NAME
epylog.conf - epylog configuration
SYNOPSIS
epylog config file is a simple plaintext file in win.ini style format.
Location
Epylog will look in /etc/epylog/epylog.conf by default, but you can
override that by passing -c switch on the command line.
[main]
cfgdir This is where epylog should look for other configuration
information, most notably, modules.d directory. See epylog-
modules(5) for more info.
tmpdir Where to create temporary directories and put temporary files.
Note that log files can grow VERY big and epylog might create
several copies of them for processing purposes. Make sure there
is no danger of filling up that partition. A good place on a
designated loghost is /var/tmp, since that is usually a separate
partition dedicated entirely for logs.
vardir Where epylog should save its state data, namely the offsets.xml
file. The sanest place for this is /var/lib/epylog.
multimatch
By default, if a line is matched against a module, no other
modules will be tried. This helps speed things up tremendously.
However, you may have several modules that process the same
lines (although this is not a very good setup). In that case you
may set this to "yes". The default value is "no".
threads
How many processing threads to start. 50 is a good default
value, but you may set it to less or more, depending on your
system.
[report]
title What should be the title of the report. For mailed reports, this
is the subject of the message. For the ones published on the
web, this is the title of the page (as in <title></title>).
template
Which html template should be used for the final report. See the
source of the default template for the format used.
include_unparsed
Can be either "yes" or "no". If "no" is specified, strings that
didn’t match any of the modules will not be appended to the
report. Not very wise! A good setting is "yes".
publishers
Lists the publishers to use. The value is the name of the
section where to look for the publisher configuration. E.g.:
publishers = nfspub
will look for a section called "[nfspub]" for publisher
initialization. The name of the publisher has nothing to do with
the method it uses for publishing. The fact that the default are
named [file] and [mail] is only a matter of convenience. List
multiple values separated by a comma.
Mail Publisher
method Method must be set to "mail" for this publisher to be considered
a mail publisher.
smtpserv
Can be either a hostname of an SMTP server to use, or the
location of a sendmail binary. If the value starts with a "/" it
will be considered a path. E.g. valid entries:
smtpserv = mail.example.com
smtpserv = /usr/sbin/sendmail -t
mailto The list of email addresses where to mail the report. Separate
multiple entries by a comma. If ommitted, "root@localhost" will
be used.
format Can be one of the following: html, plain, or both. If you use a
mail client that doesn’t support html mail, then you better use
"plain" or "both", though you will miss out on visual cueing
that epylog uses to notify of important events.
lynx This is only useful if you use format other than "html". Epylog
will use a lynx-compliant tool to transform HTML into plain
text. The following browsers are known to work: lynx, elinks,
w3m.
include_rawlogs
Whether to include the gzipped raw logs with the message. If set
to "yes", it will attach the file with all processed logs with
the message. If you use a file publisher in addition to the mail
publisher, this may be a tad too paranoid.
rawlogs_limit
If the size of rawlogs.gz is more than this setting (in
kilobytes), then raw logs will not be attached. Useful if you
have a 50Mb log and check your mail over a slow uplink.
File Publisher
method Method must be set to "file" for this config to work as a file
publisher.
path Where to place the directories with reports. A sensible location
would be in /var/www/html/epylog. Note that the reports may
contain sensitive information, so make sure you place a
.htaccess in that directory and require a password, or limit by
host.
dirmask, filemask
These are the masks to be used for the created directories and
files. For format values look at strftime documentation here:
http://www.python.org/doc/current/lib/module-time.html
expire_in
A digit specifying the number of days after which the old
directories should be removed. Default is 7.
notify Optionally send notifications to these email addresses when new
reports become available. Comment out if no notification is
desired. This is definitely redundant if you also use the mail
publisher.
smtpserv
Use this smtp server when sending notifications. Can be either a
hostname or a path to sendmail. Defaults to "/usr/sbin/sendmail
-t".
pubroot
When generating a notification message, use this as publication
root to make a link. E.g.:
pubroot = http://www.example.com/epylog
will make a link:
http://www.example.com/epylog/dirname/filename.html
COMMENTS
Lines starting with "#" will be considered commented out.
AUTHORS
Konstantin Ryabitsev <icon@linux.duke.edu>
SEE ALSO
epylog(3), epylog(8), epylog-modules(5)