tcp, tcp6, udp, udp6: Sending messages to a remote log server using the legacy BSD-syslog protocol (tcp(), udp() drivers)
To convert your existing tcp(), tcp6(), udp(), udp6() source drivers to use the network() driver, see Change an old destination driver to the network() driver.
The tcp(), tcp6(), udp(), and udp6() drivers send messages to another host (for example, a syslog-ng server or relay) on the local intranet or internet using the UDP or TCP protocol. The tcp6() and udp6() drivers use the IPv6 network protocol.
tcp(), tcp6(), udp(), and udp6() destination options
To convert your existing tcp(), tcp6(), udp(), udp6() source drivers to use the network() driver, see Change an old destination driver to the network() driver.
Change an old destination driver to the network() driver
To replace your existing tcp(), tcp6(), udp(), udp6() destinations with a network() destination, complete the following steps.
-
Replace the driver with network. For example, replace udp( with network(
-
Set the transport protocol.
-
If you used TLS-encryption, add the transport("tls") option, then continue with the next step.
-
If you used the tcp or tcp6 driver, add the transport("tcp") option.
-
If you used the udp or udp driver, add the transport("udp") option.
-
If you use IPv6 (that is, the udp6 or tcp6 driver), add the ip-protocol(6) option.
-
If you did not specify the port used in the old driver, check network() destination options and verify that your clients send the messages to the default port of the transport protocol you use. Otherwise, set the appropriate port number in your source using the port() option.
-
All other options are identical. Test your configuration with the syslog-ng --syntax-only command.
The following configuration shows a simple tcp destination.
destination d_old_tcp {
tcp("127.0.0.1" port(1999)
tls(
peer-verify("required-trusted")
key-file("/opt/syslog-ng/etc/syslog-ng/syslog-ng.key")
cert-file('/opt/syslog-ng/etc/syslog-ng/syslog-ng.crt')
)
);
};
When replaced with the network() driver, it looks like this.
destination d_new_network_tcp {
network("127.0.0.1"
port(1999)
transport("tls")
tls(
peer-verify("required-trusted")
key-file("/opt/syslog-ng/etc/syslog-ng/syslog-ng.key")
cert-file('/opt/syslog-ng/etc/syslog-ng/syslog-ng.crt')
)
);
};
unix-stream, unix-dgram: Sending messages to UNIX domain sockets
The unix-stream() and unix-dgram() drivers send messages to a UNIX domain socket in either SOCK_STREAM or SOCK_DGRAM mode.
Both drivers have a single required argument specifying the name of the socket to connect to. For the list of available optional parameters, see unix-stream() and unix-dgram() destination options.
Declaration
unix-stream(filename [options]);
unix-dgram(filename [options]);
Example: Using the unix-stream() driver
destination d_unix_stream { unix-stream("/var/run/logs"); };