pvl-verkko: etc/syslog.conf@171bd0432056 (annotated)

85 d1c2dfc1a875 syslog.conf: better [ssh] Tero Marttila <terom@paivola.fi> parents: 78 diff changeset	1	irk = irc://syslog@irc-test/test
48 40ccb8d3c96e pvl.verkko-syslog: syslog -> irker gateway Tero Marttila <terom@fixme.fi> parents: diff changeset	2
76 60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	3	# TODO: implements meta-attrs across rule tree to classify hosts?
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	4	#[tag]
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	5	# [[puppetmaster]]
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	6	# host = guru
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	7	#
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	8	# [[auth-high]]
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	9	# host = guru
48 40ccb8d3c96e pvl.verkko-syslog: syslog -> irker gateway Tero Marttila <terom@fixme.fi> parents: diff changeset	10
76 60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	11	# auth on normal hosts
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	12	[auth]
91 171bd0432056 syslog.conf: facility is authpriv Tero Marttila <terom@paivola.fi> parents: 85 diff changeset	13	facility = auth*
48 40ccb8d3c96e pvl.verkko-syslog: syslog -> irker gateway Tero Marttila <terom@fixme.fi> parents: diff changeset	14
76 60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	15	[[sudo]]
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	16	program = sudo
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	17	pattern = (?P<login>\S+) : TTY=(?P<tty>\S+) ; PWD=(?P<pwd>.+?) ; USER=(?P<user>\S+) ; (?:ENV=(?P<env>.+?) ; )?COMMAND=(?P<command>.*)
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	18	format = {login}:{tty} - {user}@{host}:{pwd} - {command!r}
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	19
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	20	# ignore puppet readshadow on puppetmasters
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	21	[[[puppet_readshadow]]]
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	22	login = puppet
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	23	user = root
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	24	command = /usr/bin/getent shadow \w+
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	25	format = # ignore
66 1e3a144f25c0 pvl.syslog: nested sections Tero Marttila <terom@fixme.fi> parents: 58 diff changeset	26
76 60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	27	[[[env]]]
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	28	env = .+
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	29	format = {login}:{tty} - {user}@{host}:{pwd} - {env}{command!r}
66 1e3a144f25c0 pvl.syslog: nested sections Tero Marttila <terom@fixme.fi> parents: 58 diff changeset	30
76 60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	31	[[sudo-unknown]]
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	32	program = sudo
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	33	format = {host} {msg}
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	34
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	35	# auth on high-sec hosts
78 8deb7d308d18 syslog: fix duplicate section mame in example config Tero Marttila <terom@paivola.fi> parents: 76 diff changeset	36	[auth-high]
8deb7d308d18 syslog: fix duplicate section mame in example config Tero Marttila <terom@paivola.fi> parents: 76 diff changeset	37	host = .+
91 171bd0432056 syslog.conf: facility is authpriv Tero Marttila <terom@paivola.fi> parents: 85 diff changeset	38	facility = auth*
76 60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	39
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	40	# TODO: pubkey, failures?
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	41	[[ssh]]
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	42	program = sshd
85 d1c2dfc1a875 syslog.conf: better [ssh] Tero Marttila <terom@paivola.fi> parents: 78 diff changeset	43	pattern = Accepted (?P<auth>.+?) for (?P<user>\S+) from (?P<ip>\S+) port (?P<port>\S+) (?P<proto>\S+)
d1c2dfc1a875 syslog.conf: better [ssh] Tero Marttila <terom@paivola.fi> parents: 78 diff changeset	44	format = SSH {auth} login for {user}@{host} from {ip}
76 60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	45
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	46	[[cron]]
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	47	program = cron
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	48	format = # ignore
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	49
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	50	[[su_nobody]]
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	51	program = su
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	52	pattern = Successful su for nobody by root\|\+ \?\?\? root:nobody
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	53	format = # ignore
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	54
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	55	[[all]]
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	56	format = {host} {msg}
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	57
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	58	# user
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	59	[user]
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	60	facility = user
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	61
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	62	[[puppet]]
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	63	program = puppet
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	64	format = {host} {msg}
60bdff4bedfb pvl.syslog.rule: implement proper match/apply support Tero Marttila <terom@paivola.fi> parents: 66 diff changeset	65

author	Tero Marttila <terom@paivola.fi>
	Fri, 11 Jan 2013 23:19:40 +0200
changeset 91	171bd0432056
parent 85	d1c2dfc1a875
permissions	-rw-r--r--