# 2004-11-17 rgerhards: work copy of the new syslog.conf
# We try to keep things as consisent with existing syslog implementation
# as possible. We use "$" to start lines that contain new dirctives.
# Set syslogd options

#$template Name,"Text %var% Text",<options>
# Template options are case-insensitive. Currently defined are:
# sql - format the string suitable for a SQL statement. This will replace single
#       quotes ("'") by two single quotes ("''") inside each field. This option MUST
#       be specified when a template is used for writing to a database, otherwise SQL
#       injection might occur. The "sql" option is only used for database-bound
#       templates. It is ignored for all others.

# To escape:
# % = \%
# \ = \\
# --> '\' is used to escape (as in C)
#$template TraditionalFormat,%timegenerated% %HOSTNAME% %syslogtag%%msg%\n"
$template TraditionalFormat,"%timegenerated% %HOSTNAME% %syslogtag%%msg%\n"
$template precise,"%syslogpriority%,%syslogfacility%,%timegenerated%,%HOSTNAME%,%syslogtag%,%msg%\n",1024
$template RFC3164fmt,"<%PRI%>%TIMESTAMP% %HOSTNAME% %syslogtag%%msg%"
#$template precise,"%syslogpriority%,%syslogfacility%,%timegenerated::fulltime%,%HOSTNAME%,%syslogtag%,%msg%\n",1024
$template usermsg," XXXX%syslogtag%%msg%\n\r"
#$template wallmsg,"\r\n\7Message from syslogd@%HOSTNAME% at %timegenerated% ...\r\n %syslogtag%%msg%\n\r"
$template MySQLInsert,"insert iut, message, receivedat values ('%iut%', '%msg:::UPPERCASE%', '%timegenerated:::date-mysql%') into systemevents\r\n", SQL

# the template below emulates winsyslog format, but we need to check the time
# stamps used. for now, it is good enough ;)
$template WinSyslogFmt,"%timegenerated:1:10:date-rfc3339%,%timegenerated:12:19:date-rfc3339%,%timegenerated:1:10:date-rfc3339%,%timegenerated:12:19:date-rfc3339%,%syslogfacility%,%syslogpriority%,%syslogtag%%msg%\n"
#$template wallmsg,"\r\n\7Message from syslogd@%HOSTNAME% at %timegenerated:::date-rfc3339% ...\r\n %syslogtag%%msg%\n\r"

# Selector lines are now modified
# The "action" (e.g. file logging) can be followed
# by a comma and then the name of a template to use.
# This is an example:
#authpriv.*						/var/log/secure,precise
*.*		rger
#*.*		*;MySQLInsert
*.*		/home/rger/proj/rsyslog/logfile;WinSyslogFmt
#*.*		/home/rger/proj/rsyslog/logfile;UserMsg
#*.*		/home/rger/proj/rsyslog/tradfile;TraditionalFormat
#*.*		@172.19.2.16;RFC3164fmt
#*.*		@172.19.2.16
#*.*		>localhost,AdisconDB,root,