10.56.3. Contents of rsyslog
              Installed programs:
              rsyslogd
            
            
              Installed directory:
              /usr/lib/rsyslog
            
          The rsyslog package contains programs for logging system messages, such as those given by the kernel when unusual things happen.
Prepare Rsyslog for compilation:
./configure --prefix=/usr
Compile the package:
make
          To test the results, issue: make
          check.
        
Install the package:
make install
Create a directory for expansion snippets:
install -dv /etc/rsyslog.d
          Create a new /etc/rsyslog.conf file
          by running the following:
        
cat > /etc/rsyslog.conf << "EOF"
# Begin /etc/rsyslog.conf
# CLFS configuration of rsyslog. For more info use man rsyslog.conf
#######################################################################
# Rsyslog Modules
# Support for Local System Logging
$ModLoad imuxsock.so
# Support for Kernel Logging
$ModLoad imklog.so
#######################################################################
# Global Options
# Use traditional timestamp format.
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
# Set the default permissions for all log files.
$FileOwner root
$FileGroup root
$FileCreateMode 0640
$DirCreateMode 0755
# Provides UDP reception
$ModLoad imudp
$UDPServerRun 514
# Disable Repeating of Entries
$RepeatedMsgReduction on
#######################################################################
# Include Rsyslog Config Snippets
$IncludeConfig /etc/rsyslog.d/*.conf
#######################################################################
# Standard Log Files
auth,authpriv.*                 /var/log/auth.log
*.*;auth,authpriv.none          -/var/log/syslog
daemon.*                        -/var/log/daemon.log
kern.*                          -/var/log/kern.log
lpr.*                           -/var/log/lpr.log
mail.*                          -/var/log/mail.log
user.*                          -/var/log/user.log
# Catch All Logs
*.=debug;\
        auth,authpriv.none;\
        news.none;mail.none     -/var/log/debug
*.=info;*.=notice;*.=warn;\
        auth,authpriv.none;\
        cron,daemon.none;\
        mail,news.none          -/var/log/messages
# Emergencies are shown to everyone
*.emerg                         *
# End /etc/rsyslog.conf
EOF