# The default logging directory.  Any log or output file will be
# placed here if its not specified with a full path name.  This can be
# overridden with the -l command line parameter.
default-log-dir: /var/log/eidps

# Logging configuration.  This is not about logging IDS alerts, but
# IDS output about what its doing, errors, etc.
logging:

  # The default log level, can be overridden in an output section.
  default-log-level: debug

  # The default output format.  Optional parameter, should default to
  # something reasonable if not provided.  Can be overriden in an
  # output section.
  default-format: "<%t> - <%l>"

  # Default startup message.  Optional parameter, should default to
  # something reasonable if not provided.  Can be overridden in an
  # output section.
  default-startup-message: Your IDS has started.

  # A regex to filter output.  Can be overridden in an output section.
  # Defaults to empty (no filter).
  default-output-filter:

  # Configure the outputs.  If no outputs are specified the engine
  # will log to the console with an error log level.
  output:

  # Enable logging to the console.  Be a little more verbose than
  # default, log info and more critical.
  - interface: console
    log-level: info

  # Log to a file as well.  No log level specified so level will be
  # set to the default-log-level.
  - interface: file
    filename: /var/log/eidps.log

  # Log to syslog with facility local5.  Again, no level specified so
  # will level will be set to default-log-level.  We also override the
  # format as we don't want to log a timestamp, syslog will do that
  # for us.
  - interface: syslog
    facility: local5
    format: "%l"