################################################################################
# Syslog-ng configuration
# /opt/etc/syslog-ng/syslog-ng.conf
#

###############################################################################
# tiwag's active filters and logs
#

options { long_hostnames(off); sync(0); };

source src { file("/proc/kmsg");unix-stream("/dev/log"); internal(); };
source net { udp(); };

destination mysyslog {
    file("/opt/var/log/syslog-ng.log"
	owner("root")
	group("root")
	perm(0640)
	template("$HOUR:$MIN:$SEC $DAY-$MONTH-$YEAR ($PRIORITY|$FACILITY|$PROGRAM) $MESSAGE\n")
    ); 
};
		    
destination authwarnlog { 
    file("/opt/var/log/authwarn.log"
	owner("root")
	group("root")
	perm(0640)
	template("$HOUR:$MIN:$SEC $DAY-$MONTH-$YEAR ($PRIORITY|$FACILITY|$PROGRAM) $MESSAGE\n")
    ); 
};
					
destination vsftpdlog   { file("/opt/var/log/vsftpd.log"
			  template("$HOUR:$MIN:$SEC $DAY-$MONTH-$YEAR ($PRIORITY|$FACILITY|$PROGRAM) $MESSAGE\n")
    );
};
destination dropbearlog { file("/opt/var/log/dropbear.log"
			  template("$HOUR:$MIN:$SEC $DAY-$MONTH-$YEAR ($PRIORITY|$FACILITY|$PROGRAM) $MESSAGE\n")
    );
};
destination cronlog     { file("/opt/var/log/cron.log"
			  template("$HOUR:$MIN:$SEC $DAY-$MONTH-$YEAR ($PRIORITY|$FACILITY|$PROGRAM) $MESSAGE\n")
    );
};
										
filter f_ni_syslog-ng { not ( level(info) and program(syslog-ng) ); };
filter f_ni_thttpd    { not ( level(info) and program(thttpd)    ); };
filter f_ni_vsftpd    { not ( level(info) and program(vsftpd)    ); };
filter f_ni_cron      { not ( (level(notice) and program(cron) ) or ( level(info) and  facility(cron) ) ); };
					
filter f_vsftpd   { ( program(vsftpd)   ); };
filter f_dropbear { ( program(dropbear) ); };
filter f_cron     { ( level(notice) and  program(cron) ); };
filter f_authwarn { ( ( ( level(info) or level(warning) ) and program(dropbear) ) or ( ( level(warning) ) and  program(vsftpd) ) ); };

###############################################################################
# active logs
#

log { source(src); 
    filter(f_ni_vsftpd); 
    filter(f_ni_thttpd); 
    filter(f_ni_syslog-ng); 
    filter(f_ni_cron);
    destination(mysyslog); };

log { source(src); 
    filter(f_vsftpd);   
    destination(vsftpdlog); };

log { source(src); 
    filter(f_dropbear); 
    destination(dropbearlog); };

log { source(src); 
    filter(f_authwarn); 
    destination(authwarnlog); };

log { source(src); 
    filter(f_cron); 
    destination(cronlog); };