The syslog-ng 3.0 Administrator Guide

Periodically, syslog-ng sends a message containing statistics about the received messages, and about any lost messages since the last such message. It includes a processed entry for every source and destination, listing the number of messages received or sent, and a dropped entry including the IP address of the server for every destination where syslog-ng has lost messages. The center(received) entry shows the total number of messages received from every configured sources.

The following is a sample log statistics message for a configuration that has a single source (s_local) and a network and a local file destination (d_network and d_local, respectively). All incoming messages are sent to both destinations.

Log statistics;
                    dropped='tcp(AF_INET(192.168.10.1:514))=6439',
                    processed='center(received)=234413',
                    processed='destination(d_tcp)=234413',
                    processed='destination(d_local)=234413',
                    processed='source(s_local)=234413'

Log statistics can be also retrieved on-demand using the echo STATS | nc -U var/run/syslog-ng.ctl command. This returns a list of source groups and destinations, as well as the number of processed messages for each. The verbosity of the statistics can be set using the stats_level() option. See Section 8.9, “Global options” for details.

	Note
	To query the statistics, you need the OpenBSD-style netcat application. The netcat included in most Linux distributions is a GNU-style version that is not suitable to query the statistics of syslog-ng. An alternative is to use the socat application: echo STATS | socat -vv UNIX-CONNECT:/opt/syslog-ng/var/run/syslog-ng.ctl -.