epylog.conf(5)
NAME
epylog.conf - epylog configuration
SYNOPSIS
epylog config file is a simple plaintext file in win.ini style format.
Location
- Epylog will look in /etc/epylog/epylog.conf by default, but you can
override that by passing -c switch on the command line.
- [main]
cfgdir This is where epylog should look for other configuration infor - mation, most notably, modules.d directory. See epylog-modules(5) for more info.
- tmpdir Where to create temporary directories and put temporary files.
- Note that log files can grow VERY big and epylog might create several copies of them for processing purposes. Make sure there is no danger of filling up that partition. A good place on a designated loghost is /var/tmp, since that is usually a separate partition dedicated entirely for logs.
- vardir Where epylog should save its state data, namely the offsets.xml
- file. The sanest place for this is /var/lib/epylog.
- multimatch
- By default, if a line is matched against a module, no other modules will be tried. This helps speed things up tremendously. However, you may have several modules that process the same lines (although this is not a very good setup). In that case you may set this to "yes". The default value is "no".
- threads
- How many processing threads to start. 50 is a good default value, but you may set it to less or more, depending on your system.
- [report]
- title What should be the title of the report. For mailed reports, this
- is the subject of the message. For the ones published on the web, this is the title of the page (as in <title></title>).
- template
- Which html template should be used for the final report. See the source of the default template for the format used.
- include_unparsed
- Can be either "yes" or "no". If "no" is specified, strings that didn't match any of the modules will not be appended to the report. Not very wise! A good setting is "yes".
- publishers
- Lists the publishers to use. The value is the name of the section where to look for the publisher configuration. E.g.:
publishers = nfspub
will look for a section called "[nfspub]" for publisher initialization. The name of the publisher has nothing to do with the method it uses for publishing. The fact that the default are named [file] and [mail] is only a matter of convenience. List multiple values separated by a comma.
Mail Publisher
- method Method must be set to "mail" for this publisher to be considered
- a mail publisher.
- smtpserv
- Can be either a hostname of an SMTP server to use, or the location of a sendmail binary. If the value starts with a "/" it
will be considered a path. E.g. valid entries:
smtpserv = mail.example.com smtpserv = /usr/sbin/sendmail -t - mailto The list of email addresses where to mail the report. Separate
- multiple entries by a comma. If ommitted, "root@localhost" will be used.
- format Can be one of the following: html, plain, or both. If you use a
- mail client that doesn't support html mail, then you better use "plain" or "both", though you will miss out on visual cueing that epylog uses to notify of important events.
- lynx This is only useful if you use format other than "html". Epylog
- will use a lynx-compliant tool to transform HTML into plain text. The following browsers are known to work: lynx, elinks, w3m.
- include_rawlogs
- Whether to include the gzipped raw logs with the message. If set to "yes", it will attach the file with all processed logs with the message. If you use a file publisher in addition to the mail publisher, this may be a tad too paranoid.
- rawlogs_limit
- If the size of rawlogs.gz is more than this setting (in kilobytes), then raw logs will not be attached. Useful if you have a 50Mb log and check your mail over a slow uplink.
File Publisher
- method Method must be set to "file" for this config to work as a file
- publisher.
- path Where to place the directories with reports. A sensible location
- would be in /var/www/html/epylog. Note that the reports may contain sensitive information, so make sure you place a .htaccess in that directory and require a password, or limit by host.
- dirmask, filemask
- These are the masks to be used for the created directories and files. For format values look at strftime documentation here: http://www.python.org/doc/current/lib/module-time.html
- expire_in
- A digit specifying the number of days after which the old directories should be removed. Default is 7.
- notify Optionally send notifications to these email addresses when new
- reports become available. Comment out if no notification is desired. This is definitely redundant if you also use the mail publisher.
- smtpserv
- Use this smtp server when sending notifications. Can be either a hostname or a path to sendmail. Defaults to "/usr/sbin/sendmail -t".
- pubroot
- When generating a notification message, use this as publication
root to make a link. E.g.:
pubroot = http://www.example.com/epylog will make a link: http://www.example.com/epylog/dirname/filename.html
COMMENTS
Lines starting with "#" will be considered commented out.
AUTHORS
Konstantin Ryabitsev <icon@linux.duke.edu>