Hi all,
we are trying in vain to configure Rsyslog to work as we want. Searched high
and low, found some suggestions but none worked.
It works fine, accepts the logs, creates th folder but.. sets the wrong
permissons and hence we hve no access unless we force it.
Here the config:
----------------
# /etc/rsyslog.conf Configuration file for rsyslog.
#
# For more information see
# /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html
#
# Default logging rules can be found in /etc/rsyslog.d/50-default.conf
#################
#### MODULES ####
#################
$ModLoad imuxsock # provides support for local system logging
$ModLoad imklog # provides kernel logging support (previously done by
rklogd)
#$ModLoad immark # provides --MARK-- message capability
# provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514
# provides TCP syslog reception
$ModLoad imtcp
$InputTCPServerRun 514
$template ASA,"/var/log/LAB/%HOSTNAME%.log"
if $fromhost-ip startswith'192.168' then -?ASA
& ~
###########################
#### GLOBAL DIRECTIVES ####
###########################
#
# Use traditional timestamp format.
# To enable high precision timestamps, comment out the following line.
#
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
# Filter duplicated messages
$RepeatedMsgReduction on
#
# Set the default permissions for all log files.
#
$FileOwner syslog
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$DirOwner syslog
$DirGroup adm
$Umask 0022
$PrivDropToUser syslog
$PrivDropToGroup adm
#
# Where to place spool files
#
$WorkDirectory /var/spool/rsyslog
#
# Include all config files in /etc/rsyslog.d/
#
$IncludeConfig /etc/rsyslog.d/*.conf
-----------------------------------------
and the permissions it sets as follows:
drwx------ 2 syslog syslog 4096 Sep 22 02:49 LAB
trying to access the folde:
-bash: cd: LAB: Permission denied
Running on: Ubuntu 18.04.3 LTS \n \l
Any suggestions what to do?
Rgds
--
Sent from: http://rsyslog-users.1305293.n2.nabble.com/
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
we are trying in vain to configure Rsyslog to work as we want. Searched high
and low, found some suggestions but none worked.
It works fine, accepts the logs, creates th folder but.. sets the wrong
permissons and hence we hve no access unless we force it.
Here the config:
----------------
# /etc/rsyslog.conf Configuration file for rsyslog.
#
# For more information see
# /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html
#
# Default logging rules can be found in /etc/rsyslog.d/50-default.conf
#################
#### MODULES ####
#################
$ModLoad imuxsock # provides support for local system logging
$ModLoad imklog # provides kernel logging support (previously done by
rklogd)
#$ModLoad immark # provides --MARK-- message capability
# provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514
# provides TCP syslog reception
$ModLoad imtcp
$InputTCPServerRun 514
$template ASA,"/var/log/LAB/%HOSTNAME%.log"
if $fromhost-ip startswith'192.168' then -?ASA
& ~
###########################
#### GLOBAL DIRECTIVES ####
###########################
#
# Use traditional timestamp format.
# To enable high precision timestamps, comment out the following line.
#
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
# Filter duplicated messages
$RepeatedMsgReduction on
#
# Set the default permissions for all log files.
#
$FileOwner syslog
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$DirOwner syslog
$DirGroup adm
$Umask 0022
$PrivDropToUser syslog
$PrivDropToGroup adm
#
# Where to place spool files
#
$WorkDirectory /var/spool/rsyslog
#
# Include all config files in /etc/rsyslog.d/
#
$IncludeConfig /etc/rsyslog.d/*.conf
-----------------------------------------
and the permissions it sets as follows:
drwx------ 2 syslog syslog 4096 Sep 22 02:49 LAB
trying to access the folde:
-bash: cd: LAB: Permission denied
Running on: Ubuntu 18.04.3 LTS \n \l
Any suggestions what to do?
Rgds
--
Sent from: http://rsyslog-users.1305293.n2.nabble.com/
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.