分类: LINUX
2008-03-03 22:12:43
The following options can be specified in the options statement, as described in .
| Name | Accepted values | Default | Description |
|---|---|---|---|
| time_reopen() | number | 60 | The time to wait in seconds before a dead connection is reestablished. |
| time_reap() | number | 60 | The time to wait in seconds before an idle destination file is closed. |
| time_sleep() | number | 0 | The time to wait in
milliseconds between each invocation of the poll() iteration. |
| sync() or sync_freq() (DEPRECATED) | number | 0 | Obsolete aliases for flush_lines() |
| mark_freq() | number | 1200 | The number of seconds between two
MARK lines. MARK lines are generated if there was no
message traffic to inform the receiver that the connection is still alive.
|
| stats_freq() | number | 600 | The period between two
STATS messages in seconds. STATS are log messages sent by syslog-ng, containing
statistics about dropped log messages. This parameter is identical to the stats() option of syslog-ng 1.6. In syslog-ng 2.0, stats() is an alias of stats_freq(). |
| log_fifo_size() | number | 100 | The number of lines fitting to the output queue |
| chain_hostnames() | yes or no | yes | Enable or disable the chained hostname format. |
| normalize_hostnames() | yes or no | no | Normalize hostnames, which currently translates to converting them to lower case. (requires 1.9.9) |
| keep_hostname() | yes or no | no | Enable or disable hostname rewriting. |
| check_hostname() | yes or no | no | Enable or disable checking whether the hostname contains valid characters. |
| bad_hostname() | regular expression | no | A regexp containing hostnames which should not be handled as hostnames. |
| create_dirs() | yes or no | no | Enable or disable directory creation for destination files. |
| owner() | userid | root | The default owner of output files. |
| group() | groupid | root | The default group of output files. |
| perm() | permission value | 0600 | The default permission for output files. |
| dir_owner() | userid | root | The default owner of newly created directories. |
| dir_group() | groupid | root | The default group for newly created directories. |
| dir_perm() | permission value | 0700 | The default permission for newly created directories. |
| use_time_recvd() (DEPRECATED) | yes or no | no |
This option controls how the time related macros are expanded in filename and
content templates. If set to yes, then the non-prefixed versions of the time
related macros (e.g.: NOTE: The timestamps in the messages are generated by the originating host and might not be accurate. This option is deprecated as many users assumed that it controls the
timestamp as it is written to logfiles/destinations, which is not the case. To
change how messages are formatted, specify a content-template referring to the
appropriate prefixed ( |
| ts_format() | rfc3164, bsd, rfc3339, iso | rfc3164 | Specifies the timestamp format used
when syslog-ng itself formats a timestamp and nothing else specifies a format
(e.g.: STAMP macros, internal messages,
messages without original timestamps). |
| use_dns() | yes, no, persist_only | yes | Enable or disable DNS
usage. The
persist_only option attempts to resolve hostnames locally from file (e.g., from/etc/hosts). syslog-ng
blocks on DNS queries, so enabling DNS may lead to a Denial of Service attack.
To prevent DoS, protect your syslog-ng network endpoint with firewall rules, and
make sure that all hosts which may get to syslog-ng are
resolvable. |
| dns_cache() | yes or no | yes | Enable or disable DNS cache usage. |
| dns_cache_size() | number | 1007 | Number of hostnames in the DNS cache. |
| dns_cache_expire() | number | 3600 | Number of seconds while a successful lookup is cached. |
| dns_cache_expire_failed() | number | 60 | Number of seconds while a failed lookup is cached. |
| dns_cache_hosts() | filename | unset | Name of a file in /etc/hosts format that contains static IP->hostname
mappings. Use this option to resolve hostnames locally without using a
DNS. |
| log_msg_size() | number | 8192 | Maximum length of a message in bytes. |
| use_fqdn() | yes or no | no | Add Fully Qualified Domain Name instead of short hostname. |
| gc_idle_threshold() (DEPRECATED) | number | n/a | Has no meaning in syslog-ng 1.9.x and later. |
| gc_busy_threshold() (DEPRECATED) | number | n/a | Has no meaning in syslog-ng 1.9.x and later. |
| flush_lines() | number | 0 | Specifies how many lines
are flushed to a destination at a time. Syslog-ng waits for this number of lines
to accumulate and sends them off in a single batch. Setting this number high
increases throughput as fully filled frames are sent to the network, but also
increases message latency. The latency can be limited by the use of the flush_timeout option. |
| flush_timeout() | time in milliseconds | 10000 | Specifies the time syslog-ng waits
for lines to accumulate in its output buffer. See the flush_lines() option for more information.
|
| recv_time_zone() | time
offset (e.g.: +03:00) |
local timezone | Specifies the time zone associated with the incoming messages, if not specified otherwise in the message or in the source driver. See for details. |
| send_time_zone() | time
offset (e.g.: +03:00) |
local timezone | Specifies the time zone associated with the messages sent by syslog-ng, if not specified otherwise in the message or in the destination driver. See for details. |
| frac_digits() | number | 0 | The syslog-ng application can store fractions of a second in the timestamps
according to the ISO8601 format. The frac_digits() parameter specifies the number
of digits stored. The digits storing the fractions are padded by zeros if the
original timestamp of the message specifies only seconds. Fractions can always
be stored for the received time of the messages. |
Table 8.16. List of global options supported in syslog-ng
