1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82
|
# Example configuration for ulogd
# $Id: ulogd.conf.in 5267 2005-02-19 21:33:43Z laforge $
#
[global]
######################################################################
# GLOBAL OPTIONS
######################################################################
# netlink multicast group (the same as the iptables --ulog-nlgroup param)
nlgroup=1
# logfile for status messages
logfile="/var/log/ulogd.log"
# loglevel: debug(1), info(3), notice(5), error(7) or fatal(8)
loglevel=5
# socket receive buffer size (should be at least the size of the
# in-kernel buffer (ipt_ULOG.o 'nlbufsiz' parameter)
rmem=131071
# libipulog/ulogd receive buffer size, should be > rmem
bufsize=150000
######################################################################
# PLUGIN OPTIONS
######################################################################
# We have to configure and load all the plugins we want to use
# general rules:
# 1. load the plugins _first_ from the global section
# 2. options for each plugin in seperate section below
#
# ulogd_BASE.so - interpreter plugin for basic IPv4 header fields
# you will always need this
plugin="@libdir@/ulogd_BASE.so"
# output plugins.
plugin="@libdir@/ulogd_LOGEMU.so"
#plugin="@libdir@/ulogd_OPRINT.so"
#plugin="@libdir@/ulogd_MYSQL.so"
#plugin="@libdir@/ulogd_PGSQL.so"
#plugin="@libdir@/ulogd_SQLITE3.so"
#plugin="@libdir@/ulogd_PCAP.so"
[LOGEMU]
file="/var/log/ulogd.syslogemu"
sync=1
[OPRINT]
file="/var/log/ulogd.pktlog"
[MYSQL]
table="ulog"
pass="changeme"
user="laforge"
db="ulogd"
host="localhost"
[PGSQL]
table="ulog"
schema="public"
pass="changeme"
user="postgres"
db="ulogd"
host="localhost"
[SQLITE3]
table="ulog"
db="/path/to/sqlite/db"
buffer=200
[PCAP]
file="/var/log/ulogd.pcap"
sync=1
|