options { 
	long_hostnames(off); 
	sync(0); 
	stats(3600);
	log_fifo_size(1000);
	owner("root");
	group("adm");
	perm(0640);
	create_dirs(yes);
};

source local {
	unix-stream("/dev/log");
	unix-stream("/srv/named/dev/log");
	internal();
	pipe("/proc/kmsg" log_prefix("kernel: "));
};

filter f_console { level(warn..emerg) and facility(kern); };
filter f_admin { level(alert...emerg); };

filter f_secure {
	facility(auth, authpriv) or
	program("sshd|pam_unix|ident") or
	(program("webmin") and match("login"));
};
filter f_user { facility(user); };

filter f_kern { facility(kern) and not match("NETFILTER:|grsec:"); };
filter f_grsec { facility(kern) and match("grsec:"); };
filter f_netfilter_drop { facility(kern) and match("NETFILTER: drop"); };
filter f_netfilter_accept { facility(kern) and match("NETFILTER: accept"); };
filter f_netfilter_limit { facility(kern) and match("NETFILTER: limit"); };
filter f_netfilter_test { facility(kern) and match("NETFILTER: test"); };

filter f_mail { facility(mail) and not program("imap|pop|spam|fetchmail"); };
filter f_imap { program("imap"); };
filter f_pop { program("pop"); };
filter f_spam { program("spam"); };
filter f_av { program("Qmail-Scanner"); };
filter f_fetchmail { program("fetchmail"); };

filter f_cron { facility(cron); };
filter f_ppp { program("ppp|pptpd"); };
filter f_dhcp { program("dhcp|pump"); };
filter f_ftp { program("ftp"); };
filter f_webmin { program("webmin"); };
filter f_apache { program("apache"); };
filter f_apache_auth { program("apache") and match("user .* (authentication failure|not found)"); };
filter f_smart { program("smartd"); };

filter f_messages {
	level(info..emerg) and
	not facility(auth, authpriv, mail, cron, user, kern) and
	not program("sshd|pam_unix|ppp|pptpd|ident|spam|imap|pop|dhcp|pump|ftp|Qmail-Scanner|webmin|apache|smartd");
};
filter f_debug { level(debug); };

destination d_console { file("/dev/tty12"); };
destination d_admin { usertty("root,t00r,sebbart,tichou"); };

destination d_messages { file("/var/log/messages"); };
destination d_debug { file("/var/log/debug"); };
destination d_secure { file("/var/log/secure"); };
destination d_user { file("/var/log/user"); };

destination d_kern { file("/var/log/kernel"); };
destination d_grsec { file("/var/log/grsec"); };
destination d_netfilter_drop { file("/var/log/netfilter/drop"); };
destination d_netfilter_accept { file("/var/log/netfilter/accept"); };
destination d_netfilter_limit { file("/var/log/netfilter/limit"); };
destination d_netfilter_test { file("/var/log/netfilter/test"); };

destination d_mail { file("/var/log/mail/maillog"); };
destination d_mail_pop { file("/var/log/mail/pop"); };
destination d_mail_imap { file("/var/log/mail/imap"); };
destination d_mail_spam { file("/var/log/mail/spam"); };
destination d_mail_av { file("/var/log/mail/antivirus"); };
destination d_mail_fetchmail { file("/var/log/mail/fetchmail"); };

destination d_cron { file("/var/log/cron"); };
destination d_ppp { file("/var/log/ppp"); };
destination d_dhcp { file("/var/log/dhcp"); };
destination d_ftp { file("/var/log/ftp/ftpd"); };
destination d_webmin { file("/var/log/webmin/webmin-syslog"); };
destination d_apache { file("/var/log/apache/error_log"); };
destination d_apache_auth { file("/var/log/apache/auth_log"); };
destination d_smart { file("/var/log/smart"); };


log { source(local); filter(f_console); destination(d_console); };
log { source(local); filter(f_admin); destination(d_admin); };

log { source(local); filter(f_messages); destination(d_messages); };
log { source(local); filter(f_debug); destination(d_debug); };
log { source(local); filter(f_user); destination(d_user); };
log { source(local); filter(f_secure); destination(d_secure); };

log { source(local); filter(f_kern); destination(d_kern); };
log { source(local); filter(f_grsec); destination(d_grsec); };
log { source(local); filter(f_netfilter_drop); destination(d_netfilter_drop); };
log { source(local); filter(f_netfilter_accept); destination(d_netfilter_accept); };
log { source(local); filter(f_netfilter_limit); destination(d_netfilter_limit); };
log { source(local); filter(f_netfilter_test); destination(d_netfilter_test); };

log { source(local); filter(f_mail); destination(d_mail); };
log { source(local); filter(f_pop); destination(d_mail_pop); };
log { source(local); filter(f_imap); destination(d_mail_imap); };
log { source(local); filter(f_spam); destination(d_mail_spam); };
log { source(local); filter(f_av); destination(d_mail_av); };
log { source(local); filter(f_fetchmail); destination(d_mail_fetchmail); };

log { source(local); filter(f_cron); destination(d_cron); };
log { source(local); filter(f_ppp); destination(d_ppp); };
log { source(local); filter(f_dhcp); destination(d_dhcp); };
log { source(local); filter(f_ftp); destination(d_ftp); };
log { source(local); filter(f_webmin); destination(d_webmin); };
log { source(local); filter(f_apache); destination(d_apache); };
log { source(local); filter(f_apache_auth); destination(d_apache_auth); };
log { source(local); filter(f_smart); destination(d_smart); };