replace rsyslog with syslog-ng

This commit is contained in:
Sebastian Hugentobler 2017-02-14 14:30:38 +01:00
parent 4f84d27349
commit 6b1d8cfcdf
5 changed files with 29 additions and 52 deletions

View File

@ -6,7 +6,7 @@ RUN apk add --no-cache \
nginx \ nginx \
postgresql-client \ postgresql-client \
aspell \ aspell \
rsyslog \ syslog-ng \
ca-certificates \ ca-certificates \
php7 \ php7 \
php7-imap \ php7-imap \

View File

@ -1,48 +0,0 @@
# rsyslogd.conf
#
# if you experience problems, check:
# http://www.rsyslog.com/troubleshoot
#### MODULES ####
module(load="imuxsock") # local system logging support (e.g. via logger command)
#module(load="imklog") # kernel logging support (previously done by rklogd)
module(load="immark") # --MARK-- message support
module(load="imudp") # UDP listener support
input(type="imudp" port="514")
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.* action(type="omfile" file="/dev/console")
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none action(type="omfile" file="/var/log/messages")
# The authpriv file has restricted access.
authpriv.* action(type="omfile" file="/var/log/secure")
# Log all the mail messages in one place.
mail.* action(type="omfile" file="/dev/console")
# Log cron stuff
cron.* action(type="omfile" file="/var/log/cron")
# Everybody gets emergency messages
*.emerg action(type="omusrmsg" users="*")
# Save news errors of level crit and higher in a special file.
uucp,news.crit action(type="omfile" file="/var/log/spooler")
# Save boot messages also to boot.log
local7.* action(type="omfile" file="/var/log/boot.log")
# log every host in its own directory
if $fromhost-ip then /var/log/$fromhost-ip/messages
# Include all .conf files in /etc/rsyslog.d
$IncludeConfig /etc/rsyslog.d/*.conf
$template GRAYLOGRFC5424,"<%PRI%>%PROTOCOL-VERSION% %TIMESTAMP:::date-rfc3339% %HOSTNAME% %APP-NAME% %PROCID% %MSGID% %STRUCTURED-DATA% %msg%\n"
*.info;mail.none;authpriv.none;cron.none;*.* @@graylog:514;GRAYLOGRFC5424 # forward everything to remote server

View File

@ -1,3 +0,0 @@
#!/usr/bin/with-contenv sh
exec rsyslogd -n

View File

@ -0,0 +1,4 @@
#!/usr/bin/with-contenv sh
cd /var
exec syslog-ng --foreground

View File

@ -0,0 +1,24 @@
@version: 3.7
options {
stats_freq (0);
time_reopen (10);
chain_hostnames (off);
use_dns (no);
use_fqdn (no);
keep_hostname (yes);
};
source s_local {
unix-dgram("/dev/log");
internal();
};
destination catchall {
pipe("/dev/stdout");
};
log {
source(s_local);
destination(catchall);
};