From: sthen Date: Wed, 13 Oct 2021 20:34:03 +0000 (+0000) Subject: Change syslog.conf comments relating to network logging to focus on client X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=b31e2d198fff1deab00492c99e025cb4486092a8;p=openbsd Change syslog.conf comments relating to network logging to focus on client setup which is configured in the file itself, rather than talking partly about client (set in the file), command-line flags used for servers which are better suited to the syslogd(8) manual, and ISDN. In the commented-out examples, use tls rather than the plaintext protocol. If users don't need tls they can change it, but it's a sane default, and a good place to show that we have the feature. ok bluhm@ --- diff --git a/etc/syslog.conf b/etc/syslog.conf index 9eb309c7164..c6f41244d26 100644 --- a/etc/syslog.conf +++ b/etc/syslog.conf @@ -1,4 +1,4 @@ -# $OpenBSD: syslog.conf,v 1.20 2016/12/27 13:38:14 jca Exp $ +# $OpenBSD: syslog.conf,v 1.21 2021/10/13 20:34:03 sthen Exp $ # *.notice;auth,authpriv,cron,ftp,kern,lpr,mail,user.none /var/log/messages @@ -22,13 +22,11 @@ mail.info /var/log/maillog # Everyone gets emergency messages. #*.emerg * -# Uncomment to log to a central host named "loghost". You need to run -# syslogd with the -u option on the remote host if you are using this. -# (This is also required to log info from things like routers and -# ISDN-equipment). If you run -u, you are vulnerable to syslog bombing, -# and should consider blocking external syslog packets. -#*.notice;auth,authpriv,cron,ftp,kern,lpr,mail,user.none @loghost -#auth,daemon,syslog,user.info;authpriv,kern.debug @loghost +# Uncomment to log to a central host named "loghost" using syslog-tls. +# You need to run syslogd with the -S option on the remote host if you +# are using this. +#*.notice;auth,authpriv,cron,ftp,kern,lpr,mail,user.none @tls://loghost +#auth,daemon,syslog,user.info;authpriv,kern.debug @tls://loghost # Uncomment to log messages from doas(1) to its own log file. Matches are done # based on the program name.