List of syslog-ng OSE parameters

Symbols

#, The configuration syntax in detail, syslog-ng.conf
#0, Statistics of syslog-ng
$, Comparing macro values in filters, Templates and macros
$$, Templates and macros
$(context-length), The syslog-ng pattern database format
$(echo ${HOST}), Using template functions, echo
$(echo), Using template functions
$(geoip $HOST), geoip
$.pacct.ac_uid, Collecting process accounting logs on Linux
$1, ... $255, posix, pcre
$40, Regular expressions
$FACILITY, value-pairs()
$FULLHOST_FROM, FULLHOST_FROM
$HOST, value-pairs()
$MESSAGE, value-pairs()
$MSG, Templates and macros
$MSGID, value-pairs()
$PID, value-pairs()
$PRIORITY, value-pairs()
$PROGRAM, value-pairs(), pdbtool
$R_DATE, value-pairs()
$SEQNUM, value-pairs()
$SOURCEIP, value-pairs()
$TAGS, value-pairs()
${.SDATA.exampleSDID@0.eventSource}, SDATA, .SDATA.SDID.SDNAME
${.SDATA.meta.sequenceId}, SEQNUM
${.SDATA.SDID.SDNAME}, SDATA, .SDATA.SDID.SDNAME
${.SDATA.timeQuality.isSynced}, SDATA, .SDATA.SDID.SDNAME
${.SDATA.TIMEQUALITY.ISSYNCED}, SDATA, .SDATA.SDID.SDNAME
${1} ... ${255}, Regular expressions
${AMPM}, AMPM, HOUR12, C_HOUR12, R_HOUR12, S_HOUR12
${DATE}, Date-related macros, FULLDATE, C_FULLDATE, R_FULLDATE, S_FULLDATE
${DAY}, Formatting messages, filenames, directories, and tablenames
${FULLHOST_FROM}, Templates and macros, FULLHOST_FROM, SOURCEIP
${FULLHOST}, Templates and macros
${HOST_FROM}, Templates and macros
${HOST}, Global objects, The syslog-ng OSE quick-start guide, file() destination options, Formatting messages, filenames, directories, and tablenames, Templates and macros, Using template functions, echo
${HOST} eq myhost, Comparing macro values in filters
${HOST}@1, Referencing earlier messages of the context
${HOST}@2, Referencing earlier messages of the context
${HOUR12}, AMPM
${HOUR}, Date-related macros
${ISODATE}, Date-related macros, ISODATE, C_ISODATE, R_ISODATE, S_ISODATE, TZOFFSET, C_TZOFFSET, R_TZOFFSET, S_TZOFFSET
${ISODATE} ${HOST} ${MSGHDR}${MSG}\n, Templates and macros
${KEY1.KEY2}, The JSON parser
${KEY1}, The JSON parser
${KEY2}, The JSON parser
${LEVEL}, LEVEL_NUM, PRIORITY or LEVEL
${MESSAGE}, Combining filters with boolean operators, template(), The JSON parser, template(), pdbtool
${MODIFIED@18372.4}, Creating custom SDATA fields
${MSGHDR}, Templates and macros, MSG or MESSAGE
${MSGHDR}${MSG}, Templates and macros
${MSGONLY}, MSG or MESSAGE
${MSG}, Message representation in syslog-ng OSE, Templates and macros, MSG or MESSAGE, substr
${PID}, Comparing macro values in filters
${PID}@3, Referencing earlier messages of the context
${PROGRAM}, Storing messages in plain-text files, The JSON parser, pdbtool
${R_DATE}, Date-related macros
${SDATA}, SDATA, .SDATA.SDID.SDNAME
${SSH_USERNAME}, The syslog-ng pattern database format
${S_DATE}, Date-related macros
${TAGS}, Tagging messages, TAGS, The syslog-ng pattern database format
${TZOFFSET}, TZOFFSET, C_TZOFFSET, R_TZOFFSET, S_TZOFFSET
${WEEKDAY}, overwrite_if_older()
&, The syslog-ng pattern database format
& < > " ', The syslog-ng pattern database format
>, The syslog-ng pattern database format
<, The syslog-ng pattern database format
', template_escape(), template_escape(), template_escape(), template_escape(), template_escape(), template_escape(), template_escape(), Templates and macros
'string', Regular expressions
'\x41', Regular expressions
()[].*?+^$|\, Regular expressions
(*, ?, [ab], {foo,bar}), value-pairs()
(?<name>...), pcre
*, Including configuration files, Sending messages to a user terminal — usertty() destination, Using wildcards, special characters, and regular expressions in filters, glob
*.example.com, Encrypting log messages with TLS
+, Notes about the configuration syntax
+01:00, Timezones and daylight saving, local_time_zone(), local_time_zone()
+02:00, Timezones and daylight saving
+03:00, file-template(), proto-template(), recv_time_zone(), send_time_zone()
,, Notes about the configuration syntax, flags()
,,, flags()
-, Notes about the configuration syntax, loggen, pdbtool
--active-connections, loggen
--caps, Version 3.3 - 3.4, syslog-ng
--ctrl-chars or -c, sanitize
--debug, Troubleshooting syslog-ng
--debug-csv, pdbtool
--debug-pattern, pdbtool
--default-modules, Loading modules
--dgram, loggen
--disable-smtp, Installing syslog-ng
--enable-geoip, geoip
--enable-linux-caps, syslog-ng
--enable-mixed-linking, Installing syslog-ng
--enable-pacct, Collecting process accounting logs on Linux
--enable-pcre, pcre
--enable-spoof-source, How relaying log messages works, spoof_source(), spoof_source(), spoof_source()
--enable-ssl, tfhash
--fd-limit, file() destination options
--foreground, syslog-ng
--group, syslog-ng
--idle-connections, loggen
--inet, loggen
--interval, loggen
--invalid-chars <characterlist> or -i <characterlist>, sanitize
--length, tfhash
--no-caps, syslog-ng
--no-ctrl-chars or -C, sanitize
--no-framing, loggen
--number, loggen
--read-file, loggen
--replacement <replacement-character> or -r <replacement-character>, sanitize
--sdata, loggen
--sdata [test name=\value\], loggen
--shift 1, format-json
--skip-tokens, loggen
--skip-tokens 2, loggen
--stderr, syslog-ng-ctl
--support=3.0, pdbtool
--syslog-proto, loggen
--user, syslog-ng
--verbose, Troubleshooting syslog-ng
--with-ivykis=system, Installing syslog-ng
--with-libmongo-client=system, Installing syslog-ng
--with-librabbitmq-client=system, Installing syslog-ng
--without-compile-date, Version 3.3 - 3.4
--worker-threads, Multithreading concepts of syslog-ng OSE
-0700, TZOFFSET, C_TZOFFSET, R_TZOFFSET, S_TZOFFSET
-07:00, TZOFFSET, C_TZOFFSET, R_TZOFFSET, S_TZOFFSET
-1, group(), owner(), perm(), substr
-5, substr
-e, syslog-ng-ctl
-p <pid_of_syslog-ng>, Collecting debugging information with strace, truss, or tusc
-R -, loggen
., The JSON parser
.*, Using wildcards, special characters, and regular expressions in filters
.., level() or priority()
.0, Encrypting log messages with TLS, Mutual authentication using TLS
.cee., value-pairs()
.class, value-pairs()
.classifier.<message-class>, tags(), Using parser results in filters and templates
.classifier.class, Using parser results in filters and templates
.classifier.rule_id, value-pairs(), Using parser results in filters and templates
.classifier.system, tags(), Using parser results in filters and templates
.dict.string1, pdbtool
.dict.string2, pdbtool
.HOST, Parsing messages, Options of CSV parsers
.json., The JSON parser
.pacct., Collecting process accounting logs on Linux
.patterndb, value-pairs()
.r0, crl_dir()
.SDATA., value-pairs()
.sdata.*, value-pairs()
.SDATA.meta, Tagging messages
.SDATA.meta.sequenceId, value-pairs(), format-json
.SDATA.meta.sequenceID, format-json
.source.<id_of_the_source_statement>, Tagging messages, tags()
/, chain_hostnames(), sanitize, glob
/dev/klog, The syslog-ng OSE quick-start guide
/dev/kmsg, Notes on reading kernel messages
/dev/log, The syslog-ng OSE quick-start guide, The configuration syntax in detail, How sources work
/dev/null, group(), owner(), perm()
/etc/.syslog_door, How sources work
/etc/init.d/syslog stop, Stopping syslog-ng
/etc/init.d/syslog-ng stop, Stopping syslog-ng
/proc/kmsg, Notes on reading kernel messages, program_override(), program_override(), program_override(), program_override(), program_override(), program_override(), program_override(), program_override()
/usr, Installing syslog-ng
/var/log/apache/access.log, The configuration syntax in detail, syslog-ng.conf
/var/run/log, How sources work
0, Notes about the configuration syntax, tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), dir_perm(), perm(), throttle(), mark_freq(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), throttle(), throttle(), throttle(), mark_freq(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), throttle(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), throttle(), throttle(), dir_perm(), mark_freq(), stats_freq(), stats_level(), BSDTAG, FACILITY_NUM, substr, Handling large message load, pdbtool
0.0.0.0:514, Collecting messages from remote hosts using the BSD syslog protocol
0022, dir_perm(), dir_perm()
00:50:fc:e3:cd:37, @MACADDR@
0755, dir_perm(), perm(), dir_perm()
0x, Notes about the configuration syntax
1, The HEADER message part, stats_level(), Regular expressions, pdbtool
1.5, follow_freq(), follow_freq(), follow_freq(), follow_freq(), follow_freq()
1/60, The syslog-ng pattern database format
10.1.2.3, How sources work, Sending and storing log messages — destinations and destination drivers, Encrypting log messages with TLS, Mutual authentication using TLS
100, Configuring flow-control, Handling large message load
1000, Managing incoming and outgoing messages with flow-control
10000, Configuring flow-control
1007, Using name resolution in syslog-ng
1024000, so_rcvbuf(), transport(), Collecting messages using the IETF syslog protocol, so_rcvbuf(), transport(), tcp(), tcp6(), udp() and udp6() source options, so_rcvbuf(), so_rcvbuf(), Handling large message load
1061, loggen
192.168.0.1, host() (DEPRECATED), servers()
192.168.1.1, Using embedded log statements
192.168.1.2, How relaying log messages works
1970-01-01T00:00:00, UNIXTIME, C_UNIXTIME, R_UNIXTIME, S_UNIXTIME
1999, How sources work, Sending and storing log messages — destinations and destination drivers
1999/TCP, Encrypting log messages with TLS, Mutual authentication using TLS
2, stats_level()
2 097 152, so_rcvbuf(), transport(), Collecting messages using the IETF syslog protocol, so_rcvbuf(), transport(), tcp(), tcp6(), udp() and udp6() source options, so_rcvbuf(), so_rcvbuf(), Handling large message load
2006 Jun 13 15:58:00, FULLDATE, C_FULLDATE, R_FULLDATE, S_FULLDATE
2006-06-13T15:58:00.123+01:00, The HEADER message part, ISODATE, C_ISODATE, R_ISODATE, S_ISODATE
2011-01-01, Timezones and daylight saving
2011-03-11, Timezones and daylight saving
3, stats_level(), LEVEL_NUM
300, Configuring flow-control
300*10=3000, Configuring flow-control
3000*10=30000, Configuring flow-control
4, ip-protocol(), ip-protocol(), Regular expressions, The syslog-ng pattern database format
4.0, pdbtool
4096, syslog-ng
5, substr
514/UDP, How sources work
518000, overwrite_if_older()
6, ip-protocol(), ip-protocol()
6514/TCP, Encrypting log messages with TLS
6d2962a8, Encrypting log messages with TLS, Mutual authentication using TLS
7, BSDTAG
8192, log_msg_size(), log_msg_size(), log_msg_size(), log_msg_size(), log_msg_size(), log_msg_size(), log_msg_size(), log_msg_size()
:-, Templates and macros
::1, loggen
;, The configuration syntax in detail, syslog-ng.conf
;:#, Regular expressions
<133>Feb 25 14:09:07 webserver syslogd: restart, BSD-syslog or legacy-syslog messages
<action>, Triggering actions for identified messages
<condition>, if
<false template>, if
<message>, Triggering actions for identified messages
<method>, tfhash
<NAME> <VALUE>, value-pairs()
<number-of-messages>/<period-in-seconds>, The syslog-ng pattern database format
<object-type> (<object-id>);, Defining configuration objects inline
<object-type> {<object-definition>};, Defining configuration objects inline
<pattern>, The syslog-ng pattern database format
<pattern>postfix\@ESTRING:.postfix.component:[@</pattern>, The syslog-ng pattern database format
<patterndb>, The syslog-ng pattern database format
<patterns>, The syslog-ng pattern database format
<priority>timestamp hostname application: message, BSD-syslog or legacy-syslog messages
<true template>, if
<user@example.com>, @EMAIL@
<value>, Referencing earlier messages of the context
=, Using pattern parsers
?, Including configuration files, glob
@, Creating custom SDATA fields, How pattern matching works, Using pattern parsers, @ESTRING@, @QSTRING@, @STRING@, The syslog-ng pattern database format
@<distance-of-referenced-message-from-the-current>, Referencing earlier messages of the context, Actions and message correlation
@@, How pattern matching works
@define allow-config-dups 1, The configuration syntax in detail, Including configuration files, syslog-ng.conf
@DOUBLE@, @FLOAT@
@EMAIL:email:[<]>@, @EMAIL@
@EMAIL@, @HOSTNAME@, @MACADDR@, @LLADDR@, @PCRE@, @SET@, Version 3.3 - 3.4
@ESTRING:: @, pdbtool
@ESTRING::stop_here.@, @ESTRING@
@FLOAT@, @DOUBLE@
@module, Loading modules
@module <modulename>, syslog-ng
@PCRE:name:regexp@, @PCRE@
@QSTRING:&lt;&gt;@, @QSTRING@
@QSTRING::@, @QSTRING@
@SET:: @, @SET@
@STRING:: @, @STRING@
@STRING:mytext:= @, Using pattern parsers
@STRING:mytext:=@, Using pattern parsers
@STRING:mytext:@, Using pattern parsers
@version, Loading modules, Including configuration files
[::1], host() (DEPRECATED), servers()
[dbtype], columns()
[default] date = %Y-%m-%d %H:%M:%S, MsSQL-specific interaction methods
[exampleSDID@0 iut=3 eventSource=Application eventID=1011][examplePriority@0 class=high], SDATA, .SDATA.SDID.SDNAME
[user@example.com], @EMAIL@
[], The STRUCTURED-DATA message part
[}, quote-pairs()
\, Global and environmental variables, Regular expressions, flags()
\$, Templates and macros
\$40, Regular expressions
\a, Regular expressions
\d, Regular expressions
\n, body(), Regular expressions
\r, Using wildcards, special characters, and regular expressions in filters, Regular expressions
\t, Regular expressions, delimiters
\v, Regular expressions
\x, Using wildcards, special characters, and regular expressions in filters
\x41, Regular expressions
\\, Regular expressions
\\d, Regular expressions
_, Notes about the configuration syntax
`, Global and environmental variables
`argument1`, Passing arguments to configuration blocks
`name`, Global and environmental variables
{KEY1: {KEY2: VALUE}}, The JSON parser
{KEY1:value1,KEY2:value2}, The JSON parser
{parameters}, The configuration syntax in detail, syslog-ng.conf
{PROGRAM:value1,MESSAGE:value2}, The JSON parser
{table}_{column}_idx, indexes()
–, @NUMBER@

A

A, BSDTAG, How pattern matching works
a, Regular expressions, Statistics of syslog-ng
a-zA-Z0-9_., Global and environmental variables
accepted, Using parser results in filters and templates
Accepted (gssapi(-with-mic|-keyex)?|rsa|dsa|password|publickey|keyboard-interactive/pam) for [^[:space:]]+ from [^[:space:]]+ port [0-9]+( (ssh|ssh2))?, Classifying log messages
Accepted @QSTRING:auth_method: @ for@QSTRING:username: @from @QSTRING:client_addr: @port @NUMBER:port:@ ssh2, Classifying log messages
Accepted password for bazsi from 10.50.0.247 port 42156 ssh2, Classifying log messages
Accepted publickey for myuser from 127.0.0.1 port 59357 ssh2, pdbtool
ac_uid, Collecting process accounting logs on Linux
admin, if
aes-128-cbc, cipher_suite()
aes-128-ecb, cipher_suite()
aes-192-cbc, cipher_suite()
aes-192-ecb, cipher_suite()
aes-256-cbc, cipher_suite()
aes-256-ecb, cipher_suite()
AF_UNIX, Collecting messages from UNIX domain sockets, unix-stream() and unix-dgram() source options
alert, level() or priority()
AMPM, HOUR12, LOGHOST, MSEC, SYSUPTIME, USEC, Version 3.3 - 3.4
amqp(), Publishing messages using AMQP, amqp() destination options
An SSH session for ${SSH_USERNAME}@1 from ${SSH_CLIENT_ADDRESS}@2 closed. Session lasted from ${DATE}@2 to ${DATE}, Referencing earlier messages of the context
and, Combining filters with boolean operators
AND, Combining filters with boolean operators
Ap, How pattern matching works
Ap@QSTRING@, How pattern matching works
Ap@STRING@, How pattern matching works
Apple, How pattern matching works
Application, SDATA, .SDATA.SDID.SDNAME
APPLICATIONNAME_MACRONAME, Using parser results in filters and templates
application_A, Log path flags
application_B, Log path flags
Apport, How pattern matching works
Aug 7, The HEADER message part
auth_method, grep
autoload-compiled-modules, Loading modules

C

cast, cipher_suite()
cast-cbc, cipher_suite()
cast5-cbc, cipher_suite()
cast5-cfb, cipher_suite()
cast5-ecb, cipher_suite()
cast5-ofb, cipher_suite()
catchall, Log path flags
ca_dir(), crl_dir()
cc(), cc()
center(received), Statistics of syslog-ng
chain_hostnames, Version 3.3 - 3.4
chain_hostnames(), Configuring syslog-ng relays, chain_hostnames(), HOST
channel, Using channels in configuration objects
cipher_suite(), Version 3.2 - 3.3
client-host, How relaying log messages works
client-hostname, chain_hostnames()
client-hostname-from-the-message/client-hostname-resolved-on-the-relay/relay-hostname, chain_hostnames()
client-hostname/relay-hostname, chain_hostnames()
clob, Using the sql() driver with an Oracle database
COLUMN1, flags()
COLUMN2, flags()
COLUMN3, flags()
columns, values()
columns(), Storing messages in an SQL database
Common Name, Encrypting log messages with TLS, Mutual authentication using TLS
condition, Conditional actions
condition(), Conditional rewrites
condition='$(context-length) >= 5', The syslog-ng pattern database format
context-id, Correlating log messages, The syslog-ng pattern database format
context-scope, Correlating log messages, Actions and message correlation, The syslog-ng pattern database format
context-scope=host, The syslog-ng pattern database format
context-scope=process, The syslog-ng pattern database format
context-timeout, Correlating log messages, Actions and message correlation, The syslog-ng pattern database format
CONTEXT_ID, Hard vs. soft macros
core, value-pairs()
create_dirs(), Storing messages in plain-text files, dir_perm(), dir_perm()
crit, level() or priority()
csv-parser, csv-parser
csv-parser(), Global objects, Junctions and channels
C_, Date-related macros
C_DATE, Date-related macros

D

d, Statistics of syslog-ng
database(), Storing messages in an SQL database, Using the sql() driver with an Oracle database, database()
DATE, value-pairs(), use_time_recvd() (DEPRECATED), Hard vs. soft macros
datetime varchar(16) NULL, MsSQL-specific interaction methods
DAY, Hard vs. soft macros
db-parser, Using pattern databases
dbd-option(), Version 3.3 - 3.4
db_parser, Triggering actions for identified messages
db_parser(), Using pattern databases
debug, level() or priority(), Dropping messages
default-facility, Collecting messages from text files
default-facility(), How sources work
default-priority, Collecting messages from text files
default-priority(), How sources work
delimiter, Version 3.3 - 3.4
delimiters( ), Parsing messages
delimiters(-:), delimiters
deny, Using filters, Combining filters with boolean operators
des, cipher_suite()
des-cbc, cipher_suite()
des-cfb, cipher_suite()
des-ecb, cipher_suite()
des-ede, cipher_suite()
des-ede-cbc, cipher_suite()
des-ede-cfb, cipher_suite()
des-ede-ofb, cipher_suite()
des-ede3, cipher_suite()
des-ede3-cbc des-ede3-cfb des-ede3-ofbdes-ofb, cipher_suite()
des3, cipher_suite()
destination, The configuration syntax in detail, syslog-ng.conf
destination, filter, log, parser, rewrite, root, source, Reusing configuration blocks
desx, cipher_suite()
dir_group(), dir_group()
dir_owner(), dir_owner()
dir_perm(), Version 3.2 - 3.3, dir_perm(), dir_perm()
dns_cache_hosts(), Using name resolution in syslog-ng
dont-create-tables, flags()
dont-store-legacy-msghdr, flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags()
door(), Collecting messages on Sun Solaris
dot-nv-pairs, value-pairs()
drop-invalid, flags()
dropped, Statistics of syslog-ng
dst-idle, mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode()
dst.file, Statistics of syslog-ng
dynamic, Installing syslog-ng
d_, The configuration syntax in detail, syslog-ng.conf
d_file, Templates and macros
d_file1, Using embedded log statements
d_file2, Using embedded log statements
d_internal, Statistics of syslog-ng
d_local, Statistics of syslog-ng
d_network, Statistics of syslog-ng

E

e1e9c0d8-13bb-11de-8293-000c2922ed0a, Using parser results in filters and templates
email, @EMAIL@
emerg, level() or priority()
empty-lines, flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags()
err, level() or priority()
error, PRIORITY or LEVEL
EU/Budapest, Timezones and daylight saving
events., value-pairs()
example, Using embedded log statements, Using filters, Combining filters with boolean operators
example 1, example2, example3, flags()
example 1, example2, example3, some more information, flags()
Example Inc, trusted_dn()
example-1, Parsing messages
example-2, Parsing messages
example1, Combining filters with boolean operators, flags()
example2, Combining filters with boolean operators, flags()
example3, flags()
example3, some more information, flags()
exchange-declare(yes), exchange-declare()
exclude(), Structuring macros, metadata, and other value-pairs, value-pairs()
expect-hostname, Version 3.3 - 3.4, flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags()
explicit-commits, flags()

F

f*ilter, Using wildcards, special characters, and regular expressions in filters
f.*ilter, Using wildcards, special characters, and regular expressions in filters
FACILITY, Hard vs. soft macros
facility, General recommendations
facility(), facility()
facility(1), facility()
facility(local0..local5), facility()
facility(user), facility()
FACILITY_NUM, Hard vs. soft macros
fallback, Log path flags, flags()
ffilter, Using wildcards, special characters, and regular expressions in filters
fieldname [dbtype], columns()
file, flags(), Using pattern databases, Multithreading concepts of syslog-ng OSE
file(), The configuration syntax in detail, Collecting messages from text files, Notes on reading kernel messages, file() source options, Collecting messages from named pipes, Storing messages in plain-text files, file() destination options, mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode(), syslog-ng.conf
file(/var/log/$HOST/$PROGRAM/messages);, sanitize
file-template(), Version 3.3 - 3.4
filter, The configuration syntax in detail, Using wildcards, special characters, and regular expressions in filters, syslog-ng.conf
filter(), Conditional rewrites
final, Logging with syslog-ng, Junctions and channels, Log path flags, Dropping messages
flags(), The configuration syntax in detail, Log paths, Embedded log statements, Replacing message parts, syslog-ng.conf
flags(drop-invalid), Junctions and channels
flags(expect-hostname), Collecting messages from named pipes
flags(final), Junctions and channels, Parsing syslog messages
flags(global), Replacing message parts
flags(ignore-case), Replacing message parts, Regular expressions
flags(no-hostname), Collecting messages from named pipes
flags(no-parse), Message representation in syslog-ng OSE, Junctions and channels, Parsing and segmenting structured messages, Parsing syslog messages, The JSON parser
flags(prefix), string
flags(store-matches), Regular expressions
flags(substring), string
flags(threaded), Configuring multithreading
flow-control, Log paths, Junctions and channels, Managing incoming and outgoing messages with flow-control
flow_control, Managing incoming and outgoing messages with flow-control
flush-timeout, flush_lines(), flush_lines(), flush_lines(), flush_lines(), flush_lines(), flush_lines(), flush_lines(), flush_lines()
flush_lines, flush_timeout() (DEPRECATED), flush_timeout() (DEPRECATED), flush_timeout() (DEPRECATED), flush_timeout() (DEPRECATED), flags(), flush_timeout() (DEPRECATED), flush_timeout() (DEPRECATED), flush_timeout() (DEPRECATED), flush_timeout() (DEPRECATED)
flush_lines(), flush_timeout(), sync() or sync_freq() (DEPRECATED), Multithreading concepts of syslog-ng OSE, Handling large message load
flush_timeout, flags(), flush_lines()
flush_timeout(), Multithreading concepts of syslog-ng OSE
follow-freq(1), Collecting the system-specific log messages of a platform
follow_freq(), Version 3.2 - 3.3, The configuration syntax in detail, Notes on reading kernel messages, follow_freq(), follow_freq(), follow_freq(), follow_freq(), follow_freq(), syslog-ng.conf
foo bar, loggen
foo bar message, loggen
foreground, syslog-ng
format-json, value-pairs(), Installing syslog-ng, format-json
format-json(), Structuring macros, metadata, and other value-pairs
frac-digits(), ts_format()
frac_digits(), frac_digits(), frac_digits(), frac_digits(), frac_digits(), frac_digits(), frac_digits(), frac_digits(), frac_digits(), frac_digits(), frac_digits(), ISODATE, C_ISODATE, R_ISODATE, S_ISODATE
from(), Generating SMTP messages (e-mail) from logs, from()
fsync(), fsync()
FULLDATE, Hard vs. soft macros
FULLHOST, Hard vs. soft macros
FULLHOST_FROM, Hard vs. soft macros

J

Jan 22 10:06:11 host program:msg, flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags()
joe, if
json-c, Installing syslog-ng
json-parser, Installing syslog-ng
json-parser(), The JSON parser
Jun 13 15:58:00, DATE, C_DATE, R_DATE, S_DATE
junction, Using channels in configuration objects

L

Last message repeated n times., suppress(), suppress(), suppress(), suppress(), suppress(), suppress(), suppress()
LEGACY_MSGHDR, Hard vs. soft macros
LEVEL, Hard vs. soft macros
level(), level() or priority()
LEVEL_NUM, Hard vs. soft macros
libdbi, Installing syslog-ng
libgeoip, Installing syslog-ng
libopenssl, Installing syslog-ng
libpcre, Installing syslog-ng
libsystemd-daemon, Installing syslog-ng
libwrap, Installing syslog-ng
link-level-address, @LLADDR@
localip(), Collecting messages from remote hosts using the BSD syslog protocol
local_time_zone(), Installing syslog-ng
log, The configuration syntax in detail, syslog-ng.conf
logs, Storing messages in an SQL database
LOGS, Using the sql() driver with an Oracle database
logserver, Storing messages in an SQL database, Using the sql() driver with an Oracle database, Using the sql() driver with a Microsoft SQL database
log_fetch_limit(), log_fetch_limit(), log_fetch_limit(), log_fetch_limit(), log_fetch_limit(), log_fetch_limit(), log_fetch_limit(), log_fetch_limit(), log_fetch_limit(), Managing incoming and outgoing messages with flow-control, Configuring flow-control, Multithreading concepts of syslog-ng OSE, Handling lots of parallel connections
log_fifo_size(), Managing incoming and outgoing messages with flow-control, Configuring flow-control, Handling lots of parallel connections
log_iw_size(), log_iw_size(), log_iw_size(), log_iw_size(), log_iw_size(), log_iw_size(), log_iw_size(), log_iw_size(), log_iw_size(), Managing incoming and outgoing messages with flow-control, Configuring flow-control, Multithreading concepts of syslog-ng OSE
log_iw_size(1000), log_iw_size(), log_iw_size(), log_iw_size(), log_iw_size(), log_iw_size(), log_iw_size(), log_iw_size(), log_iw_size()
LOG_KERN | LOG_NOTICE, flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags()
log_msg_size(), BSD-syslog or legacy-syslog messages, log_msg_size(), log_msg_size(), log_msg_size(), log_msg_size(), log_msg_size(), log_msg_size(), log_msg_size(), log_msg_size(), Using the sql() driver with an Oracle database, Using the sql() driver with a Microsoft SQL database
log_prefix(), program_override(), program_override(), program_override(), program_override(), program_override(), program_override(), program_override(), program_override()

M

MACRONAME = MACROVALUE, value-pairs()
make, Installing syslog-ng
MARK, mark_mode(), mark_freq(), mark_mode(), mark_mode(), mark_mode(), mark_freq(), mark_mode(), mark_mode(), mark_mode(), mark_freq(), mark_mode()
Mark, mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode()
mark, mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode()
mark(), mark_freq(), mark_freq(), mark() (DEPRECATED), mark_freq()
mark-freq, mark_freq(), mark_freq(), mark_freq()
mark-mode, mark_mode(), mark_freq(), mark_mode(), mark_mode(), mark_mode(), mark_freq(), mark_mode(), mark_mode(), mark_mode(), mark_freq(), mark_mode()
mark-mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode()
mark_freq(), mark() (DEPRECATED)
match, Combining filters with boolean operators
match('\.'), Regular expressions
match(), Combining filters with boolean operators, Using wildcards, special characters, and regular expressions in filters, match(), message(), Optimizing regular expressions
match(regexp value(MACRO)), match()
match(sometext), Regular expressions
match(\\.), Regular expressions
max-connections(), log_iw_size(), log_iw_size(), log_iw_size(), log_iw_size(), log_iw_size(), log_iw_size(), log_iw_size(), Collecting messages from UNIX domain sockets, log_iw_size()
max-connections(10), Notes about the configuration syntax, log_iw_size(), log_iw_size(), log_iw_size(), log_iw_size(), log_iw_size(), log_iw_size(), log_iw_size(), log_iw_size()
maximum core file size, Troubleshooting syslog-ng
max_connections(), Managing incoming and outgoing messages with flow-control, Configuring flow-control, Multithreading concepts of syslog-ng OSE, Handling lots of parallel connections
max_connections(10), Notes about the configuration syntax
md2, cipher_suite()
md4, cipher_suite()
md5, cipher_suite()
md5sum of {table}_{column}-1, indexes()
MESSAGE, Hard vs. soft macros
message, loggen
message pattern, The syslog-ng pattern database format
message(), match()
MESSAGE_UUID, uuid
MIN, Hard vs. soft macros
Mmm dd hh:mm:ss, The HEADER message part
MODIFIED@18372.4, Creating custom SDATA fields
mongodb(), Version 3.3 - 3.4, Structuring macros, metadata, and other value-pairs, value-pairs(), Storing messages in a MongoDB database, mongodb() destination options
MONTH, Hard vs. soft macros
MONTH_ABBREV, Hard vs. soft macros
MONTH_NAME, Hard vs. soft macros
MONTH_WEEK, Hard vs. soft macros
MSG, BSD-syslog or legacy-syslog messages, IETF-syslog messages, match(), message(), Hard vs. soft macros
msg, flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags()
MSGHDR, value-pairs(), match(), format-json
MSGID, Hard vs. soft macros
MSGONLY, Hard vs. soft macros
mssql, Using the sql() driver with a Microsoft SQL database, type()
myapplication, Conditional rewrites
myblock, Reusing configuration blocks
mydestination, Notes about the configuration syntax
myhost, Using wildcards, special characters, and regular expressions in filters, Setting message fields to specific values, Conditional rewrites, Conditional actions
myhost-1, Using wildcards, special characters, and regular expressions in filters
myhost-2, Using wildcards, special characters, and regular expressions in filters
myhost_A, Log path flags
myhost_B, Log path flags
MYPARSER1.COLUMN1, MYPARSER2.COLUMN2, Parsing messages, Options of CSV parsers
mySDATA-field@18372.4, Creating custom SDATA fields
MYSQL_UNIX_PORT, MySQL-specific interaction methods, host()
MYSQL_UNIX_PORT=/var/lib/mysql/mysql.sock; export MYSQL_UNIX_PORT, MySQL-specific interaction methods

N

name, The syslog-ng pattern database format
name-value, Global and environmental variables
name=value, The STRUCTURED-DATA message part
name@<private enterprise number>, Creating custom SDATA fields
NaN, Numerical operations
nchar, Using the sql() driver with a Microsoft SQL database, columns()
net.core.rmem_default, so_rcvbuf(), transport(), Collecting messages using the IETF syslog protocol, so_rcvbuf(), transport(), tcp(), tcp6(), udp() and udp6() source options, so_rcvbuf(), so_rcvbuf(), Handling large message load
net.core.rmem_max, so_rcvbuf(), transport(), Collecting messages using the IETF syslog protocol, so_rcvbuf(), transport(), tcp(), tcp6(), udp() and udp6() source options, so_rcvbuf(), so_rcvbuf(), Handling large message load
network(), Version 3.3 - 3.4, network() source options, ip-protocol(), ip-protocol(), Collecting messages from remote hosts using the BSD syslog protocol, network() destination options, Sending messages to a remote logserver using the legacy BSD-syslog protocol
no, Timezones and daylight saving, How relaying log messages works, keep_hostname(), keep_hostname(), keep_hostname(), chain_hostnames(), check_hostname(), create_dirs(), dns_cache(), keep_hostname(), normalize_hostnames(), use_time_recvd() (DEPRECATED)
no-hostname, flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags()
no-multi-line, flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags()
no-parse, flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags()
none, mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode()
normal user, if
normalize_hostnames(yes), normalize_hostnames()
not, Combining filters with boolean operators
notice, level() or priority()
nouser, Parsing messages
ntext, Using the sql() driver with a Microsoft SQL database, columns()
NULL, MsSQL-specific interaction methods
null(), MsSQL-specific interaction methods, null()
number_of_sources, Managing incoming and outgoing messages with flow-control
nv-pairs, value-pairs()
nvarchar, Using the sql() driver with a Microsoft SQL database, columns()

P

pacct(), Installing syslog-ng, Passing arguments to configuration blocks, Collecting process accounting logs on Linux, pacct() options
pacctformat, Collecting process accounting logs on Linux
pad-size(), Version 3.2 - 3.3
PADD, loggen
pad_size, pad_size(), pad_size(), pad_size(), pad_size(), pad_size(), pad_size(), pad_size(), pad_size()
pad_size(), Version 3.2 - 3.3, pad_size(), pad_size(), pad_size(), pad_size(), pad_size(), pad_size(), pad_size(), pad_size()
pair(), Structuring macros, metadata, and other value-pairs, value-pairs()
Parameters, Typographical conventions
parser, The configuration syntax in detail, syslog-ng.conf
path(), path()
pattern, The syslog-ng pattern database format
pdbtool dictionary, Version 3.3 - 3.4
periodical, mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode()
perm(), perm()
persist_only, use_dns(), use_dns(), use_dns(), use_dns(), Using name resolution in syslog-ng
pid, null()
PID, Hard vs. soft macros
pipe, pipe() source options
pipe(), optional(), Collecting messages from named pipes, pipe() source options, optional(), optional(), optional(), optional(), mark_mode(), mark_mode(), Sending messages to named pipes, pipe() destination options, mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode()
poll(), follow_freq(), follow_freq(), follow_freq(), follow_freq(), follow_freq(), time_sleep()
port(), Version 3.2 - 3.3, Generating SMTP messages (e-mail) from logs
postfix, The syslog-ng pattern database format
prefix(), The JSON parser
PRI, BSD-syslog or legacy-syslog messages, Hard vs. soft macros
PRIORITY, Hard vs. soft macros
processed, Statistics of syslog-ng
program, program() source options, Actions and message correlation
PROGRAM, Hard vs. soft macros
program pattern, The syslog-ng pattern database format
program(), Receiving messages from external applications, mark_mode(), mark_mode(), mark_mode(), Sending messages to external applications, program() destination options, mark_mode(), mark_mode(), mark_mode(), mark_mode(), Using wildcards, special characters, and regular expressions in filters, mark_mode(), Optimizing regular expressions, External actions
PROGRAM[PID]:, MSGHDR
program[pid]: message text, The MSG message part
program_override(), log_prefix() (DEPRECATED), log_prefix() (DEPRECATED), log_prefix() (DEPRECATED), log_prefix() (DEPRECATED), log_prefix() (DEPRECATED), log_prefix() (DEPRECATED), log_prefix() (DEPRECATED), log_prefix() (DEPRECATED)
program_override(kernel), program_override(), program_override(), program_override(), program_override(), program_override(), program_override(), program_override(), program_override()
proto-template, ts_format()
proto-template(), Version 3.3 - 3.4
p_apache_parser, Using channels in configuration objects

Q

quote-pairs('[]'), Parsing messages
quote-pairs(), quote-pairs()

S

safe-background, syslog-ng
safe-mode(), safe-mode()
scl.conf, Collecting process accounting logs on Linux
scope(), Structuring macros, metadata, and other value-pairs, value-pairs()
SDATA, Hard vs. soft macros
SEC, Hard vs. soft macros
selected-macros, value-pairs()
sender(), from()
send_time_zone(), Timezones and daylight saving
SEQNUM, Hard vs. soft macros
server-hostname, chain_hostnames()
servers(), host() (DEPRECATED), port() (DEPRECATED), path()
servers(127.0.0.1), servers()
servers(192.168.1.1:27017,192.168.3.3:27017), servers()
servers(localhost), servers()
session-statements(), Version 3.3 - 3.4
sha, cipher_suite()
sha1, cipher_suite()
smtp(), Installing syslog-ng, Generating SMTP messages (e-mail) from logs, smtp() destination options
so-broadcast(), so-sndbuf(), Version 3.2 - 3.3
socket receive buffer, Possible causes of losing log messages
SOCK_DGRAM, How sources work, Collecting messages from UNIX domain sockets, Sending and storing log messages — destinations and destination drivers, Sending messages to UNIX domain sockets, unix-stream() and unix-dgram() destination options, syslog-ng.conf
SOCK_STREAM, How sources work, Collecting messages from UNIX domain sockets, Sending and storing log messages — destinations and destination drivers, Sending messages to UNIX domain sockets, unix-stream() and unix-dgram() destination options, syslog-ng.conf
some more information, flags()
Some-State, trusted_dn()
sometext, Regular expressions
source, The configuration syntax in detail, syslog-ng.conf
SOURCE, Hard vs. soft macros
source s_hp-ux {pipe (/dev/log pad_size(2048)}, How sources work
source(), Using embedded log statements
source.src_tcp, Statistics of syslog-ng
SOURCEIP, Hard vs. soft macros
SO_BROADCAST, so_broadcast(), so_broadcast(), so_broadcast(), so_broadcast(), so_broadcast(), so_broadcast()
so_keepalive(), tcp-keep-alive(), tcp-keep-alive(), tcp-keep-alive()
so_rcvbuf, Collecting the system-specific log messages of a platform
so_rcvbuf(), so_rcvbuf(), transport(), Collecting messages using the IETF syslog protocol, so_rcvbuf(), transport(), tcp(), tcp6(), udp() and udp6() source options, so_rcvbuf(), so_rcvbuf(), Possible causes of losing log messages, Handling large message load
spoof_source(), How relaying log messages works
sql, Multithreading concepts of syslog-ng OSE
sql(), Version 3.3 - 3.4, Sending and storing log messages — destinations and destination drivers, Storing messages in an SQL database, Using the sql() driver with an Oracle database, sql() destination options, flags(), Templates and macros, syslog-ng.conf
src.facility, Statistics of syslog-ng
ssh, The syslog-ng pattern database format
ssh-sessions, The syslog-ng pattern database format
STAMP, ts_format(), Hard vs. soft macros
stamp, Statistics of syslog-ng
stats-level(), Statistics of syslog-ng
stats_level(), Statistics of syslog-ng
stdin, Sending messages to external applications, program() destination options
stored, Statistics of syslog-ng
STREAMS, How sources work, Collecting messages on Sun Solaris, syslog-ng.conf
string, Regular expressions
strip-whitespace, flags()
STRUCTURED-DATA, IETF-syslog messages
subject(), Generating SMTP messages (e-mail) from logs, subject()
subject_alt_name, Encrypting log messages with TLS, Mutual authentication using TLS
sun-streams(), Collecting messages on Sun Solaris, sun-streams() source options
supervising syslog-ng, syslog-ng
suppress(), Statistics of syslog-ng
suppressed, Statistics of syslog-ng
syslog, flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), Sending messages to a remote logserver using the IETF-syslog protocol, flags(), flags(), flags(), Parsing and segmenting structured messages
syslog(), The syslog-ng OSE quick-start guide, ip-protocol(), Collecting messages using the IETF syslog protocol, syslog() source options, ip-protocol(), Collecting messages from remote hosts using the BSD syslog protocol, mark_mode(), mark_mode(), mark_mode(), mark_mode(), Sending messages to a remote logserver using the IETF-syslog protocol, syslog() destination options, mark_mode(), mark_mode(), mark_mode(), mark_mode(), Encrypting log messages with TLS, Mutual authentication using TLS
syslog, udp, unix-dgramrltp,, flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags()
syslog-ng, Installing syslog-ng
Syslog-ng's config file format was written by programmers for programmers to be understood by programmers. That may not have been the stated intent, but it is how things turned out. The syntax is exactly that of C, all the way down to braces and statement terminators., The configuration syntax in detail
syslog-ng-ctl, Version 3.3 - 3.4
syslog-ng-relay, How relaying log messages works
syslog-ng-server, How relaying log messages works
syslog-ng.8, Version 3.3 - 3.4
syslog-ng.example.com, Encrypting log messages with TLS
syslog-parser, Parsing syslog messages
syslog-proto, value-pairs(), loggen
syslog-protocol, flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), Sending messages to a remote logserver using the legacy BSD-syslog protocol, flags(), flags()
syslogd, How sources work, Collecting messages on Sun Solaris, Collecting messages from UNIX domain sockets, template(), template(), template(), template(), template(), template(), template()
syslogng, Installing syslog-ng, Using the sql() driver with a Microsoft SQL database
system, if
system(), Version 3.3 - 3.4, Collecting the system-specific log messages of a platform
s_, The configuration syntax in detail, syslog-ng.conf
S_, use_time_recvd() (DEPRECATED), Date-related macros
S_*, value-pairs(), format-json
s_apache, Using channels in configuration objects
S_DATE, use_time_recvd() (DEPRECATED)
S_HOUR, use_time_recvd() (DEPRECATED)
s_internal, The configuration syntax in detail, syslog-ng.conf
s_local, Statistics of syslog-ng
s_network, Using embedded log statements
S_UNIXTIME, A note on timezones and timestamps

T

table, Storing messages in an SQL database
TAG, Hard vs. soft macros
tag, Statistics of syslog-ng
TAGS, Hard vs. soft macros
tags(), Version 3.3 - 3.4, Message representation in syslog-ng OSE, Tagging messages, tags(), Using parser results in filters and templates
tags(dmz, router), tags(), tags(), tags(), tags(), tags(), tags(), tags(), tags(), tags()
tcp, flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), Sending messages to a remote logserver using the IETF-syslog protocol, Multithreading concepts of syslog-ng OSE, Optimizing multithreaded performance
tcp and syslog(tcp), Multithreading concepts of syslog-ng OSE
tcp(), Collecting messages using the RFC3164 protocol, Collecting messages from remote hosts using the BSD syslog protocol, tcp(), tcp6(), udp() and udp6() source options, mark_mode(), Sending messages to a remote logserver using the RFC3164 protocol, mark_mode(), mark_mode(), mark_mode(), mark_mode(), Sending messages to a remote logserver using the legacy BSD-syslog protocol, tcp(), tcp6(), udp(), and udp6() destination options, mark_mode(), mark_mode(), Managing incoming and outgoing messages with flow-control, mark_mode(), Secure logging using TLS, Encrypting log messages with TLS, Mutual authentication using TLS, TLS options, Handling lots of parallel connections, Glossary
tcp(), or syslog(), ts_format()
tcp, syslog, and pipe, Multithreading concepts of syslog-ng OSE
tcp, tcp6, syslog, and network, Version 3.3 - 3.4
tcp, tcp6, udp, and udp6, Version 3.3 - 3.4
tcp-keepalive-intvl(), Version 3.3 - 3.4, tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time()
tcp-keepalive-probes(), Version 3.3 - 3.4, tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time()
tcp-keepalive-time(), Version 3.3 - 3.4, tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time()
tcp-keepalive-time() + tcp-keepalive-intvl() * tcp-keepalive-probes(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time()
tcp6, flags()
tcp6(), Collecting messages using the RFC3164 protocol, Collecting messages from remote hosts using the BSD syslog protocol, tcp(), tcp6(), udp() and udp6() source options, Sending messages to a remote logserver using the RFC3164 protocol, Sending messages to a remote logserver using the legacy BSD-syslog protocol, tcp(), tcp6(), udp(), and udp6() destination options, Secure logging using TLS, TLS options, Glossary
tcpv6(), Encrypting log messages with TLS, Mutual authentication using TLS
TCP_KEEPCNT, tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time()
TCP_KEEPIDLE, tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time()
TCP_KEEPINTVL, tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time()
template, The configuration syntax in detail, syslog-ng.conf
template(), The JSON parser
template_escape, Templates and macros
template_escape(), Templates and macros
template_escape(no), Templates and macros
template_escape(yes), Templates and macros
text, columns()
threaded, flags(), flags(), flags(), flags(), Configuring multithreading
threaded(yes), Configuring multithreading
throttle, Possible causes of losing log messages
Thu, WEEK_ABBREV, C_WEEK_ABBREV, R_WEEK_ABBREV, S_WEEK_ABBREV, WEEKDAY, C_WEEKDAY, R_WEEKDAY, S_WEEKDAY
time-reap(), Storing messages in plain-text files
time_reap(), Version 3.2 - 3.3
time_sleep(), Handling lots of parallel connections
time_zone(), Timezones and daylight saving, Installing syslog-ng
time_zone(Europe/Budapest), local_time_zone(), local_time_zone()
tls, flags(), flags(), Sending messages to a remote logserver using the IETF-syslog protocol
tls( ca_dir(path_to_ca_directory) ), Encrypting log messages with TLS, Mutual authentication using TLS
tls( key_file(key_file_fullpathname) cert_file(cert_file_fullpathname) ), Encrypting log messages with TLS, Mutual authentication using TLS
tls( peer_verify(optional-untrusted);, Encrypting log messages with TLS
tls(), Encrypting log messages with TLS, Mutual authentication using TLS, TLS options
to(), Generating SMTP messages (e-mail) from logs, to()
Transaction: <type>., Using parser results in filters and templates
trigger, The syslog-ng pattern database format
trigger=timeout, Actions and message correlation
trusted_dn(), trusted_keys()
trusted_dn(*, O=Example Inc, ST=Some-State, C=*), trusted_dn()
trusted_keys(), trusted_keys()
trusted_keys(SHA1:00:EF:ED:A4:CE:00:D1:14:A4:AB:43:00:EF:00:91:85:FF:89:28:8F, SHA1:0C:42:00:3E:B2:60:36:64:00:E2:83:F0:80:46:AD:00:A8:9D:00:15), trusted_keys()
ts_format(), The HEADER message part, The HEADER message part, ts_format(), ts_format(), ts_format(), ts_format(), ts_format(), ts_format(), ts_format(), STAMP, R_STAMP, S_STAMP
type(), Storing messages in an SQL database, Using wildcards, special characters, and regular expressions in filters, Replacing message parts, Types and options of regular expressions, posix
type(glob), Using wildcards, special characters, and regular expressions in filters
TZ, Hard vs. soft macros
TZOFFSET, Hard vs. soft macros
tztab, Installing syslog-ng
t_demo_filetemplate, Templates and macros

U

udp, Sending messages to a remote logserver using the IETF-syslog protocol
udp(), Collecting messages using the RFC3164 protocol, Collecting messages from remote hosts using the BSD syslog protocol, tcp(), tcp6(), udp() and udp6() source options, mark_mode(), Sending messages to a remote logserver using the RFC3164 protocol, mark_mode(), mark_mode(), mark_mode(), mark_mode(), Sending messages to a remote logserver using the legacy BSD-syslog protocol, tcp(), tcp6(), udp(), and udp6() destination options, mark_mode(), mark_mode(), mark_mode(), Handling lots of parallel connections, Glossary
udp() and udp6(), max-connections()
udp, file, and pipe, Multithreading concepts of syslog-ng OSE
udp6(), Collecting messages using the RFC3164 protocol, Collecting messages from remote hosts using the BSD syslog protocol, tcp(), tcp6(), udp() and udp6() source options, Sending messages to a remote logserver using the RFC3164 protocol, Sending messages to a remote logserver using the legacy BSD-syslog protocol, tcp(), tcp6(), udp(), and udp6() destination options, Glossary
ulimit, file() destination options
unicode, pcre
unix-dgram, How sources work, optional(), optional(), optional(), optional(), optional(), Possible causes of losing log messages
unix-dgram(), Collecting messages from UNIX domain sockets, unix-stream() and unix-dgram() source options, keep-alive(), max-connections(), mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode(), Sending messages to UNIX domain sockets, unix-stream() and unix-dgram() destination options, mark_mode(), mark_mode(), Handling lots of parallel connections
unix-stream, How sources work, optional(), optional(), optional(), optional(), optional(), Possible causes of losing log messages
unix-stream(), The configuration syntax in detail, Collecting messages from UNIX domain sockets, unix-stream() and unix-dgram() source options, mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode(), mark_mode(), Sending messages to UNIX domain sockets, unix-stream() and unix-dgram() destination options, mark_mode(), mark_mode(), Handling lots of parallel connections, syslog-ng.conf
UNIXTIME, Hard vs. soft macros
unknown, Using parser results in filters and templates
US7ASCII, WE8DEC, WE8MSWIN1252, and WE8ISO8859P1, Using the sql() driver with an Oracle database
user, Using pattern parsers
user=@ESTRING:user: @group=@ESTRING:group: @, Using pattern parsers
user=@STRING:user@ group=@STRING:group@, Using pattern parsers
user=joe96, Using pattern parsers
user=joe96 group=somegroup, Using pattern parsers
user@@example.com, The syslog-ng pattern database format
user@example.com, @EMAIL@
useracct, pdbtool
username, grep, if
usertty(), Sending messages to a user terminal — usertty() destination, Handling large message load
use_dns(), How relaying log messages works, keep_hostname(), keep_hostname(), keep_hostname(), keep_hostname(), FULLHOST_FROM, Using name resolution in syslog-ng
use_dns(yes), How relaying log messages works
use_fqdn(), FULLHOST_FROM
use_time_recvd(), Date-related macros
UTF-8, encoding(), encoding(), encoding()
UTF8, AL16UTF16, and AL32UTF8, Using the sql() driver with an Oracle database

© 2007-2014 BalaBit IT Security
Please send your comments or documentation bugs to: documentation@balabit.com