편집을 취소할 수 있습니다. 이 편집을 되돌리려면 아래의 바뀐 내용을 확인한 후 게시해주세요.
최신판 | 당신의 편집 | ||
1번째 줄: | 1번째 줄: | ||
==개요== | ==개요== | ||
;/etc/rsyslog.conf | ;/etc/rsyslog.conf | ||
* [[rsyslog]] 설정 파일 | ;rsyslog.conf | ||
*[[syslog]] 설정 파일 | |||
*[[rsyslog]] 또는 [[sysklogd]]의 설정 파일 | |||
== | ==내용== | ||
< | <source lang='bash'> | ||
# | # rsyslog v5 configuration file | ||
# For more information see /usr/share/doc/rsyslog-*/rsyslog_conf.html | |||
# If you experience problems, see http://www.rsyslog.com/doc/troubleshoot.html | |||
#### MODULES #### | #### MODULES #### | ||
$ModLoad imuxsock # provides support for local system logging (e.g. via logger command) | |||
$ModLoad imklog # provides kernel logging support (previously done by rklogd) | |||
# | #$ModLoad immark # provides --MARK-- message capability | ||
# | # Provides UDP syslog reception | ||
# | #$ModLoad imudp | ||
# | #$UDPServerRun 514 | ||
# | # Provides TCP syslog reception | ||
# | #$ModLoad imtcp | ||
# | #$InputTCPServerRun 514 | ||
#### GLOBAL DIRECTIVES #### | #### GLOBAL DIRECTIVES #### | ||
# Use default timestamp format | |||
# Use | |||
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat | $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat | ||
# | # File syncing capability is disabled by default. This feature is usually not required, | ||
$ | # not useful and an extreme performance hit | ||
#$ActionFileEnableSync on | |||
# Include all config files in /etc/rsyslog.d/ | # Include all config files in /etc/rsyslog.d/ | ||
$IncludeConfig /etc/rsyslog.d/*.conf | $IncludeConfig /etc/rsyslog.d/*.conf | ||
#### RULES #### | |||
# | # Log all kernel messages to the console. | ||
# | # Logging much else clutters up the screen. | ||
# | #kern.* /dev/console | ||
# Log anything (except mail) of level info or higher. | |||
# Don't log private authentication messages! | |||
*.info;mail.none;authpriv.none;cron.none /var/log/messages | |||
# | # The authpriv file has restricted access. | ||
authpriv.* /var/log/secure | |||
# | # Log all the mail messages in one place. | ||
mail.* -/var/log/maillog | |||
# | # Log cron stuff | ||
cron.* /var/log/cron | |||
# | # Everybody gets emergency messages | ||
*.emerg * | |||
# | # Save news errors of level crit and higher in a special file. | ||
uucp,news.crit /var/log/spooler | |||
# | # Save boot messages also to boot.log | ||
local7.* /var/log/boot.log | |||
# ### begin forwarding rule ### | |||
# The statement between the begin ... end define a SINGLE forwarding | |||
# rule. They belong together, do NOT split them. If you create multiple | |||
# forwarding rules, duplicate the whole block! | |||
# Remote Logging (we use TCP for reliable delivery) | |||
# | # | ||
# | # An on-disk queue is created for this action. If the remote host is | ||
# | # down, messages are spooled to disk and sent when it is up again. | ||
$ | #$WorkDirectory /var/lib/rsyslog # where to place spool files | ||
</ | #$ActionQueueFileName fwdRule1 # unique name prefix for spool files | ||
#$ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible) | |||
#$ActionQueueSaveOnShutdown on # save messages to disk on shutdown | |||
#$ActionQueueType LinkedList # run asynchronously | |||
#$ActionResumeRetryCount -1 # infinite retries if host is down | |||
# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional | |||
#*.* @@remote-host:514 | |||
# ### end of the forwarding rule ### | |||
</source> | |||
==같이 보기== | ==같이 보기== | ||
* [[ | *[[rsyslog]] | ||
* [[ | *[[/var/log/messages]] | ||
* [[ | *[[/var/log/secure]] | ||
* [[ | *[[/var/log/maillog]] | ||
*[[/var/log/cron]] | |||
*[[/var/log/spooler]] | |||
*[[/var/log/boot.log]] | |||
[[분류: /etc]] | [[분류: /etc]] | ||