The syslog-ng 3.0 Administrator Guide

Document version: Thirteenth
Release date: September 23, 2010
Latest version available at the BalaBit Documentation Page

3.4.7. Sending messages to a remote logserver using the legacy BSD-syslog protocol

The tcp(), tcp6(), udp(), and udp6() drivers send messages to another host (e.g., a syslog-ng server or relay) on the local intranet or internet using the UDP or TCP protocol. The tcp6() and udp6() drivers use the IPv6 network protocol.

All four drivers have a single required parameter specifying the destination host address, where messages should be sent. For the list of available optional parameters, see Section 8.2.7, “tcp(), tcp6(), udp(), and udp6()”.

The udp() and udp6() drivers automatically send multicast packets if a multicast destination address is specified. The tcp() and tcp6() drivers do not support multicasting.

Declaration:
                tcp(host [options]);
                udp(host [options]);
                tcp6(host [options]);
                udp6(host [options]);
[Example] Example 3.26. Using the tcp() driver 
destination d_tcp { tcp("10.1.2.3" port(1999) localport(999)); };

If name resolution is configured, the hostname of the target server can be used as well.

destination d_tcp { tcp("target_host" port(1999) localport(999)); };

To send messages using the IETF-syslog message format, enable the syslog-protocol flag:

destination d_tcp { tcp("10.1.2.3" port(1999) flags(syslog-protocol) };
Prev  Up  Next
3.4.6. Sending messages to a remote logserver using the IETF-syslog protocol  Home | Contents  3.4.8. Sending messages to UNIX domain sockets

© 2007-2010 BalaBit IT Security
Please send your comments or documentation bugs to: documentation@balabit.com