Site Navigation

FreeBSD Manual Pages

   man apropos
 
   All Sections 1 - General Commands 2 - System Calls 3 - Subroutines 4 - Special Files 5 - File Formats 6 - Games 7 - Macros and Conventions 8 - Maintenance Commands 9 - Kernel Interface n - New Commands FreeBSD 16.0-CURRENT FreeBSD 15.0-RELEASE FreeBSD 15.0-RELEASE and Ports FreeBSD 15.0-STABLE FreeBSD 14.3-RELEASE FreeBSD 14.3-RELEASE and Ports FreeBSD 14.3-STABLE FreeBSD 14.2-RELEASE FreeBSD 14.2-RELEASE and Ports FreeBSD 14.1-RELEASE FreeBSD 14.1-RELEASE and Ports FreeBSD 14.0-RELEASE FreeBSD 14.0-RELEASE and Ports FreeBSD 13.5-RELEASE FreeBSD 13.5-RELEASE and Ports FreeBSD 13.5-STABLE FreeBSD 13.4-RELEASE FreeBSD 13.4-RELEASE and Ports FreeBSD 13.3-RELEASE FreeBSD 13.3-RELEASE and Ports FreeBSD 13.2-RELEASE FreeBSD 13.2-RELEASE and Ports FreeBSD 13.1-RELEASE FreeBSD 13.1-RELEASE and Ports FreeBSD 13.0-RELEASE FreeBSD 13.0-RELEASE and Ports FreeBSD 12.4-RELEASE FreeBSD 12.4-RELEASE and Ports FreeBSD 12.3-RELEASE FreeBSD 12.3-RELEASE and Ports FreeBSD 12.2-RELEASE FreeBSD 12.2-RELEASE and Ports FreeBSD 12.1-RELEASE FreeBSD 12.1-RELEASE and Ports FreeBSD 12.0-RELEASE FreeBSD 12.0-RELEASE and Ports FreeBSD 11.4-RELEASE FreeBSD 11.4-RELEASE and Ports FreeBSD 11.3-RELEASE FreeBSD 11.3-RELEASE and Ports FreeBSD 11.2-RELEASE FreeBSD 11.2-RELEASE and Ports FreeBSD 11.1-RELEASE FreeBSD 11.1-RELEASE and Ports FreeBSD 11.0-RELEASE FreeBSD 11.0-RELEASE and Ports FreeBSD 10.4-RELEASE FreeBSD 10.4-RELEASE and Ports FreeBSD 10.3-RELEASE FreeBSD 10.3-RELEASE and Ports FreeBSD 10.2-RELEASE FreeBSD 10.2-RELEASE and Ports FreeBSD 10.1-RELEASE FreeBSD 10.1-RELEASE and Ports FreeBSD 10.0-RELEASE FreeBSD 10.0-RELEASE and Ports FreeBSD 9.3-RELEASE FreeBSD 9.3-RELEASE and Ports FreeBSD 9.2-RELEASE FreeBSD 9.2-RELEASE and Ports FreeBSD 9.1-RELEASE FreeBSD 9.1-RELEASE and Ports FreeBSD 9.0-RELEASE FreeBSD 9.0-RELEASE and Ports FreeBSD 8.4-RELEASE FreeBSD 8.4-RELEASE and Ports FreeBSD 8.3-RELEASE FreeBSD 8.3-RELEASE and Ports FreeBSD 8.2-RELEASE FreeBSD 8.2-RELEASE and Ports FreeBSD 8.1-RELEASE FreeBSD 8.1-RELEASE and Ports FreeBSD 8.0-RELEASE FreeBSD 8.0-RELEASE and Ports FreeBSD 7.4-RELEASE FreeBSD 7.4-RELEASE and Ports FreeBSD 7.3-RELEASE FreeBSD 7.3-RELEASE and Ports FreeBSD 7.2-RELEASE FreeBSD 7.2-RELEASE and Ports FreeBSD 7.1-RELEASE FreeBSD 7.1-RELEASE and Ports FreeBSD 7.0-RELEASE FreeBSD 6.4-RELEASE FreeBSD 6.4-RELEASE and Ports FreeBSD 6.3-RELEASE FreeBSD 6.3-RELEASE and Ports FreeBSD 6.2-RELEASE FreeBSD 6.1-RELEASE FreeBSD 6.0-RELEASE FreeBSD 6.0-RELEASE and Ports FreeBSD 5.5-RELEASE FreeBSD 5.5-RELEASE and Ports FreeBSD 5.4-RELEASE FreeBSD 5.4-RELEASE and Ports FreeBSD 5.3-RELEASE FreeBSD 5.3-RELEASE and Ports FreeBSD 5.2.1-RELEASE FreeBSD 5.2.1-RELEASE and Ports FreeBSD 5.2-RELEASE FreeBSD 5.2-RELEASE and Ports FreeBSD 5.1-RELEASE FreeBSD 5.0-RELEASE FreeBSD 4.11-RELEASE FreeBSD 4.11-RELEASE and Ports FreeBSD 4.10-RELEASE FreeBSD 4.10-RELEASE and Ports FreeBSD 4.9-RELEASE FreeBSD 4.9-RELEASE and Ports FreeBSD 4.8-RELEASE FreeBSD 4.8-RELEASE and Ports FreeBSD 4.7-RELEASE FreeBSD 4.6.2-RELEASE FreeBSD 4.6.2-RELEASE and Ports FreeBSD 4.6-RELEASE FreeBSD 4.6-RELEASE and Ports FreeBSD 4.5-RELEASE FreeBSD 4.5-RELEASE and Ports FreeBSD 4.4-RELEASE FreeBSD 4.3-RELEASE FreeBSD 4.3-RELEASE and Ports FreeBSD 4.2-RELEASE FreeBSD 4.2-RELEASE and Ports FreeBSD 4.1.1-RELEASE FreeBSD 4.1.1-RELEASE and Ports FreeBSD 4.1-RELEASE FreeBSD 4.0-RELEASE FreeBSD 3.5.1-RELEASE FreeBSD 3.5.1-RELEASE and Ports FreeBSD 3.5-RELEASE and Ports FreeBSD 3.4-RELEASE FreeBSD 3.4-RELEASE and Ports FreeBSD 3.3-RELEASE FreeBSD 3.2-RELEASE FreeBSD 3.1-RELEASE FreeBSD 3.0-RELEASE FreeBSD 2.2.8-RELEASE FreeBSD 2.2.8-RELEASE and Ports FreeBSD 2.2.7-RELEASE FreeBSD 2.2.6-RELEASE FreeBSD 2.2.5-RELEASE FreeBSD 2.2.2-RELEASE FreeBSD 2.2.1-RELEASE FreeBSD 2.1.7.1-RELEASE FreeBSD 2.1.6.1-RELEASE FreeBSD 2.1.5-RELEASE FreeBSD 2.1.0-RELEASE FreeBSD 2.0.5-RELEASE FreeBSD 2.0-RELEASE FreeBSD 1.1.5.1-RELEASE FreeBSD 1.1-RELEASE FreeBSD 1.0-RELEASE FreeBSD Ports 15.0 FreeBSD Ports 14.3 FreeBSD Ports 14.3.quarterly FreeBSD Ports 14.2 FreeBSD Ports 14.1 FreeBSD Ports 14.0 FreeBSD Ports 13.5 FreeBSD Ports 13.4 FreeBSD Ports 13.3 FreeBSD Ports 13.2 FreeBSD Ports 13.1 FreeBSD Ports 13.0 FreeBSD Ports 12.4 FreeBSD Ports 12.3 FreeBSD Ports 12.2 FreeBSD Ports 12.1 FreeBSD Ports 12.0 FreeBSD Ports 11.4 FreeBSD Ports 11.3 FreeBSD Ports 11.2 FreeBSD Ports 11.1 FreeBSD Ports 11.0 FreeBSD Ports 10.4 FreeBSD Ports 10.3 FreeBSD Ports 10.2 FreeBSD Ports 10.1 FreeBSD Ports 10.0 FreeBSD Ports 9.3 FreeBSD Ports 9.2 FreeBSD Ports 9.1 FreeBSD Ports 9.0 FreeBSD Ports 8.4 FreeBSD Ports 8.3 FreeBSD Ports 8.2 FreeBSD Ports 8.1 FreeBSD Ports 8.0 FreeBSD Ports 7.4 FreeBSD Ports 7.3 FreeBSD Ports 7.2 FreeBSD Ports 7.1 FreeBSD Ports 7.0 FreeBSD Ports 6.4 FreeBSD Ports 6.3 FreeBSD Ports 6.2 FreeBSD Ports 6.0 FreeBSD Ports 5.5 FreeBSD Ports 5.4 FreeBSD Ports 5.3 FreeBSD Ports 5.2.1 FreeBSD Ports 5.2 FreeBSD Ports 5.1 FreeBSD Ports 4.11 FreeBSD Ports 4.10 FreeBSD Ports 4.9 FreeBSD Ports 4.8 FreeBSD Ports 4.7 FreeBSD Ports 4.6.2 FreeBSD Ports 4.6 FreeBSD Ports 4.5 FreeBSD Ports 4.3 FreeBSD Ports 4.2 FreeBSD Ports 4.1.1 FreeBSD Ports 3.5.1 FreeBSD Ports 3.5 FreeBSD Ports 3.4 FreeBSD Ports 2.2.8 4.4BSD Lite2 4.3BSD NET/2 4.3BSD Reno 2.11 BSD 2.10 BSD 2.9.1 BSD 2.8 BSD 386BSD 0.1 386BSD 0.0 CentOS 7.9 CentOS 7.8 CentOS 7.7 CentOS 7.6 CentOS 7.5 CentOS 7.4 CentOS 7.3 CentOS 7.2 CentOS 7.1 CentOS 7.0 CentOS 6.10 CentOS 6.9 CentOS 6.8 CentOS 6.7 CentOS 6.6 CentOS 6.5 CentOS 6.4 CentOS 6.3 CentOS 6.2 CentOS 6.1 CentOS 6.0 CentOS 5.11 CentOS 5.10 CentOS 5.9 CentOS 5.8 CentOS 5.7 CentOS 5.6 CentOS 5.5 CentOS 5.4 CentOS 4.8 CentOS 3.9 Darwin 8.0.1/ppc Darwin 7.0.1 Darwin 6.0.2/x86 Darwin 1.4.1/x86 Darwin 1.3.1/x86 Debian 14.0 unstable Debian 13.1.0 Debian 12.12.0 Debian 11.11.0 Debian 10.13.0 Debian 9.13.0 Debian 8.11.1 Debian 7.11.0 Debian 6.0.10 Debian 5.0.10 Debian 4.0.9 Debian 3.1.8 Debian 2.2.7 Debian 2.0.0 Dell UNIX SVR4 2.2 DragonFly 6.4.0 DragonFly 5.8.3 DragonFly 4.8.1 DragonFly 3.8.2 DragonFly 2.10.1 DragonFly 1.12.1 DragonFly 1.0A HP-UX 11.22 HP-UX 11.20 HP-UX 11.11 HP-UX 11.00 HP-UX 10.20 HP-UX 10.10 HP-UX 10.01 HP-UX 9.07 HP-UX 8.07 Inferno 4th Edition IRIX 6.5.30 Linux Slackware 3.1 MACH 2.5/i386 macOS 26.0 macOS 15.7 macOS 14.8 macOS 13.6.5 macOS 12.7.3 macOS 11.1 macOS 10.15.7 macOS 10.13.6 macOS 10.12.0 Minix 3.3.0 Minix 3.2.1 Minix 3.2.0 Minix 3.1.7 Minix 3.1.6 Minix 3.1.5 Minix 2.0.0 NetBSD 10.1 NetBSD 10.0 NetBSD 9.4 NetBSD 9.3 NetBSD 9.2 NetBSD 9.1 NetBSD 9.0 NetBSD 8.3 NetBSD 8.2 NetBSD 8.1 NetBSD 8.0 NetBSD 7.2 NetBSD 7.1.2 NetBSD 7.1 NetBSD 7.0 NetBSD 6.1.5 NetBSD 6.0 NetBSD 5.2.3 NetBSD 5.2 NetBSD 5.1 NetBSD 5.0 NetBSD 4.0.1 NetBSD 4.0 NetBSD 3.1 NetBSD 3.0 NetBSD 2.1 NetBSD 2.0.2 NetBSD 2.0 NetBSD 1.6.2 NetBSD 1.6.1 NetBSD 1.6 NetBSD 1.5.3 NetBSD 1.5.2 NetBSD 1.5.1 NetBSD 1.5 NetBSD 1.4.3 NetBSD 1.4.2 NetBSD 1.4.1 NetBSD 1.4 NetBSD 1.3.3 NetBSD 1.3.2 NetBSD 1.3.1 NetBSD 1.3 NetBSD 1.2.1 NetBSD 1.2 NetBSD 1.1 NetBSD 1.0 NeXTSTEP 3.3 OpenBSD 7.8 OpenBSD 7.7 OpenBSD 7.6 OpenBSD 7.5 OpenBSD 7.4 OpenBSD 7.3 OpenBSD 7.2 OpenBSD 7.1 OpenBSD 7.0 OpenBSD 6.9 OpenBSD 6.8 OpenBSD 6.7 OpenBSD 6.6 OpenBSD 6.5 OpenBSD 6.4 OpenBSD 6.3 OpenBSD 6.2 OpenBSD 6.1 OpenBSD 6.0 OpenBSD 5.9 OpenBSD 5.8 OpenBSD 5.7 OpenBSD 5.6 OpenBSD 5.5 OpenBSD 5.4 OpenBSD 5.3 OpenBSD 5.2 OpenBSD 5.1 OpenBSD 5.0 OpenBSD 4.9 OpenBSD 4.8 OpenBSD 4.7 OpenBSD 4.6 OpenBSD 4.5 OpenBSD 4.4 OpenBSD 4.3 OpenBSD 4.2 OpenBSD 4.1 OpenBSD 4.0 OpenBSD 3.9 OpenBSD 3.8 OpenBSD 3.7 OpenBSD 3.6 OpenBSD 3.5 OpenBSD 3.4 OpenBSD 3.3 OpenBSD 3.2 OpenBSD 3.1 OpenBSD 3.0 OpenBSD 2.9 OpenBSD 2.8 OpenBSD 2.7 OpenBSD 2.6 OpenBSD 2.5 OpenBSD 2.4 OpenBSD 2.3 OpenBSD 2.2 OpenBSD 2.1 OpenBSD 2.0 OpenDarwin 7.2.1 OpenDarwin 6.6.2/x86 OpenDarwin 6.6.1/x86 OpenDarwin 20030208pre4/ppc OpenIndiana 2024.10 OpenIndiana 2022.10 OpenIndiana 2020.10 OpenIndiana 2017.10 OpenIndiana 2015.10 OpenIndiana 2013.08 OpenSolaris 2010.03 OpenSolaris 2009.06 OpenStep 4.2 openSUSE 42.3 openSUSE 42.2 openSUSE 42.1 openSUSE 16.0 openSUSE 15.6 openSUSE 15.5 openSUSE 15.4 openSUSE 15.3 openSUSE 15.2 openSUSE 15.1 openSUSE 15.0 openSUSE 13.2 openSUSE 13.1 openSUSE 11.4 openSUSE 11.3 openSUSE 11.2 openSUSE 10.3 openSUSE 10.2 OSF1 V5.1/alpha OSF1 V4.0/alpha OSF1 V1.0/mips Plan 9 Red Hat 9.0 Red Hat 8.0 Red Hat 7.3 Red Hat 7.2 Red Hat 7.1 Red Hat 7.0 Red Hat 6.2 Red Hat 6.1 Red Hat 5.2 Red Hat 5.0 Red Hat 4.2 Rhapsody DR1 Rhapsody DR2 Rocky 10.0 Rocky 9.6 Rocky 9.5 Rocky 9.4 Rocky 9.3 Rocky 9.2 Rocky 9.1 Rocky 9.0 Rocky 8.10 Rocky 8.9 Rocky 8.8 Rocky 8.7 Rocky 8.6 Rocky 8.5 Rocky 8.4 Rocky 8.3 Sun UNIX 0.4 SunOS 5.10 SunOS 5.9 SunOS 5.8 SunOS 5.7 SunOS 5.6 SunOS 5.5.1 SunOS 4.1.3 SuSE 11.3 SuSE 11.2 SuSE 11.1 SuSE 11.0 SuSE 10.3 SuSE 10.2 SuSE 10.1 SuSE 10.0 SuSE 9.3 SuSE 9.2 SuSE 8.2 SuSE 8.1 SuSE 8.0 SuSE 7.3 SuSE 7.2 SuSE 7.1 SuSE 7.0 SuSE 6.4 SuSE 6.3 SuSE 6.1 SuSE 6.0 SuSE 5.3 SuSE 5.2 SuSE 5.0 SuSE 4.3 SuSE ES 10 SP1 Ubuntu 24.04 noble Ubuntu 23.10 mantic Ubuntu 22.04 jammy Ubuntu 20.04 focal Ubuntu 18.04 bionic Ubuntu 16.04 xenial Ubuntu 14.04 trusty ULTRIX 4.2 Ultrix-32 2.0/VAX Unix Seventh Edition X11R7.4 X11R7.3.2 X11R7.2 X11R6.9.0 X11R6.8.2 X11R6.7.0 XFree86 4.8.0 XFree86 4.7.0 XFree86 4.6.0 XFree86 4.5.0 XFree86 4.4.0 XFree86 4.3.0 XFree86 4.2.99.3 XFree86 4.2.0 XFree86 4.1.0 XFree86 4.0.2 XFree86 4.0.1 XFree86 4.0 XFree86 3.3.6 XFree86 3.3 XFree86 2.1 All Architectures html pdf ascii

home | help

---

syslog-ng.conf(5)	The syslog-ng.conf manual page	     syslog-ng.conf(5)

NAME
       syslog-ng.conf -	{{ site.product.short_name }} configuration file

Synopsis
       syslog-ng.conf

Description
       This manual page	is only	an abstract.

       The  syslog-ng OSE application is a flexible and	highly scalable	system
       logging application. Typically, syslog-ng OSE is	 used  to  manage  log
       messages	and implement centralized logging, where the aim is to collect
       the  log	 messages  of several devices on a single, central log server.
       The different devices - called syslog-ng	OSE clients  -	all  run  sys-
       log-ng OSE, and collect the log messages	from the various applications,
       files,  and  other sources. The clients send all	important log messages
       to the remote syslog-ng OSE PE  server,	where  the  server  sorts  and
       stores them.

Basic concepts of syslog-ng OSE
       The syslog-ng OSE application reads incoming messages and forwards them
       to the selected destinations. The syslog-ng OSE application can receive
       messages	from files, remote hosts, and other sources.

       Log messages enter syslog-ng OSE	in one of the defined sources, and are
       sent to one or more destinations.

       Sources and destinations	are independent	objects, log paths define what
       syslog-ng OSE does with a message, connecting the sources to the	desti-
       nations.	 A  log	 path  consists	of one or more sources and one or more
       destinations: messages arriving from a source are sent to every	desti-
       nation  listed  in the log path.	A log path defined in syslog-ng	OSE is
       called a	log statement.

       Optionally, log paths can include filters. Filters are rules  that  se-
       lect  only  certain messages, for example, selecting only messages sent
       by a specific application. If a log path	 includes  filters,  syslog-ng
       OSE sends only the messages satisfying the filter rules to the destina-
       tions set in the	log path.

       Other  optional	elements that can appear in log	statements are parsers
       and rewriting rules. Parsers segment messages into different fields  to
       help  processing	 the messages, while rewrite rules modify the messages
       by adding, replacing, or	removing parts of the messages.

Configuring syslog-ng OSE
	      •	The main body of the configuration file	consists of object de-
		finitions: sources, destinations, logpaths  define  which  log
		message	are received and where they are	sent. All identifiers,
		option names and attributes, and any other strings used	in the
		syslog-ng  OSE	configuration  file are	case sensitive.	Object
		definitions (also called statements) have the  following  syn-
		tax:

		     type-of-the-object	identifier-of-the-object {<parameters>};

		     • Type  of	 the  object: One of source, destination, log,
		       filter, parser, rewrite rule, or	template.

		     • Identifier of the object: A unique name identifying the
		       object.	When using a reserved word as  an  identifier,
		       enclose the identifier in quotation marks (\"\").

	      All  identifiers,	 attributes, and any other strings used	in the
	      syslog-ng	OSE configuration file are case	sensitive.

	      TIP: Use identifiers that	refer to the type of the  object  they
	      identify.	 For  example, prefix source objects with s_, destina-
	      tions with d_, and so on.

	      NOTE: Repeating a	definition of an object	(that is, defining the
	      same object with the same	id more	than once) is not allowed, un-
	      less you use the @define allow-config-dups 1 definition  in  the
	      configuration file.  - Parameters: The parameters	of the object,
	      enclosed in braces
		  {parameters}.	  -  Semicolon:	 Object	definitions end	with a
	      semicolon	(;).

	      For example, the following line defines a	source	and  calls  it
	      s_internal.

		     source s_internal { internal(); };

	      The object can be	later referenced in other statements using its
	      ID,  for	example, the previous source is	used as	a parameter of
	      the following log	statement:

		     log { source(s_internal); destination(d_file); };

	      •	The parameters and options within a statement are  similar  to
		function  calls	of the C programming language: the name	of the
		option followed	by a list of its  parameters  enclosed	within
		brackets and terminated	with a semicolon.

		     option(parameter1,	parameter2); option2(parameter1, parameter2);

	      For example, the file() driver in	the following source statement
	      has  three  options:  the	filename (/var/log/apache/access.log),
	      follow-freq(), and flags(). The follow-freq() option also	has  a
	      parameter, while the flags() option has two parameters.

		     source s_tail { file("/var/log/apache/access.log"
		     follow-freq(1) flags(no-parse, validate-utf8)); };

	      Objects  may have	required and optional parameters. Required pa-
	      rameters are positional, meaning that they must be specified  in
	      a	defined	order. Optional	parameters can be specified in any or-
	      der  using the option(value) format. If a	parameter (optional or
	      required)	is not specified, its default value is used. The para-
	      meters and their default values are listed in the	reference sec-
	      tion of the particular object.

	      Example: Using required and optional parameters

	      The unix-stream()	source driver has a single required  argument:
	      the  name	of the socket to listen	on. Optional parameters	follow
	      the socket name in any order, so the  following  source  defini-
	      tions have the same effect:

		     source s_demo_stream1 {
			 unix-stream("<path-to-socket>"
			 max-connections(10) group(log));
		     };

		     source s_demo_stream2 {
			 unix-stream("<path-to-socket>"
			 group(log) max-connections(10));
		     };

	      •	Some  options  are global options, or can be set globally, for
		example, whether syslog-ng OSE should use  DNS	resolution  to
		resolve	IP addresses.

		     options { use-dns(no); };

	      •	Objects	can be used before definition.

	      •	Objects	 can  be defined inline	as well. This is useful	if you
		use the	object only once (for example, a filter).

	      •	To add comments	to the configuration file, start a line	with #
		and write your comments. These lines are ignored by  syslog-ng
		OSE.

		     # Comment:	This is	a stream source

		     source s_demo_stream {
		     unix-stream("<path-to-socket>" max-connections(10)	group(log)); };

       The syntax of log statements is as follows:

	      log {
		  source(s1); source(s2); ...
		  optional_element(filter1|parser1|rewrite1);
		  optional_element(filter2|parser2|rewrite2);
		  ...
		  destination(d1); destination(d2); ...
		  flags(flag1[,	flag2...]);
	      };

       The  following  log statement sends all messages	arriving to the	local-
       host to a remote	server.

	      source s_localhost { network(ip(127.0.0.1) port(1999)); };
	      destination d_tcp	{ network("10.1.2.3" port(1999)	localport(999)); };
	      log { source(s_localhost); destination(d_tcp); };

       The syslog-ng OSE application has a number of global options  governing
       DNS  usage,  the	 timestamp format used,	and other general points. Each
       option may have parameters, similarly to	driver specifications. To  set
       global  options add an option statement to the syslog-ng	OSE configura-
       tion file using the following syntax:

	      options {	option1(params); option2(params); ... };

   Example: Using global options
       To disable domain name resolving, add the following line	 to  the  sys-
       log-ng OSE configuration	file:

	      options {	use-dns(no); };

       The  sources,  destinations, and	filters	available in syslog-ng OSE are
       listed below.

Table 1: Source	drivers	available in syslog-ng OSE
       +-----------------------------+-----------------------------------------------------------------------------------------------------------------------------------------+
       |	    Name	     |								     Description							       |
       +-----------------------------+-----------------------------------------------------------------------------------------------------------------------------------------+
       | file()			     | Opens the specified file	and reads messages.											       |
       +-----------------------------+-----------------------------------------------------------------------------------------------------------------------------------------+
       | wildcard-file()	     | Reads messages from multiple files and directories.										       |
       +-----------------------------+-----------------------------------------------------------------------------------------------------------------------------------------+
       | internal()		     | Messages	generated internally in	syslog-ng OSE.											       |
       +-----------------------------+-----------------------------------------------------------------------------------------------------------------------------------------+
       | network()		     | Receives	messages from remote hosts using the BSD-syslog	protocol over IPv4 and IPv6. Supports the TCP, UDP, and	TLS network protocols. |
       +-----------------------------+-----------------------------------------------------------------------------------------------------------------------------------------+
       | nodejs()		     | Receives	JSON messages from nodejs applications.											       |
       +-----------------------------+-----------------------------------------------------------------------------------------------------------------------------------------+
       | mbox()			     | Read e-mail messages from local mbox files, and convert them to multi-line log messages.						       |
       +-----------------------------+-----------------------------------------------------------------------------------------------------------------------------------------+
       | osquery()		     | Run osquery queries, and	convert	their results into log messages.								       |
       +-----------------------------+-----------------------------------------------------------------------------------------------------------------------------------------+
       | pacct()		     | Reads messages from the process accounting logs on Linux.									       |
       +-----------------------------+-----------------------------------------------------------------------------------------------------------------------------------------+
       | pipe()			     | Opens the specified named pipe and reads	messages.										       |
       +-----------------------------+-----------------------------------------------------------------------------------------------------------------------------------------+
       | program()		     | Opens the specified application and reads messages from its standard output.							       |
       +-----------------------------+-----------------------------------------------------------------------------------------------------------------------------------------+
       | snmptrap()		     | Read and	parse the SNMP traps of	the Net-SNMP\'s	snmptrapd application.								       |
       +-----------------------------+-----------------------------------------------------------------------------------------------------------------------------------------+
       | sun-stream(), sun-streams() | Opens the specified STREAMS device on Solaris systems and reads incoming	messages.						       |
       +-----------------------------+-----------------------------------------------------------------------------------------------------------------------------------------+
       | syslog()		     | Listens for incoming messages using the new IETF-standard syslog	protocol.							       |
       +-----------------------------+-----------------------------------------------------------------------------------------------------------------------------------------+
       | system()		     | Automatically detects which platform syslog-ng OSE is running on, and collects the native log messages of that platform.		       |
       +-----------------------------+-----------------------------------------------------------------------------------------------------------------------------------------+
       | systemd-journal()	     | Collects	messages directly from the journal of platforms	that use systemd.							       |
       +-----------------------------+-----------------------------------------------------------------------------------------------------------------------------------------+
       | systemd-syslog()	     | Collects	messages from the journal using	a socket on platforms that use systemd.							       |
       +-----------------------------+-----------------------------------------------------------------------------------------------------------------------------------------+
       | unix-dgram()		     | Opens the specified unix	socket in SOCK_DGRAM mode and listens for incoming messages.						       |
       +-----------------------------+-----------------------------------------------------------------------------------------------------------------------------------------+
       | unix-stream()		     | Opens the specified unix	socket in SOCK_STREAM mode and listens for incoming messages.						       |
       +-----------------------------+-----------------------------------------------------------------------------------------------------------------------------------------+
       | stdin()		     | Collects	messages from the standard input stream.										       |
       +-----------------------------+-----------------------------------------------------------------------------------------------------------------------------------------+

Table 2: Destination drivers available in syslog-ng
       +--------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
       |	Name	    |										     Description										 |
       +--------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
       | amqp()		    | Publishes	messages using the AMQP	(Advanced Message Queuing Protocol).													 |
       +--------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
       | elasticsearch-http | Sends messages to	an Elasticsearch server.																 |
       +--------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
       | file()		    | Writes messages to the specified file.																	 |
       +--------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
       | graphite()	    | Sends metrics to a Graphite server to store numeric time-series data.													 |
       +--------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
       | graylog2()	    | Sends syslog messages to Graylog.																		 |
       +--------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
       | hdfs()		    | Sends messages into a file on a Hadoop Distributed File System (HDFS) node.												 |
       +--------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
       | http()		    | Sends messages over the HTTP protocol. There are two different implementations of	this driver: a Java-based http driver, and an http driver without Java.			 |
       +--------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
       | kafka()	    | Publishes	log messages to	the Apache Kafka message bus, where subscribers	can access them.										 |
       +--------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
       | loggly()	    | Sends log	messages to the	Loggly Logging-as-a-Service provider.														 |
       +--------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
       | logmatic()	    | Sends log	messages to the	Logmatic.io Logging-as-a-Service provider.													 |
       +--------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
       | mongodb()	    | Sends messages to	a MongoDB database.																	 |
       +--------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
       | network()	    | Sends messages to	a remote host using the	BSD-syslog protocol over IPv4 and IPv6.	Supports the TCP, UDP, and TLS network protocols.					 |
       +--------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
       | pipe()		    | Writes messages to the specified named pipe.																 |
       +--------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
       | program()	    | Forks and	launches the specified program,	and sends messages to its standard input.											 |
       +--------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
       | redis()	    | Sends messages as	name-value pairs to a Redis key-value store.														 |
       +--------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
       | riemann()	    | Sends metrics or events to a Riemann monitoring system.															 |
       +--------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
       | smtp()		    | Sends e-mail messages to the specified recipients.															 |
       +--------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
       | sql()		    | Sends messages into an SQL database. In addition to the standard syslog-ng OSE packages, the sql() destination requires database-specific	packages to be installed.	 |
       +--------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
       | stomp()	    | Sends messages to	a STOMP	server.																		 |
       +--------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
       | syslog()	    | Sends messages to	the specified remote host using	the IETF-syslog	protocol. The IETF standard supports message transport using the UDP, TCP, and TLS networking protocols. |
       +--------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
       | unix-dgram()	    | Sends messages to	the specified unix socket in SOCK_DGRAM	style (BSD).													 |
       +--------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
       | unix-stream()	    | Sends messages to	the specified unix socket in SOCK_STREAM style (Linux).													 |
       +--------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
       | usertty()	    | Sends messages to	the terminal of	the specified user, if the user	is logged in.												 |
       +--------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

Table 3: Filter	functi|ons available in	syslog-ng OSE
       +-----------------------+-------------+
       |	 Name	       | Description |
       +-----------------------+-------------+
       | facility()	       |	     |
       +-----------------------+-------------+
       | filter()	       |	     |
       +-----------------------+-------------+
       | host()		       |	     |
       +-----------------------+-------------+
       | inlist()	       |	     |
       +-----------------------+-------------+
       | level() or priority() |	     |
       +-----------------------+-------------+
       | match()	       |	     |
       +-----------------------+-------------+
       | message()	       |	     |
       +-----------------------+-------------+
       | netmask()	       |	     |
       +-----------------------+-------------+
       | program()	       |	     |
       +-----------------------+-------------+
       | source()	       |	     |
       +-----------------------+-------------+
       | tags()		       |	     |
       +-----------------------+-------------+

Files
       /usr/local/

       /usr/local/etc/syslog-ng.conf

       NOTE: If	you experience any problems or need help with  syslog-ng  OSE,
       see  the	 syslog-ng OSE Administration Guide[1],	or visit the syslog-ng
       OSE mailing list[2].  For news and notifications	about  syslog-ng  OSE,
       visit the syslog-ng OSE blogs[3].

AUTHOR
       This  manual  page  was generated from the syslog-ng OSE	Administration
       Guide[1], which was written by several contributors to whom  we'd  like
       to extend our sincere thanks.

COPYRIGHT
NOTES
       [1] syslog-ng OSE Administration	Guide
	   <https://syslog-ng.github.io/admin-guide/README>

       [2] syslog-ng OSE mailing list
	   <https://lists.balabit.hu/mailman/listinfo/syslog-ng>

       [3] syslog-ng OSE blogs
	   <https://syslog-ng.com/blog/>

4.9.0			       03 September 2025	     syslog-ng.conf(5)

---

NAME | Synopsis | Description | Basic concepts of syslog-ng OSE | Configuring syslog-ng OSE | Table 1: Source drivers available in syslog-ng OSE | Table 2: Destination drivers available in syslog-ng | Table 3: Filter functi|ons available in syslog-ng OSE | Files | AUTHOR | COPYRIGHT | NOTES

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=syslog-ng.conf&sektion=5&manpath=FreeBSD+Ports+15.0>

home | help

---

Legal Notices | © 1995-2025 The FreeBSD Project. All rights reserved.

Contact