#   map syslog(3) API priorities to OSSP l2 levels
#   Notes: - syslog(3) has no corresponding priority for OSSP l2 "trace"
#          - OSSP l2 has no corresponding level for syslog(3) emerg
map emerg   panic;
map alert   panic;
map crit    critical;
map err     error;
map warning warning;
map notice  notice;
map info    info;
map debug   debug;

#Security logging
ident (.+)/local7 q{
    prefix(
        prefix="[%Y-%m-%d, %H:%M:%S] ",
        timezone=local
    )
     -> my_own_node(
             filename="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
             threshold=500,
             timezone=local,
             prefix="[%Y-%m-%d, %H:%M:%S] "
        )
     -> {
	critical: filter(
               regex="XXXXXXX",
               negate=1,
               nocase=0
       )
	-> buffer(
               size=131072,
               interval=180,
               levelflush=0
       )
       -> smtp(
	       progname="XXXXXXXXXXXXXX",
               localhost="XXXXXXXXXXXXXXx",
               localuser="XXXXXX",
               host="XXXXXXXXXXXXXXXXxx",
               rcpt=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXx,
               from=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,
               subject="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
       );
       file(
            path="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXx",
            trunc=0,
            perm=0644
       )
    }
};