sudo/examples/sudo_logsrvd.conf

#
# sudo logsrv configuration
#

[server]
# The host name or IP address and port to listen on.  If no port is
# specified, port 30344 will be used.
# The following forms are accepted:
#   listen_address = hostname
#   listen_address = hostname:port
#   listen_address = IPv4_address
#   listen_address = IPv4_address:port
#   listen_address = [IPv6_address]
#   listen_address = [IPv6_address]:port
#
# Multiple listen_address settings may be specified.
# The default is to listen on all addresses.
#listen_address = *:30344

[iolog]
# The top-level directory to use when constructing the path name for the
# I/O log directory.  The session sequence number, if any, is stored here.
#iolog_dir = /var/log/sudo-io

# The path name, relative to iolog_dir, in which to store I/O logs.
# Note that iolog_file may contain directory components.
#iolog_file = %{seq}

# If set, I/O logs will be compressed using zlib.  Enabling compression can
# make it harder to view the logs in real-time as the program is executing.
#iolog_compress = false

# If set, I/O log data is flushed to disk after each write instead of
# buffering it.  This makes it possible to view the logs in real-time
# as the program is executing but reduces the effectiveness of compression.
#iolog_flush = true

# The group to use when creating new I/O log files and directories.
# If iolog_group is not set, the primary group-ID of the user specified
# by iolog_user is used.  If neither iolog_group nor iolog_user
# are set, I/O log files and directories are created with group-ID 0.
#iolog_group = wheel

# The user to use when setting the user-ID and group-ID of new I/O
# log files and directories.  If iolog_group is set, it will be used
# instead of the user's primary group-ID.  By default, I/O log files
# and directories are created with user and group-ID 0.
#iolog_user = root

# The file mode to use when creating I/O log files.  The file permissions
# will always include the owner read and write bits, even if they are
# not present in the specified mode.  When creating I/O log directories,
# search (execute) bits are added to match the read and write bits
# specified by iolog_mode.
#iolog_mode = 0600

# The maximum sequence number that will be substituted for the "%{seq}"
# escape in the I/O log file.  While the value substituted for "%{seq}"
# is in base 36, maxseq itself should be expressed in decimal.  Values
# larger than 2176782336 (which corresponds to the base 36 sequence
# number "ZZZZZZ") will be silently truncated to 2176782336.
#maxseq = 2176782336

[eventlog]
# Where to log accept, reject and alert events.
# Accepted values are syslog, logfile, or none.
# Defaults to syslog
#log_type = syslog

# Event log format.
# Currently only sudo-style event logs are supported.
#log_format = sudo

[syslog]
# The maximum length of a syslog payload.
# On many systems, syslog(3) has a relatively small log buffer.
# IETF RFC 5424 states that syslog servers must support messages
# of at least 480 bytes and should support messages up to 2048 bytes.
# Messages larger than this value will be split into multiple messages.
#maxlen = 960

# The syslog facility to use for event log messages.
# The following syslog facilities are supported: authpriv (if your OS
# supports it), auth, daemon, user, local0, local1, local2, local3,
# local4, local5, local6, and local7.
#facility = authpriv

# Syslog priority to use for event log accept messages, when the command
# is allowed by the security policy.  The following syslog priorities are
# supported: alert, crit, debug, emerg, err, info, notice, warning, none.
#accept_priority = notice

# Syslog priority to use for event log reject messages, when the command
# is not allowed by the security policy.
#reject_priority = alert

# Syslog priority to use for event log alert messages reported by the
# client.
#alert_priority = alert

[logfile]
# The path to the file-based event log.
# This path must be fully-qualified and start with a '/' character.
#path = /var/log/sudo

# The format string used when formatting the date and time for
# file-based event logs.  Formatting is performed via strftime(3) so
# any format string supported by that function is allowed.
#time_format = %h %e %T
Add config file support for logsrvd 2019-10-24 20:04:31 -06:00			`#`
			`# sudo logsrv configuration`
			`#`

Convert sudo_logsrvd.conf to ini file format 2019-10-24 20:04:32 -06:00			`[server]`
Make the logsrvd port and list address configurable. 2019-10-24 20:04:32 -06:00			`# The host name or IP address and port to listen on. If no port is`
			`# specified, port 30344 will be used.`
			`# The following forms are accepted:`
Add basic support for event logging using a sudo-style log format. 2019-10-24 20:04:32 -06:00			`# listen_address = hostname`
			`# listen_address = hostname:port`
			`# listen_address = IPv4_address`
			`# listen_address = IPv4_address:port`
			`# listen_address = [IPv6_address]`
			`# listen_address = [IPv6_address]:port`
Document the sudo log server protocol 2019-10-24 20:04:33 -06:00			`#`
Make the logsrvd port and list address configurable. 2019-10-24 20:04:32 -06:00			`# Multiple listen_address settings may be specified.`
			`# The default is to listen on all addresses.`
			`#listen_address = *:30344`

Convert sudo_logsrvd.conf to ini file format 2019-10-24 20:04:32 -06:00			`[iolog]`
Add config file support for logsrvd 2019-10-24 20:04:31 -06:00			`# The top-level directory to use when constructing the path name for the`
			`# I/O log directory. The session sequence number, if any, is stored here.`
Add basic support for event logging using a sudo-style log format. 2019-10-24 20:04:32 -06:00			`#iolog_dir = /var/log/sudo-io`
Add config file support for logsrvd 2019-10-24 20:04:31 -06:00
			`# The path name, relative to iolog_dir, in which to store I/O logs.`
			`# Note that iolog_file may contain directory components.`
Add basic support for event logging using a sudo-style log format. 2019-10-24 20:04:32 -06:00			`#iolog_file = %{seq}`
Add config file support for logsrvd 2019-10-24 20:04:31 -06:00
			`# If set, I/O logs will be compressed using zlib. Enabling compression can`
			`# make it harder to view the logs in real-time as the program is executing.`
Add basic support for event logging using a sudo-style log format. 2019-10-24 20:04:32 -06:00			`#iolog_compress = false`
Add config file support for logsrvd 2019-10-24 20:04:31 -06:00
Add manual pages for logsrvd and sendlog. 2019-10-24 20:04:32 -06:00			`# If set, I/O log data is flushed to disk after each write instead of`
			`# buffering it. This makes it possible to view the logs in real-time`
			`# as the program is executing but reduces the effectiveness of compression.`
			`#iolog_flush = true`

			`# The group to use when creating new I/O log files and directories.`
			`# If iolog_group is not set, the primary group-ID of the user specified`
			`# by iolog_user is used. If neither iolog_group nor iolog_user`
Add config file support for logsrvd 2019-10-24 20:04:31 -06:00			`# are set, I/O log files and directories are created with group-ID 0.`
			`#iolog_group = wheel`

Document the sudo log server protocol 2019-10-24 20:04:33 -06:00			`# The user to use when setting the user-ID and group-ID of new I/O`
			`# log files and directories. If iolog_group is set, it will be used`
			`# instead of the user's primary group-ID. By default, I/O log files`
			`# and directories are created with user and group-ID 0.`
Add config file support for logsrvd 2019-10-24 20:04:31 -06:00			`#iolog_user = root`

Add manual pages for logsrvd and sendlog. 2019-10-24 20:04:32 -06:00			`# The file mode to use when creating I/O log files. The file permissions`
Document the sudo log server protocol 2019-10-24 20:04:33 -06:00			`# will always include the owner read and write bits, even if they are`
			`# not present in the specified mode. When creating I/O log directories,`
			`# search (execute) bits are added to match the read and write bits`
			`# specified by iolog_mode.`
Add basic support for event logging using a sudo-style log format. 2019-10-24 20:04:32 -06:00			`#iolog_mode = 0600`
Add config file support for logsrvd 2019-10-24 20:04:31 -06:00
Add manual pages for logsrvd and sendlog. 2019-10-24 20:04:32 -06:00			`# The maximum sequence number that will be substituted for the "%{seq}"`
			`# escape in the I/O log file. While the value substituted for "%{seq}"`
			`# is in base 36, maxseq itself should be expressed in decimal. Values`
Document the sudo log server protocol 2019-10-24 20:04:33 -06:00			`# larger than 2176782336 (which corresponds to the base 36 sequence`
			`# number "ZZZZZZ") will be silently truncated to 2176782336.`
Add basic support for event logging using a sudo-style log format. 2019-10-24 20:04:32 -06:00			`#maxseq = 2176782336`

			`[eventlog]`
			`# Where to log accept, reject and alert events.`
			`# Accepted values are syslog, logfile, or none.`
			`# Defaults to syslog`
			`#log_type = syslog`

			`# Event log format.`
Add manual pages for logsrvd and sendlog. 2019-10-24 20:04:32 -06:00			`# Currently only sudo-style event logs are supported.`
Add basic support for event logging using a sudo-style log format. 2019-10-24 20:04:32 -06:00			`#log_format = sudo`

			`[syslog]`
			`# The maximum length of a syslog payload.`
			`# On many systems, syslog(3) has a relatively small log buffer.`
			`# IETF RFC 5424 states that syslog servers must support messages`
			`# of at least 480 bytes and should support messages up to 2048 bytes.`
			`# Messages larger than this value will be split into multiple messages.`
			`#maxlen = 960`

			`# The syslog facility to use for event log messages.`
			`# The following syslog facilities are supported: authpriv (if your OS`
Document the sudo log server protocol 2019-10-24 20:04:33 -06:00			`# supports it), auth, daemon, user, local0, local1, local2, local3,`
			`# local4, local5, local6, and local7.`
Add basic support for event logging using a sudo-style log format. 2019-10-24 20:04:32 -06:00			`#facility = authpriv`

Add manual pages for logsrvd and sendlog. 2019-10-24 20:04:32 -06:00			`# Syslog priority to use for event log accept messages, when the command`
			`# is allowed by the security policy. The following syslog priorities are`
			`# supported: alert, crit, debug, emerg, err, info, notice, warning, none.`
Add basic support for event logging using a sudo-style log format. 2019-10-24 20:04:32 -06:00			`#accept_priority = notice`

Add manual pages for logsrvd and sendlog. 2019-10-24 20:04:32 -06:00			`# Syslog priority to use for event log reject messages, when the command`
			`# is not allowed by the security policy.`
Add basic support for event logging using a sudo-style log format. 2019-10-24 20:04:32 -06:00			`#reject_priority = alert`

Document the sudo log server protocol 2019-10-24 20:04:33 -06:00			`# Syslog priority to use for event log alert messages reported by the`
			`# client.`
Add basic support for event logging using a sudo-style log format. 2019-10-24 20:04:32 -06:00			`#alert_priority = alert`

			`[logfile]`
Add manual pages for logsrvd and sendlog. 2019-10-24 20:04:32 -06:00			`# The path to the file-based event log.`
			`# This path must be fully-qualified and start with a '/' character.`
			`#path = /var/log/sudo`

Add basic support for event logging using a sudo-style log format. 2019-10-24 20:04:32 -06:00			`# The format string used when formatting the date and time for`
			`# file-based event logs. Formatting is performed via strftime(3) so`
			`# any format string supported by that function is allowed.`
			`#time_format = %h %e %T`