blob: 03ff513fd7fdb5da1aa4da78c4fa747507ecb85a [file] [log] [blame]
# Copyright 2012 The ChromiumOS Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
#
# provides --MARK-- message capability
$ModLoad immark.so
module(load="imuxsock"
SysSock.Name="/dev/log"
SysSock.UsePIDFromSystem="on")
# Allow messages from upstart, which logs through /dev/klog.
module(load="imklog"
PermitNonKernelFacility="on")
# Socket to collect stdout/stderr from processes via syslog-cat command.
module(load="imstdoutsock" path="/run/rsyslogd/stdout")
$PrivDropToUser syslog
$PrivDropToGroup syslog
# Don't include hostname in log messages.
template(name="LogWithoutHostname" type="string"
string="%TIMESTAMP:1:26:date-rfc3339,date-utc%Z %syslogseverity-text:::uppercase% %syslogtag%%msg:::sp-if-no-1st-sp%%msg::drop-last-lf%\n")
module(load="builtin:omfile" Template="LogWithoutHostname")
$RepeatedMsgReduction on
# Merge and include all *.conf files.
# This should come after any settings that are meant to be inherited by the
# *.conf files that are to be included.
$IncludeConfig /etc/rsyslog.d/*.conf
# Keep network stuff in /var/log/net.log
if (($programname == 'charon') or \
($programname == 'dhcpcd') or \
($programname == 'dnsmasq') or \
($programname == 'dnsproxyd') or \
($programname == 'hermes') or \
($programname == 'mist') or \
($programname == 'ModemManager') or \
($programname == 'nss-get-cert') or \
($programname == 'openvpn') or \
($programname == 'openvpn-script') or \
($programname == 'patchpanel_bpf_loader') or \
($programname == 'patchpaneld') or \
($programname == 'pppd') or \
($programname == 'pseudomodem') or \
($programname == 'shill') or \
($programname == 'wpa_supplicant') or \
($programname == 'xl2tpd')) then -/var/log/net.log
# Log important (EMERG..ERR) network stuff in /var/log/messages too,
# but discard anything less severe
if (($programname == 'charon') or \
($programname == 'dhcpcd') or \
($programname == 'dnsmasq') or \
($programname == 'dnsproxyd') or \
($programname == 'hermes') or \
($programname == 'mist') or \
($programname == 'ModemManager') or \
($programname == 'nss-get-cert') or \
($programname == 'openvpn') or \
($programname == 'openvpn-script') or \
($programname == 'patchpanel_bpf_loader') or \
($programname == 'patchpaneld') or \
($programname == 'pppd') or \
($programname == 'pseudomodem') or \
($programname == 'shill') or \
($programname == 'wpa_supplicant') or \
($programname == 'xl2tpd')) and $syslogseverity >= '4' then stop
# Keep all bluetooth logs in /var/log/bluetooth.log
if $programname == 'bluetoothd' then -/var/log/bluetooth.log
if $programname == 'btmanagerd' then -/var/log/bluetooth.log
if $programname == 'btadapterd' then -/var/log/bluetooth.log
# Log non-debug level bluez logs to /var/log/messages too
if $programname == 'bluetoothd' and $syslogseverity >= '7' then stop
# Log non-info level Floss logs to /var/log/messages too.
if $programname == 'btmanagerd' and $syslogseverity >= '6' then stop
if $programname == 'btadapterd' and $syslogseverity >= '6' then stop
# Keep Upstart logs in /var/log/upstart.log
# Since these go through the kernel ring buffer, the $programname is 'kernel'.
# We can match against messages from init with:
# re_match($msg, "\\[ *[0-9]+\\.[0-9]+\\] init: .*")
# but we'll use a simpler string comparison to avoid the performance penalty of
# running a regex on every kernel message.
if $programname == 'kernel' and ($msg contains "] init: ") \
then -/var/log/upstart.log
# Log important (EMERG..ERR) Upstart stuff in /var/log/messages too.
if $programname == 'kernel' and ($msg contains "] init: ") and \
$syslogseverity >= '4' then stop
# Keep tlsdate stuff in /var/log/tlsdate.log
if ($programname startswith 'tlsdate') then -/var/log/tlsdate.log
& stop # Don't log tlsdate messages anywhere else.
# Keep extension logs in /var/log/extensions.log
if ($msg contains 'system_log_api') then -/var/log/extensions.log
& stop # Don't log extension messages anywhere else.
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.* /dev/console
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.*;mail.none;authpriv.none;local5.none -/var/log/messages
# The authpriv file has restricted access.
authpriv.* /var/log/secure
# Save boot messages also to boot.log
local7.* /var/log/boot.log