bug_ebuild/gentoo/app-admin/rsyslog/files/8-stable/50-default.conf

#######################
### DEFAULT ACTIONS ###
#######################

auth,authpriv.* action(
	type="omfile"
	File="/var/log/auth.log"
	FileCreateMode="0600"
	FileOwner="root"
	FileGroup="adm"
	Sync="off"
)

cron.* action(
	type="omfile"
	File="/var/log/cron.log"
	FileOwner="root"
	FileGroup="adm"
)

daemon.* action(
	type="omfile"
	File="/var/log/daemon.log"
	FileOwner="root"
	FileGroup="adm"
)

kern.* action(
	type="omfile"
	File="/var/log/kern.log"
	FileOwner="root"
	FileGroup="adm"
)

lpr.* action(
	type="omfile"
	File="/var/log/lpr.log"
	FileOwner="root"
	FileGroup="adm"
)

mail.* action(
	type="omfile"
	File="/var/log/mail.log"
	FileOwner="root"
	FileGroup="adm"
)

news.* action(
	type="omfile"
	File="/var/log/news.log"
	FileOwner="root"
	FileGroup="adm"
)

user.* action(
	type="omfile"
	File="/var/log/user.log"
	FileOwner="root"
	FileGroup="adm"
)

*.=debug;auth,authpriv,news,mail.none action(
	type="omfile"
	File="/var/log/debug.log"
	FileOwner="root"
	FileGroup="adm"
)

*.info;auth,authpriv,cron,daemon,lpr,mail,news.none action(
	type="omfile"
	File="/var/log/messages"
	FileOwner="root"
	FileGroup="adm"
)

# Uncomment the following directive to re-enable the
# deprecated "/var/log/syslog" log file (don't forget to re-enable log
# rotation in "/etc/logrotate.d/rsyslog" if you do that!)
#*.*;auth,authpriv.none action(
#	type="omfile"
#	File="/var/log/syslog"
#	FileOwner="root"
#	FileGroup="adm"
#)

*.emerg action(
	type="omusrmsg"
	Users="*"
	action.execOnlyOnceEveryInterval="10"
)

# Create an additional socket for the default chroot location
# (used by net-misc/openssh[hpn], see https://bugs.gentoo.org/490744)
input(type="imuxsock" Socket="/var/empty/dev/log")