From cd7fb8cb772d589404126352a3cbaf9375edc6ba Mon Sep 17 00:00:00 2001
From: Leif Johansson <leifj@sunet.se>
Date: Fri, 21 Sep 2018 10:13:47 +0200
Subject: [PATCH] audit logs to authpriv and send to separate file

---
 .../overlay/etc/eidas-connector/eidas-connector.conf             | 1 +
 .../overlay/etc/eidas-connector/eidas-connector.conf             | 1 +
 log.qa.sveidas.se/overlay/etc/rsyslog.d/99-audit.conf            | 1 +
 3 files changed, 3 insertions(+)
 create mode 100644 log.qa.sveidas.se/overlay/etc/rsyslog.d/99-audit.conf

diff --git a/eidas-connector-common/overlay/etc/eidas-connector/eidas-connector.conf b/eidas-connector-common/overlay/etc/eidas-connector/eidas-connector.conf
index 2a184f70..3d9f98da 100644
--- a/eidas-connector-common/overlay/etc/eidas-connector/eidas-connector.conf
+++ b/eidas-connector-common/overlay/etc/eidas-connector/eidas-connector.conf
@@ -19,6 +19,7 @@ export IDP_LOG_CONSOLE=true
 # Syslog (for Audit and F-TICKS)
 export IDP_SYSLOG_HOST=log.sveidas.se
 export IDP_SYSLOG_PORT=514
+export IDP_AUDIT_SYSLOG_FACILITY=AUTHPRIV
 
 # F-TICKS and Audit
 export IDP_FTICKS_FEDERATION_ID=eIDAS
diff --git a/eidas-qa-connector/overlay/etc/eidas-connector/eidas-connector.conf b/eidas-qa-connector/overlay/etc/eidas-connector/eidas-connector.conf
index cf5e93cf..2746b064 100644
--- a/eidas-qa-connector/overlay/etc/eidas-connector/eidas-connector.conf
+++ b/eidas-qa-connector/overlay/etc/eidas-connector/eidas-connector.conf
@@ -19,6 +19,7 @@ export IDP_LOG_CONSOLE=true
 # Syslog (for Audit and F-TICKS)
 export IDP_SYSLOG_HOST=log.qa.sveidas.se
 export IDP_SYSLOG_PORT=514
+export IDP_AUDIT_SYSLOG_FACILITY=AUTHPRIV
 
 # F-TICKS and Audit
 export IDP_FTICKS_FEDERATION_ID=eIDAS
diff --git a/log.qa.sveidas.se/overlay/etc/rsyslog.d/99-audit.conf b/log.qa.sveidas.se/overlay/etc/rsyslog.d/99-audit.conf
new file mode 100644
index 00000000..d2563f0f
--- /dev/null
+++ b/log.qa.sveidas.se/overlay/etc/rsyslog.d/99-audit.conf
@@ -0,0 +1 @@
+authpriv.*	-/var/log/authpriv