# syslog-ng configuration file for OpenBSD.
# This should provide the same behavior as OpenBSD's syslog.conf(5).
# 2010-07-18 steven@openbsd.org

@version: 3.0

options { 
	use_dns(no);
	create_dirs(no);
	keep_hostname(yes);
};

source s_local {
	unix-dgram ("/dev/log");
	unix-dgram ("/var/empty/dev/log");
	internal();
};
#source s_local_all {
#	unix-dgram ("/dev/log");
#	unix-dgram ("/var/empty/dev/log");
#	unix-dgram ("/var/www/dev/log");
#	internal();
#};
#source s_net {
#	udp(port(514));
#};

destination d_console	{ file("/dev/console");		};
destination d_messages	{ file("/var/log/messages" perm(0644));	};
destination d_authlog	{ file("/var/log/authlog");	};
destination d_secure	{ file("/var/log/secure");	};
destination d_cronlog	{ file("/var/cron/log");	};
destination d_daemon	{ file("/var/log/daemon");	};
destination d_xferlog	{ file("/var/log/xferlog");	};
destination d_lpderrs	{ file("/var/log/lpd-errs");	};
destination d_maillog	{ file("/var/log/maillog");	};
destination d_sudolog	{ file("/var/log/sudo");	};
destination d_chatlog	{ file("/var/log/chat");	};
destination d_ttyall	{ usertty("*");			};
destination d_ttyroot	{ usertty("root");		};
destination d_loghost	{ udp("loghost" port(514));	};

filter f_notice {
	level(notice .. emerg)
	and not(facility(auth,authpriv,cron,ftp,kern,lpr,mail,user));
};
filter f_kerndebug {
	level(debug .. emerg) and facility(kern);
};
filter f_msginfo {
	level(info .. emerg) and facility(syslog,user);
};
filter f_authinfo {
	level(info .. emerg) and facility(auth);
};
filter f_authprivdebug {
	level(debug .. emerg) and facility(authpriv);
};
filter f_croninfo {
	level(info .. emerg) and facility(cron);
};
filter f_daemoninfo {
	level(info .. emerg) and facility(daemon);
};
filter f_ftpinfo {
	level(info .. emerg) and facility(ftp);
};
filter f_lprdebug {
	level(debug .. emerg) and facility(lpr);
};
filter f_mailinfo {
	level(info .. emerg) and facility(mail);
};
filter f_emerg {
	level(emerg);
};
filter f_to_console {
	not (facility(authpriv)) and
	((level(notice .. emerg) and facility(auth))
	or (level(debug .. emerg) and facility(kern))
	or (level(crit .. emerg) and facility(mail))
	or level(err .. emerg));
};
filter f_to_root {
	(level(debug .. emerg) and facility(auth))
	or (level(notice .. emerg));
};
filter f_to_loghost {
	(level(notice .. emerg) and
	  not (facility(auth,authpriv,cron,ftp,kern,lpr,mail,user)))
	or (level(info .. emerg) and facility(auth,daemon,syslog,user))
	or (level(debug .. emerg) and facility(authpriv,kern));
};
filter f_prog_sudo {
	program("sudo");
};
filter f_prog_chat {
	program("chat");
};

log { source(s_local); filter(f_notice);	destination(d_messages);};
log { source(s_local); filter(f_kerndebug);	destination(d_messages);};
log { source(s_local); filter(f_msginfo);	destination(d_messages);};
log { source(s_local); filter(f_authinfo);	destination(d_authlog);	};
log { source(s_local); filter(f_authprivdebug);	destination(d_secure);	};
log { source(s_local); filter(f_croninfo);	destination(d_cronlog);	};
log { source(s_local); filter(f_daemoninfo);	destination(d_daemon);	};
log { source(s_local); filter(f_ftpinfo);	destination(d_xferlog);	};
log { source(s_local); filter(f_lprdebug);	destination(d_lpderrs);	};
log { source(s_local); filter(f_mailinfo);	destination(d_maillog);	};

# Uncomment this line to send "important" messages to the system
# console: be aware that this could create lots of output.
#log { source(s_local); filter(f_to_console);	destination(d_console);	};

# Uncomment this to have all messages of notice level and higher
# as well as all authentication messages sent to root.
#log { source(s_local); filter(f_to_root);	destination(d_ttyroot);	};

# Everyone gets emergency messages.
log { source(s_local); filter(f_emerg);		destination(d_ttyall);	};

# Uncomment to log to a central host named "loghost".
#log { source(s_local); filter(f_to_loghost);	destination(d_loghost);	};

# Uncomment to log messages from sudo(8) and chat(8) to their own
# respective log files.  Matches are done based on the program name.
# Program-specific logs:
#log { source(s_local); filter(f_prog_sudo);	destination(d_sudolog);	};
#log { source(s_local); filter(f_prog_chat);	destination(d_chatlog);	};

# Uncomment to log messages from the network.
# Note: it is recommended to specify a different destination here.
#log { source(s_net); destination(d_messages); };