgram ("/dev/log");`
			`internal();`
			`};`

			`#source s_net {`
			`# udp(port(514));`
			`#};`

			`destination d_console { file("/dev/console"); };`
			`destination d_messages { file("/var/log/messages" owner(root) group(wheel) perm(0644)); };`
			`destination d_authlog { file("/var/log/authlog" owner(root) group(wheel) perm(0640)); };`
			`destination d_secure { file("/var/log/secure" owner(root) group(wheel) perm(0600)); };`
			`destination d_cronlog { file("/var/cron/log" owner(root) group(wheel) perm(0600)); };`
			`destination d_daemon { file("/var/log/daemon" owner(root) group(wheel) perm(0640)); };`
			`destination d_xferlog { file("/var/log/xferlog" owner(root) group(wheel) perm(0640)); };`
			`destination d_lpderrs { file("/var/log/lpd-errs" owner(root) group(wheel) perm(0640)); };`
			`destination d_maillog { file("/var/log/maillog" owner(root) group(wheel) perm(0600)); };`
			`destination d_doaslog { file("/var/log/doas"); };`
			`destination d_ttyall { usertty("*"); };`
			`destination d_ttyroot { usertty("root"); };`
			`destination d_loghost { udp("loghost" port(514)); };`

			`filter f_notice {`
			`level(notice .. emerg)`
			`and not(facility(auth,authpriv,cron,ftp,kern,lpr,mail,user));`
			`};`
			`filter f_kerndebug {`
			`level(debug .. emerg) and facility(kern);`
			`};`
			`filter f_msginfo {`
			`level(info .. emerg) and facility(syslog,user);`
			`};`
			`filter f_authinfo {`
			`level(info .. emerg) and facility(auth);`
			`};`
			`filter f_authprivdebug {`
			`level(debug .. emerg) and facility(authpriv);`
			`};`
			`filter f_croninfo {`
			`level(info .. emerg) and facility(cron);`
			`};`
			`filter f_daemoninfo {`
			`level(info .. emerg) and facility(daemon);`
			`};`
			`filter f_ftpinfo {`
			`level(info .. emerg) and facility(ftp);`
			`};`
			`filter f_lprdebug {`
			`level(debug .. emerg) and facility(lpr);`
			`};`
			`filter f_mailinfo {`
			`level(info .. emerg) and facility(mail);`
			`};`
			`filter f_emerg {`
			`level(emerg);`
			`};`
			`filter f_to_console {`
			`not (facility(authpriv)) and`
			`((level(notice .. emerg) and facility(auth))`
			`or (level(debug .. emerg) and facility(kern))`
			`or (level(crit .. emerg) and facility(mail))`
			`or level(err .. emerg));`
			`};`
			`filter f_to_root {`
			`(level(debug .. emerg) and facility(auth))`
			`or (level(notice .. emerg));`
			`};`
			`filter f_to_loghost {`
			`(level(notice .. emerg) and`
			`not (facility(auth,authpriv,cron,ftp,kern,lpr,mail,user)))`
			`or (level(info .. emerg) and facility(auth,daemon,syslog,user))`
			`or (level(debug .. emerg) and facility(authpriv,kern));`
			`};`
			`filter f_prog_doas {`
			`program("doas");`
			`};`

			`log { source(s_local); filter(f_notice); destination(d_messages);};`
			`log { source(s_local); filter(f_kerndebug); destination(d_messages);};`
			`log { source(s_local); filter(f_msginfo); destination(d_messages);};`
			`log { source(s_local); filter(f_authinfo); destination(d_authlog); };`
			`log { source(s_local); filter(f_authprivdebug); destination(d_secure); };`
			`log { source(s_local); filter(f_croninfo); destination(d_cronlog); };`
			`log { source(s_local); filter(f_daemoninfo); destination(d_daemon); };`
			`log { source(s_local); filter(f_ftpinfo); destination(d_xferlog); };`
			`log { source(s_local); filter(f_lprdebug); destination(d_lpderrs); };`
			`log { source(s_local); filter(f_mailinfo); destination(d_maillog); };`

			`# Uncomment this line to send "important" messages to the system`
			`# console: be aware that this could create lots of output.`
			`#log { source(s_local); filter(f_to_console); destination(d_console); };`

			`# Uncomment this to have all messages of notice level and higher`
			`# as well as all authentication messages sent to root.`
			`#log { source(s_local); filter(f_to_root); destination(d_ttyroot); };`

			`# Uncomment if you want everyone to get emergency messages.`
			`#log { source(s_local); filter(f_emerg); destination(d_ttyall); };`

			`# Uncomment to log to a central host named "loghost".`
			`#log { source(s_local); filter(f_to_loghost); destination(d_loghost); };`

			`# Uncomment to log messages from doas(1) to its own log file. Matches are done`
			`# based on the program name.`
			`# Program-specific logs:`
			`#log { source(s_local); filter(f_prog_doas); destination(d_doaslog); };`

			`# Uncomment to log messages from the network.`
			`# Note: it is recommended to specify a different destination here.`
			`#log { source(s_net); destination(d_messages); };`