options { use_fqdn(yes); keep_hostname(yes); use_dns(yes); long_hostnames(off); sync(3); log_fifo_size(300); };

# network logs come from the local network and from stunnel on 127.0.0.1
source src { unix-stream("/dev/log"); internal(); };
source remote { tcp(ip("127.0.0.1") port(514) keep-alive(yes)); };

#
# This is the default behavior of sysklogd package
# Logs may come from unix stream, but not from another machine.
#
source src { unix-stream("/dev/log"); internal(); };
 
# After that set destinations.
 
# First some standard logfile
#
destination lpr { file("/var/log/lpr.log"); };
destination mail { file("/var/log/mail.log"); };
 
# Some `catch-all' logfiles.
#
destination messages { file("/var/log/messages"); };
 
# The root's console.
#
destination console { usertty("root"); };
 
# Virtual console.
#
destination console_all { file("/dev/tty8"); };
 
# Here's come the filter options. With this rules, we can set which
# message go where.
 
filter f_lpr { facility(lpr); };
filter f_mail { facility(mail); };
filter f_messages { level(info..emerg) and not facility(mail,lpr); };
filter f_emergency { level(emerg); };
 
###############################################################
 
log { source(src); filter(f_lpr); destination(lpr); };
log { source(src); filter(f_mail); destination(mail); };
log { source(src); filter(f_messages); destination(messages); };
log { source(src); filter(f_emergency); destination(console); };


###############################################################
  # automatic host sorting
 
  # set it up
  destination hosts { file("/var/log/HOSTS/$HOST/$FACILITY" owner(root) group(root) perm(0600) dir_perm(0700) create_dirs(yes)); };
 
  # log by host
  log { source(remote); destination(hosts); };
###############################################################