tftpboot/scripts/latecommand/bullseye/etc/rsyslog.d/cron-session.conf

#
# Redirect PAM session information for 'cron' entries to the cron log file,
# to avoid filling up auth.log
#
if ($msg contains "pam_unix(cron:session): session opened for user") then {
  action(
    type="omfile"
    file="/var/log/cron.log"
    fileOwner="root"
    fileGroup="adm"
    fileCreateMode="0640"
    dirCreateMode="0755"
  )
  stop
} else if ($msg contains "pam_unix(cron:session): session closed for user") then {
  action(
    type="omfile"
    file="/var/log/cron.log"
    fileOwner="root"
    fileGroup="adm"
    fileCreateMode="0640"
    dirCreateMode="0755"
  )
  stop
}
Bullseye: new latecommand script (update packages,…) 2021-05-04 17:26:19 +02:00			`#`
			`# Redirect PAM session information for 'cron' entries to the cron log file,`
			`# to avoid filling up auth.log`
			`#`
			`if ($msg contains "pam_unix(cron:session): session opened for user") then {`
			`action(`
			`type="omfile"`
			`file="/var/log/cron.log"`
			`fileOwner="root"`
			`fileGroup="adm"`
			`fileCreateMode="0640"`
			`dirCreateMode="0755"`
			`)`
			`stop`
			`} else if ($msg contains "pam_unix(cron:session): session closed for user") then {`
			`action(`
			`type="omfile"`
			`file="/var/log/cron.log"`
			`fileOwner="root"`
			`fileGroup="adm"`
			`fileCreateMode="0640"`
			`dirCreateMode="0755"`
			`)`
			`stop`
			`}`