options { option1(params); option2(params); ... };
|
options {
create_dirs(yes); # if a dir does not exist create it
owner(root); # owner of created files
group(root); # group of created files
perm(0600); # permissions of created files
dir_perm(0700); # permissions of created dirs
};
One of the most important options is sync(0) The number of lines buffered before written to file.For debugging use sync(0).
On heavy loaded LOGHOST server sync(100) can be beneficial (LOGHOST
server usually never crushes, so the danger of losing information is
minimal).
| Name | Accepted values | Description |
|---|---|---|
| time_reopen() | number | The time to wait before a died connection is reestablished |
| time_reap() | number | The time to wait before an idle destination file is closed. |
| sync() | number | The number of lines buffered before written to file |
| mark() | number | The number of seconds between two MARK lines. NOTE: not implemented yet. |
| stats() | number | The number of seconds between two STATS. |
| log_fifo_size() | number | The number of lines fitting to the output queue |
| chain_hostnames() | yes or no | Enable or disable the chained hostname format. |
| keep_hostname() | yes or no | Enable or disable hostname rewriting. |
| check_hostname() | yes or no | Enable or disable whether the hostname contains valid characters. |
| bad_hostname() | regular expression | A regexp which matches hostnames which should not be taken as such. |
| create_dirs() | yes or no | Enable or disable directory creation for destination files. |
| owner() | userid | . |
| group() | groupid | . |
| perm() | permission value | . |
| dir_owner() | userid | . |
| dir_group() | groupid | . |
| dir_perm() | permission value | . |
| use_time_recvd() | yes or no | Use the time a message is received instead of the one specified in the message. |
| use_dns() | yes or no | Enable or disable DNS usage. syslog-ng blocks on DNS queries, so enabling DNS may lead to a Denial of Service attack. To prevent DoS, protect your syslog-ng network endpoint with firewall rules, and make sure that all hosts, which may get to syslog-ng is resolvable. |
| dns_cache() | yes or no | Enable or disable DNS cache usage. |
| dns_cache_size() | number | Number of hostnames in the DNS cache. |
| dns_cache_expire() | number | Number of seconds while a successful lookup is cached. |
| dns_cache_expire_failed() | number | Number of seconds while a failed lookup is cached. |
| log_msg_size() | number | Maximum length of message in bytes. |
| use_fqdn() | yes or no | Add Fully Qualified Domain Name instead of short hostname. |
| gc_idle_threshold() | number | Sets the threshold value for the garbage collector, when syslog-ng is idle. GC phase starts when the number of allocated objects reach this number. Default: 100. |
| gc_busy_threshold() | number | Sets the threshold value for the garbage collector, when syslog-ng is busy. GC phase starts when the number of allocated objects reach this number. Default: 3000. |
|
Softpanorama |
May the source be with you, but remember the KISS principle ;-)
|
# Options
#----------------------------------------------------------------------
#
# Name
Values Description
# ------------------------- -------
------------------------------------
# bad_hostname
reg exp A regexp which matches hostnames
#
which should not be taken as such.
# chain_hostnames
y/n Enable or disable the chained
#
hostname format.
# create_dirs
y/n Enable or disable directory creation
#
for destination files.
# dir_group
groupid
# dir_owner
userid
# dir_perm
perm
# dns_cache
y/n Enable or disable DNS cache usage.
# dns_cache_expire
num Number of seconds while a successful
#
lookup is cached.
# dns_cache_expire_failed num
Number of seconds while a failed
#
lookup is cached.
# dns_cache_size
num Number of hostnames in the DNS cache.
# gc_busy_threshold
num Sets the threshold value for the
#
garbage collector, when syslog-ng is
#
busy. GC phase starts when the number
#
of allocated objects reach this
#
number. Default: 3000.
# gc_idle_threshold
num Sets the threshold value for the
#
garbage collector, when syslog-ng is
#
idle. GC phase starts when the number
#
of allocated objects reach this
#
number. Default: 100.
# group
groupid
# keep_hostname
y/n Enable or disable hostname rewriting.
#
This means that if the log entry had
#
been passed through at least one other
#
logging system, the ORIGINAL hostname
#
will be kept attached to the log.
#
Otherwise the last logger will be
#
considered the log entry owner and
#
the log entry will appear to have
#
come from that host.
# log_fifo_size
num The number of lines fitting to the
#
output queue
# log_msg_size
num Maximum length of message in bytes.
# long_hostnames
on/off This options appears to only really
#
have an affect on the local system.
#
which removes the source of the log.
#
As an example, normally the local
#
logs will state src@hostname, but
#
with this feature off, the source
#
is not reported.
# mark
num The number of seconds between two
#
MARK lines. NOTE: not implemented
#
yet.
# owner
userid
# perm
perm
# stats
num The number of seconds between two
#
STATS.
# sync
num The number of lines buffered before
#
written to file
# time_reap
num The time to wait before an idle
#
destination file is closed.
# time_reopen
num The time to wait before a died
#
connection is reestablished
# use_dns
y/n Enable or disable DNS usage.
#
syslog-ng blocks on DNS queries,
#
so enabling DNS may lead to a
#
Denial of Service attack. To
#
prevent DoS, protect your
#
syslog-ng network endpoint with
#
firewall rules, and make sure that
#
all hosts, which may get to
#
syslog-ng is resolvable.
# use_fqdn
y/n Add Fully Qualified Domain Name
#
instead of short hostname.
# use_time_recvd
y/n Use the time a message is
#
received instead of the one
#
specified in the message.
Copyright © 1996-2008 by Dr. Nikolai Bezroukov. www.softpanorama.org was created as a service to the UN Sustainable Development Networking Programme (SDNP) in the author free time. Submit comments This document is an industrial compilation designed and created exclusively for educational use and is placed under the copyright of the Open Content License(OPL). Original materials copyright belong to respective owners. Quotes are made for educational purposes only in compliance with the fair use doctrine.
Standard disclaimer: The statements, views and opinions presented on this web page are those of the author and are not endorsed by, nor do they necessarily reflect, the opinions of the author present and former employers, SDNP or any other organization the author may be associated with. We do not warrant the correctness of the information provided or its fitness for any purpose.
Last modified: February 28, 2008