List of syslog-ng OSE parameters

Symbols

$(context-length), Attributes
$(echo), Using template functions
$(grep), context-lookup
$(indent-multi-line ${MESSAGE}), multi-line-mode(), multi-line-prefix(), multi-line-mode(), multi-line-prefix(), multi-line-mode(), multi-line-prefix()
$(list-slice), context-lookup
$DATE, value-pairs()
$FACILITY, value-pairs(), value-pairs()
$FULLHOST_FROM, FULLHOST_FROM, FULLHOST_FROM
$HOST, value-pairs(), value-pairs()
$HOST_FROM, HOST_FROM, HOST_FROM
$MESSAGE, value-pairs(), value-pairs()
$MSGID, value-pairs()
$PID, value-pairs(), value-pairs()
$PRIORITY, value-pairs(), value-pairs()
$PROGRAM, value-pairs(), value-pairs(), pdbtool
$R_DATE, value-pairs()
$SEQNUM, value-pairs()
$SOURCEIP, value-pairs(), value-pairs()
$TAGS, value-pairs()
$UNIXTIME, Specifying data types in value-pairs
$_, Setting multiple message fields to specific values
${.cisco.facility}, The Cisco Parser
${.cisco.mnemonic}, The Cisco Parser
${.cisco.severity}, The Cisco Parser
${.SDATA.SDID.SDNAME}, SDATA, .SDATA.SDID.SDNAME
${.unix.cmdline}, UNIX credentials and other metadata
${.unix.exe}, UNIX credentials and other metadata
${.unix.gid}, UNIX credentials and other metadata
${.unix.pid}, UNIX credentials and other metadata, UNIX credentials and other metadata
${.unix.uid}, UNIX credentials and other metadata
${AMPM}, AMPM, HOUR12, C_HOUR12, R_HOUR12, S_HOUR12
${C_DATE}, Date-related macros
${DATE}, Date-related macros, FULLDATE, C_FULLDATE, R_FULLDATE, S_FULLDATE
${DAY}, Formatting messages, filenames, directories, and tablenames
${FILE_NAME}, wildcard-file: Collecting messages from multiple text files
${FULLHOST_FROM}, FULLHOST_FROM, SOURCEIP
${HOST_FROM}, HOST_FROM
${HOST}, Global objects, The syslog-ng OSE quick-start guide, file() destination options, Formatting messages, filenames, directories, and tablenames, Using template functions, echo
${HOUR12}, AMPM
${HOUR}, Date-related macros
${ISODATE}, Date-related macros, ISODATE, C_ISODATE, R_ISODATE, S_ISODATE, TZOFFSET, C_TZOFFSET, R_TZOFFSET, S_TZOFFSET
${LEVEL}, LEVEL_NUM, PRIORITY or LEVEL
${MESSAGE}, Message representation in syslog-ng OSE, flags(), multi-line-mode(), multi-line-prefix(), flags(), multi-line-mode(), multi-line-prefix(), flags(), flags(), multi-line-mode(), multi-line-prefix(), flags(), flags(), flags(), flags(), Combining filters with boolean operators, MESSAGE, substr, flags(), pdbtool
${MSGHDR}, Templates and macros, MESSAGE
${MSGONLY}, MESSAGE
${PID}, Comparing macro values in filters
${PROGRAM}, file: Storing messages in plain-text files, pdbtool, pdbtool, pdbtool
${RCPTID}, use-rcptid() , RCPTID
${R_DATE}, Date-related macros
${SDATA}, SDATA, .SDATA.SDID.SDNAME
${SEQNUM}, SEQNUM, SEQNUM, SEQNUM
${S_DATE}, Date-related macros, Date-related macros
${TAGS}, Tagging messages, TAGS, Description
${TZOFFSET}, TZOFFSET, C_TZOFFSET, R_TZOFFSET, S_TZOFFSET
${WEEKDAY}, overwrite-if-older()
-, loggen, pdbtool, pdbtool
--active-connections, loggen
--caps, syslog-ng
--ctrl-chars or -c, sanitize
--debug, Troubleshooting syslog-ng
--debug-csv, pdbtool
--debug-pattern, pdbtool
--dgram, loggen
--disable-http, Installing syslog-ng
--disable-smtp, Installing syslog-ng
--enable-all-modules, Version 3.6 - 3.7
--enable-geoip, geoip (DEPRECATED), geoip2
--enable-json, Version 3.12 - 3.13, What is new in syslog-ng Open Source Edition 3.13?
--enable-linux-caps, syslog-ng, syslog-ng
--enable-mixed-linking, Installing syslog-ng, Compiling options of syslog-ng OSE
--enable-mongodb, Version 3.12 - 3.13, What is new in syslog-ng Open Source Edition 3.13?
--enable-pacct, pacct: Collecting process accounting logs on Linux
--enable-pcre, Version 3.5 - 3.6
--enable-spoof-source, How relaying log messages works, spoof-source(), spoof-source()
--enable-ssl, hash
--fd-limit, file() destination options
--field, geoip2
--foreground, syslog-ng
--group, syslog-ng
--idle-connections, loggen
--inet, loggen
--interval, loggen, loggen
--invalid-chars <characterlist> or -i <characterlist>, sanitize
--length, hash, hash
--no-caps, syslog-ng, syslog-ng
--no-ctrl-chars or -C, sanitize
--no-framing, loggen
--number, loggen, loggen
--read-file, loggen, loggen
--replacement <replacement-character> or -r <replacement-character>, sanitize
--sdata, loggen
--sdata [test name=\value\], loggen
--skip-tokens, loggen
--skip-tokens 2, loggen
--stderr, syslog-ng-ctl, syslog-ng-ctl, syslog-ng-ctl
--support=3.0, pdbtool
--syslog-proto, loggen
--user, syslog-ng
--verbose, Troubleshooting syslog-ng
--with-ivykis=system, Compiling options of syslog-ng OSE
--with-libmongo-client, Version 3.12 - 3.13, What is new in syslog-ng Open Source Edition 3.13?
--with-libmongo-client=system, Compiling options of syslog-ng OSE, Compiling options of syslog-ng OSE
--with-librabbitmq-client=system, Compiling options of syslog-ng OSE, Compiling options of syslog-ng OSE
--worker-threads, Multithreading concepts of syslog-ng OSE, Multithreading concepts of syslog-ng OSE, Multithreading concepts of syslog-ng OSE, Multithreading concepts of syslog-ng OSE, Multithreading concepts of syslog-ng OSE, Multithreading concepts of syslog-ng OSE, Multithreading concepts of syslog-ng OSE
-e, syslog-ng-ctl, syslog-ng-ctl, syslog-ng-ctl
-R -, loggen
.apache., The Apache Access Log Parser
.classifier.<message-class>, tags(), Using parser results in filters and templates
.classifier.class, Using parser results in filters and templates
.classifier.context_id, Using parser results in filters and templates, Correlating log messages using pattern databases, Attributes, Attributes
.classifier.rule_id, Using parser results in filters and templates, Using parser results in filters and templates
.classifier.system, tags(), Using parser results in filters and templates
.classifier_class, Using parser results in filters and templates
.dict.string1, pdbtool
.dict.string2, pdbtool
.nodejs.winston., nodejs: Receiving JSON messages from nodejs applications
.osquery., osquery: Collect and parse osquery result logs
.SDATA.meta, Tagging messages
.snmp., snmptrap: Read Net-SNMP traps
.solaris.msgid, sun-streams: Collecting messages on Sun Solaris, system: Collecting the system-specific log messages of a platform, system: Collecting the system-specific log messages of a platform, system: Collecting the system-specific log messages of a platform
.TLS.X509_CN, .TLS.X509
.TLS.X509_O, .TLS.X509
.TLS.X509_OU, .TLS.X509
.USER, Setting multiple message fields to specific values, Setting multiple message fields to specific values
/, sanitize
/usr, Installing syslog-ng
0, tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), pdbtool
00:50:fc:e3:cd:37, @MACADDR@
1, pdbtool, pdbtool
1061, loggen
4.0, pdbtool
4096, syslog-ng
59, The XML parser
::1, loggen
<action>, Triggering actions for identified messages, Example, Example
<create-context>, Triggering actions for identified messages, Example
<message>, Triggering actions for identified messages, Example, Example
<object-type> (<object-id>);, Defining configuration objects inline
<object-type> {<object-definition>};, Defining configuration objects inline
<pattern>postfix\@ESTRING:.postfix.component:[@</pattern>, Children
<user@example.com>, @EMAIL@, @EMAIL@
@define allow-config-dups 1, The syslog-ng OSE configuration file, Including configuration files, syslog-ng.conf
@DOUBLE@, @FLOAT@
@EMAIL:email:[<]>@, @EMAIL@
@ESTRING:: @, pdbtool
@FLOAT@, @DOUBLE@
@module, Loading modules, Loading modules, Loading modules, Loading modules
@module <modulename>, syslog-ng
@PCRE:name:regexp@, @PCRE@
@SET:: @, @SET@
@version, Loading modules, Including configuration files
[user@example.com], @EMAIL@

C

ca-dir(), ca-dir(), ca-file(), cert-file(), cipher-suite(), key-file(), peer-verify(), ssl-version(), crl-dir(), pkcs12-file()
ca-file(), ca-file(), cert-file(), key-file(), peer-verify(), ca-dir(), ca-file(), cert-file(), cipher-suite(), key-file(), peer-verify(), ssl-version(), type()
cacert(), type()
catchall, Log path flags, Log path flags, Log path flags
cc(), cc()
cert(), type()
cert-file(), ca-file(), cert-file(), key-file(), peer-verify(), ca-dir(), ca-file(), cert-file(), cipher-suite(), key-file(), peer-verify(), ssl-version(), type(), type(), type(), key-file(), pkcs12-file()
chain-hostnames(), Version 3.6 - 3.7, Configuring syslog-ng relays, chain-hostnames(), FULLHOST, HOST
channel, Using channels in configuration objects
cipher-suite(), ca-dir(), ca-file(), cert-file(), cipher-suite(), cipher-suite(), key-file(), peer-verify(), ssl-version(), cipher-suite(), cipher-suite()
cisco-parser(), The Cisco Parser, The Cisco Parser, The Cisco Parser, prefix()
class-path, hdfs: Storing messages on the Hadoop Distributed File System (HDFS)
client-host, How relaying log messages works, How relaying log messages works, How relaying log messages works
client-hostname-from-the-message, chain-hostnames()
client-hostname-resolved-on-the-relay, chain-hostnames()
client-hostname-resolved-on-the-server, chain-hostnames()
clientcert, http-auth-type()
cluster(), Client modes, Elasticsearch destination options, client-mode(), client-mode(), client-mode(), Client modes, Client modes, Client modes, elasticsearch2: Sending messages directly to Elasticsearch version 2.0 or higher, Elasticsearch2 destination options, client-mode(), client-mode(), client-mode()
cluster_url(), client-mode(), client-mode(), client-mode(), client-mode(), cluster-url(), Client modes, Client modes, Client modes, Client modes, client-mode(), client-mode(), client-mode(), client-mode(), cluster-url(), server()
columns(), sql: Storing messages in an SQL database, values()
Common Name, Encrypting log messages with TLS, Encrypting log messages with TLS, Mutual authentication using TLS
concurrent-requests, How syslog-ng OSE interacts with Elasticsearch, flush-limit(), How syslog-ng OSE interacts with Elasticsearch, flush-limit()
concurrent-requests(), concurrent-requests(), concurrent-requests(), concurrent-requests(), concurrent-requests()
condition, Conditional actions
condition(), Conditional rewrites, Conditional rewrites
condition='$(context-length) >= 5', Attributes
context, Managing complex syslog-ng configurations, Managing complex syslog-ng configurations, Actions and message correlation, Children, Children, Children, aggregate(), aggregate()
context-id, Correlating log messages using pattern databases, Attributes, Attributes, Attributes, Attributes
context-lookup, context-lookup, context-lookup, context-lookup, context-lookup, grep
context-scope, Correlating log messages using pattern databases, Actions and message correlation, Actions and message correlation, Attributes, Attributes, Attributes, Attributes, Children, Attributes, Attributes, Attributes, Attributes
context-timeout, Correlating log messages using pattern databases, Correlating log messages using pattern databases, Correlating log messages using pattern databases, Correlating log messages using pattern databases, Actions and message correlation, Actions and message correlation, Attributes, Attributes, Correlating messages using the grouping-by() parser, Correlating messages using the grouping-by() parser, Correlating messages using the grouping-by() parser
context-values, context-values
CONTEXT_ID, Hard vs. soft macros
create-dirs(), file: Storing messages in plain-text files, dir-perm(), dir-perm()
credit-card-hash(), Anonymizing credit card numbers
credit-card-mask(), Anonymizing credit card numbers
crit, level() or priority()
csv-parser(), Global objects, Junctions and channels, Parsing messages with comma-separated and similar values, Options of CSV parsers
custom-domain(), Version 3.5 - 3.6

D

database(), sql: Storing messages in an SQL database, Using the sql() driver with an Oracle database, database(), Options add-contextual-data()
DATE, value-pairs(), Date-related macros, Hard vs. soft macros
date-parser(), Parsing dates and timestamps, Options of date-parser() parsers
datetime, Specifying data types in value-pairs
DAY, Date-related macros, Hard vs. soft macros
db-parser(), Using pattern databases, Using pattern databases, Triggering actions for identified messages
debug, level() or priority(), Dropping messages
default-facility(), How sources work, file: Collecting messages from text files, wildcard-file: Collecting messages from multiple text files
default-priority(), How sources work, file: Collecting messages from text files, wildcard-file: Collecting messages from multiple text files
default-selector(), Adding metadata from an external file, default-selector(), prefix()
deinit(), Version 3.11 - 3.12
deinit(self), Methods of the python() parser
delimiters(<delimiter_characters>), delimiters()
destination, The syslog-ng OSE configuration file, Reusing configuration blocks, Managing complex syslog-ng configurations, syslog-ng.conf
dir(), Version 3.11 - 3.12, disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer()
dir-group(), dir-group()
dir-owner(), dir-owner()
dir-perm(), dir-perm(), dir-perm()
dirname, FILE_NAME, basename
dirname(), Version 3.9 - 3.10
disk-buf-size(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), Flow-control and multiple destinations, Using disk-based and memory buffering, Size and truncation of queue files
disk-buffer(), Version 3.11 - 3.12, Using disk-based and memory buffering
dns-cache(), FULLHOST, HOST
dns-cache-hosts(), Using name resolution in syslog-ng
dont-create-tables, flags()
dont-store-legacy-msghdr, flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags()
door(), sun-streams: Collecting messages on Sun Solaris
dot-nv-pairs, value-pairs()
double, Specifying data types in value-pairs
drop-invalid, flags()
drop-message, on-error(), on-error(), on-error(), on-error(), on-error(), on-error(), on-error(), on-error(), on-error(), on-error(), on-error(), on-error(), on-error()
drop-property, on-error(), on-error(), on-error(), on-error(), on-error(), on-error(), format-cef-extension, on-error()
drop-unmatched(), Using pattern databases, Using pattern databases
dropped, Statistics of syslog-ng, Statistics of syslog-ng
dynamic, Installing syslog-ng

E

elastic2(), Version 3.8 - 3.9, elasticsearch: Sending messages directly to Elasticsearch version 1.x
elasticsearch, elasticsearch: Sending messages directly to Elasticsearch version 1.x, elasticsearch: Sending messages directly to Elasticsearch version 1.x, elasticsearch: Sending messages directly to Elasticsearch version 1.x, elasticsearch: Sending messages directly to Elasticsearch version 1.x, elasticsearch: Sending messages directly to Elasticsearch version 1.x, elasticsearch: Sending messages directly to Elasticsearch version 1.x, How syslog-ng OSE interacts with Elasticsearch, Elasticsearch destination options, client-lib-dir()
elasticsearch(), elasticsearch: Sending messages directly to Elasticsearch version 1.x
elasticsearch2, Sending and storing log messages — destinations and destination drivers, elasticsearch: Sending messages directly to Elasticsearch version 1.x, client-mode(), client-mode(), elasticsearch2: Sending messages directly to Elasticsearch version 2.0 or higher, elasticsearch2: Sending messages directly to Elasticsearch version 2.0 or higher, elasticsearch2: Sending messages directly to Elasticsearch version 2.0 or higher, elasticsearch2: Sending messages directly to Elasticsearch version 2.0 or higher, elasticsearch2: Sending messages directly to Elasticsearch version 2.0 or higher, elasticsearch2: Sending messages directly to Elasticsearch version 2.0 or higher, elasticsearch2: Sending messages directly to Elasticsearch version 2.0 or higher, How syslog-ng OSE interacts with Elasticsearch, Client modes, Client modes, Elasticsearch2 destination options, client-mode(), client-mode(), syslog-ng.conf
elasticsearch2(), Version 3.9 - 3.10, elasticsearch: Sending messages directly to Elasticsearch version 1.x, elasticsearch2: Sending messages directly to Elasticsearch version 2.0 or higher, Using disk-based and memory buffering, Enabling reliable disk-based buffering, Enabling normal disk-based buffering
email, @EMAIL@
emerg, level() or priority()
empty-lines, flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags()
encoding(), Message size and encoding, format-cef-extension
err, level() or priority()
error, PRIORITY or LEVEL
escape-none, dialect()
event-time(), What is new in syslog-ng Open Source Edition 3.13?, event-time()
exclude(), Structuring macros, metadata, and other value-pairs, value-pairs()
exclude_tags, exclude-tags
expect-hostname, flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags()
explicit-commits, flags(), flags()
extract-prefix, Version 3.5 - 3.6
extract-solaris-msgid(), Version 3.6 - 3.7, sun-streams: Collecting messages on Sun Solaris, system: Collecting the system-specific log messages of a platform, system: Collecting the system-specific log messages of a platform, system: Collecting the system-specific log messages of a platform
extract-stray-words-into(), extract-stray-words-into()

F

FACILITY, Hard vs. soft macros
facility, General recommendations
facility(), facility()
FACILITY_NUM, Hard vs. soft macros
fallback, Log path flags, Log path flags, Log path flags, flags()
fallback-to-string, on-error(), on-error(), on-error(), on-error(), on-error(), on-error(), on-error()
file, file: Collecting messages from text files, file: Storing messages in plain-text files, flags(), Using pattern databases, Multithreading concepts of syslog-ng OSE, Multithreading concepts of syslog-ng OSE
file(), The syslog-ng OSE configuration file, file: Collecting messages from text files, Notes on reading kernel messages, file() source options, flags(), wildcard-file: Collecting messages from multiple text files, flags(), flags(), mbox: Converting local e-mail messages to log messages, osquery: Collect and parse osquery result logs, pipe: Collecting messages from named pipes, flags(), flags(), flags(), flags(), flags(), file: Storing messages in plain-text files, file() destination options, mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), Using disk-based and memory buffering, Enabling reliable disk-based buffering, Enabling normal disk-based buffering, mark-mode(), mark-mode(), mark-mode(), mark-mode(), flags(), syslog-ng.conf
filename(), snmptrap() source options
filename-pattern(), wildcard-file: Collecting messages from multiple text files, wildcard-file: Collecting messages from multiple text files
filter, The syslog-ng OSE configuration file, Reusing configuration blocks, Managing complex syslog-ng configurations, syslog-ng.conf
filter(), Conditional rewrites
final, Logging with syslog-ng, Log path flags, Log path flags, Log path flags, Dropping messages
flag(syslog-protocol), Things to consider when forwarding messages between syslog-ng OSE hosts
flags(), The syslog-ng OSE configuration file, Log paths, Embedded log statements, Replacing message parts, syslog-ng.conf
flags(no-multi-line), flags(), multi-line-mode(), multi-line-prefix(), flags(), multi-line-mode(), multi-line-prefix(), flags(), flags(), multi-line-mode(), multi-line-prefix(), flags(), flags(), flags(), flags(), Macros of syslog-ng OSE, MESSAGE, flags()
flags(no-parse), Message representation in syslog-ng OSE, flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), Macros of syslog-ng OSE, MESSAGE, Parsers and segmenting structured messages, flags()
flags(syslog-protocol), Parsing syslog messages
flow-control, Log paths, Embedded log statements, Managing incoming and outgoing messages with flow-control, Managing incoming and outgoing messages with flow-control
flush-limit, How syslog-ng OSE interacts with Elasticsearch, How syslog-ng OSE interacts with Elasticsearch, flush-limit(), flush-limit(), How syslog-ng OSE interacts with Elasticsearch, How syslog-ng OSE interacts with Elasticsearch, flush-limit(), flush-limit()
flush-limit(), concurrent-requests(), concurrent-requests()
flush-lines(), log-iw-size(), log-iw-size(), log-iw-size(), log-iw-size(), log-iw-size(), log-iw-size(), log-iw-size(), flush-lines(), flush-timeout() (DEPRECATED), flush-lines(), flush-timeout() (DEPRECATED), flush-lines(), flush-timeout() (DEPRECATED), flush-lines(), flush-timeout() (DEPRECATED), flush-lines(), flags(), flush-lines(), flush-timeout() (DEPRECATED), flush-lines(), flush-timeout() (DEPRECATED), flush-lines(), flush-timeout() (DEPRECATED), flush-lines(), flush-timeout(), sync() or sync-freq() (DEPRECATED), Multithreading concepts of syslog-ng OSE, Handling large message load
flush-timeout(), flags(), Multithreading concepts of syslog-ng OSE
flush_lines, Possible causes of losing log messages
follow-freq(), The syslog-ng OSE configuration file, Notes on reading kernel messages, Notes on reading kernel messages, follow-freq(), follow-freq(), monitor-method(), follow-freq(), follow-freq(), follow-freq(), syslog-ng.conf
follow-freq(1), system: Collecting the system-specific log messages of a platform
foo bar, loggen
foo bar message, loggen
foreground, syslog-ng
format(linux-kmsg), system: Collecting the system-specific log messages of a platform
format-cef-extension, format-cef-extension, format-cef-extension
format-cim, Compiling options of syslog-ng OSE, Compiling options of syslog-ng OSE
format-cim(), format-cim
format-json, Specifying data types in value-pairs, value-pairs(), Compiling options of syslog-ng OSE, Compiling options of syslog-ng OSE, osquery: Collect and parse osquery result logs, format-json, format-json, Parsing key=value pairs, The JSON parser, The XML parser, The XML parser, The Apache Access Log Parser, The Linux Audit Parser
format-json(), Structuring macros, metadata, and other value-pairs, template()
format-welf(), Structuring macros, metadata, and other value-pairs, format-welf
frac-digits(), frac-digits(), frac-digits(), frac-digits(), frac-digits(), frac-digits(), frac-digits(), frac-digits(), frac-digits(), frac-digits(), frac-digits(), frac-digits(), frac-digits(), frac-digits(), ts-format(), ISODATE, C_ISODATE, R_ISODATE, S_ISODATE, frac-digits()
from(), smtp: Generating SMTP messages (e-mail) from logs, from()
fsync(), fsync()
FULLDATE, Date-related macros, Hard vs. soft macros
FULLHOST, Hard vs. soft macros, Setting multiple message fields to specific values, Setting multiple message fields to specific values
FULLHOST_FROM, Hard vs. soft macros

H

having(), Correlating messages using the grouping-by() parser, having()
hdfs, hdfs: Storing messages on the Hadoop Distributed File System (HDFS), hdfs: Storing messages on the Hadoop Distributed File System (HDFS), hdfs: Storing messages on the Hadoop Distributed File System (HDFS), hdfs: Storing messages on the Hadoop Distributed File System (HDFS), hdfs: Storing messages on the Hadoop Distributed File System (HDFS), hdfs: Storing messages on the Hadoop Distributed File System (HDFS), hdfs: Storing messages on the Hadoop Distributed File System (HDFS), hdfs: Storing messages on the Hadoop Distributed File System (HDFS), hdfs: Storing messages on the Hadoop Distributed File System (HDFS), hdfs: Storing messages on the Hadoop Distributed File System (HDFS), hdfs: Storing messages on the Hadoop Distributed File System (HDFS), HDFS destination options, client-lib-dir()
hdfs(), Version 3.9 - 3.10, hdfs: Storing messages on the Hadoop Distributed File System (HDFS), kerberos-keytab-file(), kerberos-principal(), Using disk-based and memory buffering, Enabling reliable disk-based buffering, Enabling normal disk-based buffering
hdfs-append-enabled, hdfs-append-enabled(), hdfs-append-enabled()
hdfs-append-enabled(), Version 3.11 - 3.12, hdfs: Storing messages on the Hadoop Distributed File System (HDFS)
hdfs-file(), Version 3.11 - 3.12, HDFS destination options, hdfs-file()
hdfs-max-filename-length, hdfs-max-filename-length()
hdfs-option-kerberos-keytab-file(), kerberos-principal()
hdfs-option-kerberos-principal(), kerberos-keytab-file()
hdfs-uri(), HDFS destination options
header(), smtp: Generating SMTP messages (e-mail) from logs, header(), header()
HOST, keep-hostname(), keep-hostname(), keep-hostname(), keep-hostname(), keep-hostname(), keep-hostname(), netmask(), netmask6(), keep-hostname(), keep-hostname(), keep-hostname(), Hard vs. soft macros, Setting multiple message fields to specific values, Setting multiple message fields to specific values, Setting multiple message fields to specific values
host, Using the sql() driver with an Oracle database
host(), smtp: Generating SMTP messages (e-mail) from logs, Junctions and channels, Using wildcards, special characters, and regular expressions in filters, Optimizing regular expressions, Parsing syslog messages
HOST_FROM, Hard vs. soft macros
HOUR, time-zone(), time-zone(), time-zone(), time-zone(), time-zone(), time-zone(), time-zone(), time-zone(), time-zone(), time-zone(), time-zone(), time-zone(), Date-related macros, Hard vs. soft macros, time-zone()
HOUR12, Date-related macros
http, Posting messages over HTTP, Posting messages over HTTP, Posting messages over HTTP, HTTP destination options, class-name(), client-lib-dir(), http: Posting messages over HTTP without Java, http: Posting messages over HTTP without Java, http: Posting messages over HTTP without Java, HTTP destination options
http(), Version 3.9 - 3.10, Installing syslog-ng, Compiling options of syslog-ng OSE, http: Posting messages over HTTP without Java, Splunk: Sending log messages to Splunk, Using disk-based and memory buffering, Enabling reliable disk-based buffering, Enabling normal disk-based buffering
http-auth-type-basic-password, http-auth-type(), http-auth-type-basic-username()
http-auth-type-basic-username, http-auth-type(), http-auth-type-basic-password()

I

in-list, inlist()
in-list filter, inlist()
index(), Elasticsearch destination options, Elasticsearch2 destination options
indexes, indexes()
indexes(), indexes()
info, level() or priority()
inherit-environment(), Version 3.7 - 3.8
inherit-mode, What's new in the syslog-ng pattern database format V5, Children
inherit-mode(), aggregate()
inherit-properties, Version 3.6 - 3.7, Triggering actions for identified messages, Actions and message correlation, Actions and message correlation, Actions and message correlation, What's new in the syslog-ng pattern database format V5, Example, Example
init, Methods of the python() parser
init (self, options), Methods of the python() parser
init(), Methods of the python() parser
inject-mode(), Triggering actions for identified messages, inject-mode()
int, Specifying data types in value-pairs
int32, Specifying data types in value-pairs
int64, Specifying data types in value-pairs
internal, internal: Collecting internal messages, Triggering actions for identified messages, inject-mode()
internal(), internal: Collecting internal messages, internal() source options, elasticsearch: Sending messages directly to Elasticsearch version 1.x, on-error(), on-error(), on-error(), elasticsearch2: Sending messages directly to Elasticsearch version 2.0 or higher, on-error(), on-error(), on-error(), hdfs: Storing messages on the Hadoop Distributed File System (HDFS), on-error(), on-error(), on-error(), kafka: Publishing messages to Apache Kafka, on-error(), on-error(), on-error(), on-error(), on-error(), on-error(), on-error(), on-error(), on-error(), on-error(), on-error(), on-error(), Triggering actions for identified messages, Triggering actions for identified messages, Children, inject-mode(), inject-mode(), Statistics of syslog-ng
ip-protocol(), ip-protocol(), ip-protocol(), ip-protocol(), ip-protocol()
ISODATE, Date-related macros, Hard vs. soft macros

K

kafka, kafka: Publishing messages to Apache Kafka, kafka: Publishing messages to Apache Kafka, kafka: Publishing messages to Apache Kafka, kafka: Publishing messages to Apache Kafka, kafka: Publishing messages to Apache Kafka, kafka: Publishing messages to Apache Kafka, How syslog-ng OSE interacts with Apache Kafka, Kafka destination options, client-lib-dir(), properties-file()
kafka(), kafka: Publishing messages to Apache Kafka, Using disk-based and memory buffering, Enabling reliable disk-based buffering, Enabling normal disk-based buffering
kafka-bootstrap-servers, properties-file()
kafka-bootstrap-servers(), Kafka destination options
keep-alive, keep-alive(), keep-alive(), keep-alive(), keep-alive(), keep-alive()
keep-alive(), program: Sending messages to external applications
keep-hostname(), Configuring syslog-ng relays, How relaying log messages works, How relaying log messages works, use-dns(), use-fqdn(), use-dns(), use-fqdn(), use-fqdn(), chain-hostnames(), dns-cache(), normalize-hostnames(), use-dns(), use-fqdn(), FULLHOST, FULLHOST, FULLHOST, HOST, HOST, HOST
keep-timestamp(), Timezones and daylight saving, keep-timestamp(), keep-timestamp(), keep-timestamp(), keep-timestamp(), keep-timestamp(), keep-timestamp(), keep-timestamp(), keep-timestamp(), keep-timestamp(), Date-related macros
keep-timestamp(no), system: Collecting the system-specific log messages of a platform
kern, file: Collecting messages from text files, FACILITY
kernel, flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags()
key(), Structuring macros, metadata, and other value-pairs, value-pairs(), value-pairs(), value-pairs(), mongodb: Storing messages in a MongoDB database, type(), Correlating messages using the grouping-by() parser, Correlating messages using the grouping-by() parser
key-file(), ca-file(), cert-file(), key-file(), peer-verify(), ca-dir(), ca-file(), cert-file(), cipher-suite(), key-file(), peer-verify(), ssl-version(), type(), type(), type(), cert-file(), pkcs12-file()
klogd, Notes on reading kernel messages
ksymoops, Notes on reading kernel messages
kv-parser, Options of key=value parsers
kv-parser(), Parsing key=value pairs

L

last-message, Children, Children, aggregate()
LEGACY_MSGHDR, Hard vs. soft macros
LEVEL, Hard vs. soft macros
level(), level() or priority()
LEVEL_NUM, Hard vs. soft macros
libdbi, Compiling options of syslog-ng OSE
libmaxminddb, Compiling options of syslog-ng OSE
libopenssl, Compiling options of syslog-ng OSE
libpcre, Installing syslog-ng
libsystemd-daemon, Compiling options of syslog-ng OSE
libwrap, Compiling options of syslog-ng OSE
linux-audit-parser(), The Linux Audit Parser, The Linux Audit Parser, Options of linux-audit-parser() parsers, Options of linux-audit-parser() parsers
list-append, List manipulation
list-concat, List manipulation
list-count, List manipulation
list-head, List manipulation
list-nth, List manipulation
list-slice, List manipulation
list-tail, List manipulation
listen-backlog(), listen-backlog(), listen-backlog(), listen-backlog()
literal, Specifying data types in value-pairs
local-time-zone(), Compiling options of syslog-ng OSE
localip(), network: Collecting messages using the RFC3164 protocol (network() driver)
log, The syslog-ng OSE configuration file, Reusing configuration blocks, Managing complex syslog-ng configurations, syslog-ng.conf
log-disk-fifo-size(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer()
log-fetch-limit(), log-fetch-limit(), log-iw-size(), log-fetch-limit(), log-iw-size(), log-fetch-limit(), log-fetch-limit(), log-fetch-limit(), log-fetch-limit(), log-fetch-limit(), log-fetch-limit(), log-fetch-limit(), Managing incoming and outgoing messages with flow-control, Configuring flow-control, Configuring flow-control, Configuring flow-control, Configuring flow-control, Configuring flow-control, Multithreading concepts of syslog-ng OSE
log-fifo-size(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), Managing incoming and outgoing messages with flow-control, Managing incoming and outgoing messages with flow-control, Configuring flow-control, Configuring flow-control, Configuring flow-control, Configuring flow-control, Using disk-based and memory buffering, Using disk-based and memory buffering, Enabling memory buffering
log-iw-size(), log-iw-size(), log-iw-size(), log-iw-size(), log-iw-size(), log-iw-size(), log-iw-size(), log-iw-size(), log-iw-size(), log-iw-size(), log-iw-size(), flush-lines(), flush-lines(), flush-lines(), flush-lines(), flush-lines(), flush-lines(), flush-lines(), Managing incoming and outgoing messages with flow-control, Configuring flow-control, Configuring flow-control, Configuring flow-control, Configuring flow-control, Using disk-based and memory buffering, Multithreading concepts of syslog-ng OSE
log-msg-size(), Version 3.9 - 3.10, BSD-syslog or legacy-syslog messages, Message size and encoding, Notes about the configuration syntax, log-msg-size(), log-msg-size(), log-msg-size(), log-msg-size(), log-msg-size(), log-msg-size(), log-msg-size(), systemd-journal: Collecting messages from the systemd-journal system log storage, log-msg-size(), Using the sql() driver with an Oracle database, Using the sql() driver with a Microsoft SQL database
log-msg-size(2Mb), Notes about the configuration syntax
loggly, loggly: Using Loggly
loggly(), loggly: Using Loggly, loggly() destination options
logmatic, logmatic: Using Logmatic.io
logmatic(), logmatic: Using Logmatic.io, logmatic() destination options

M

make, Installing syslog-ng
map-value-pairs, map-value-pairs: Rename value-pairs to normalize logs
map-value-pairs(), map-value-pairs: Rename value-pairs to normalize logs
MARK, mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-freq(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-freq(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-freq(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode()
mark(), mark-freq(), mark-freq(), mark() (DEPRECATED), mark-freq()
mark-freq, Actions and message correlation
mark-freq(), mark-freq(), mark-freq(), mark() (DEPRECATED), mark-freq()
mark-mode(), mark-mode(), mark-mode(), mark-freq(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-freq(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-freq(), mark-mode(), mark-mode()
match, Combining filters with boolean operators
match(), Combining filters with boolean operators, Using wildcards, special characters, and regular expressions in filters, match(), message(), Optimizing regular expressions, Optimizing regular expressions
max-connections(), log-iw-size(), log-iw-size(), log-iw-size(), log-iw-size(), log-iw-size(), log-iw-size(), unix-stream, unix-dgram: Collecting messages from UNIX domain sockets, log-iw-size(), Managing incoming and outgoing messages with flow-control, Managing incoming and outgoing messages with flow-control, Configuring flow-control, Configuring flow-control, Configuring flow-control, Configuring flow-control, Configuring flow-control, Multithreading concepts of syslog-ng OSE
max-field-size(), systemd-journal: Collecting messages from the systemd-journal system log storage
max-files(), wildcard-file: Collecting messages from multiple text files, max-files()
mbox, mbox: Converting local e-mail messages to log messages
mbox(), mbox: Converting local e-mail messages to log messages, mbox: Converting local e-mail messages to log messages, mbox: Converting local e-mail messages to log messages, mbox: Converting local e-mail messages to log messages
mem-buf-length(), Normal and reliable queue files
mem-buf-size(), Flow-control and multiple destinations, Using disk-based and memory buffering
MESSAGE, Hard vs. soft macros
message, loggen
message(), match()
MIN, Date-related macros, Hard vs. soft macros
mongodb, mongodb: Storing messages in a MongoDB database
mongodb(), Structuring macros, metadata, and other value-pairs, Specifying data types in value-pairs, value-pairs(), mongodb: Storing messages in a MongoDB database, mongodb: Storing messages in a MongoDB database, mongodb: Storing messages in a MongoDB database, mongodb() destination options, username() (DEPRECATED), Using disk-based and memory buffering, Enabling reliable disk-based buffering, Enabling normal disk-based buffering
MONTH, Date-related macros, Hard vs. soft macros
MONTH_ABBREV, Date-related macros, Hard vs. soft macros
MONTH_NAME, Date-related macros, Hard vs. soft macros
MONTH_WEEK, Date-related macros, Hard vs. soft macros
MSEC, Date-related macros
MSG, BSD-syslog or legacy-syslog messages, IETF-syslog messages, match(), message(), Hard vs. soft macros
MSGHDR, match()
MSGID, Hard vs. soft macros
MSGONLY, Hard vs. soft macros
mssql, Using the sql() driver with a Microsoft SQL database, type()
multi-line-garbage(), multi-line-garbage(), multi-line-garbage(), multi-line-mode(), multi-line-prefix(), multi-line-garbage(), multi-line-garbage(), multi-line-mode(), multi-line-prefix(), multi-line-garbage(), multi-line-garbage(), multi-line-mode(), multi-line-prefix()
multi-line-mode, Version 3.5 - 3.6
multi-line-mode(), multi-line-garbage(), multi-line-mode(), multi-line-suffix(), multi-line-garbage(), multi-line-mode(), multi-line-suffix(), multi-line-garbage(), multi-line-mode(), multi-line-suffix()
multi-line-mode(indented), multi-line-mode(), multi-line-mode(), multi-line-mode(), system: Collecting the system-specific log messages of a platform
multi-line-mode(prefix-garbage), multi-line-mode(), multi-line-mode(), multi-line-mode(), multi-line-mode(), multi-line-mode(), multi-line-mode()
multi-line-mode(prefix-suffix), multi-line-mode(), multi-line-mode(), multi-line-mode(), The XML parser
multi-line-prefix(), multi-line-garbage(), multi-line-garbage(), multi-line-mode(), multi-line-mode(), multi-line-prefix(), multi-line-prefix(), multi-line-suffix(), multi-line-garbage(), multi-line-garbage(), multi-line-mode(), multi-line-mode(), multi-line-prefix(), multi-line-prefix(), multi-line-suffix(), multi-line-garbage(), multi-line-garbage(), multi-line-mode(), multi-line-mode(), multi-line-prefix(), multi-line-prefix(), multi-line-suffix(), The XML parser
multi-line-suffix(), multi-line-mode(), multi-line-suffix(), multi-line-mode(), multi-line-suffix(), multi-line-mode(), multi-line-suffix(), The XML parser
myhost, Setting multiple message fields to specific values, Setting multiple message fields to specific values
MYSQL_UNIX_PORT, MySQL-specific interaction methods, host()

N

name, Managing complex syslog-ng configurations, Managing complex syslog-ng configurations, Children
netmask(), host()
netmask6(), netmask6()
network, network: Collecting messages using the RFC3164 protocol (network() driver), network: Sending messages to a remote log server using the RFC3164 protocol (network() driver)
network(), Version 3.6 - 3.7, Things to consider when forwarding messages between syslog-ng OSE hosts, network: Collecting messages using the RFC3164 protocol (network() driver), network() source options, ip-protocol(), nodejs: Receiving JSON messages from nodejs applications, ip-protocol(), tcp, tcp6, udp, udp6: Collecting messages from remote hosts using the BSD syslog protocol, tcp, tcp6, udp, udp6: Collecting messages from remote hosts using the BSD syslog protocol, tcp(), tcp6(), udp() and udp6() source options — OBSOLETE, tcp(), tcp6(), udp() and udp6() source options — OBSOLETE, tcp(), tcp6(), udp() and udp6() source options — OBSOLETE, ts-format(), ts-format(), mark-mode(), mark-mode(), mark-mode(), ts-format(), graphite: Sending metrics to Graphite, ts-format(), ts-format(), network: Sending messages to a remote log server using the RFC3164 protocol (network() driver), network() destination options, ip-protocol(), mark-mode(), mark-mode(), mark-mode(), ts-format(), mark-mode(), mark-mode(), mark-mode(), ts-format(), mark-mode(), mark-mode(), mark-mode(), ts-format(), ip-protocol(), mark-mode(), mark-mode(), mark-mode(), ts-format(), tcp, tcp6, udp, udp6: Sending messages to a remote log server using the legacy BSD-syslog protocol (tcp(), udp() drivers), tcp, tcp6, udp, udp6: Sending messages to a remote log server using the legacy BSD-syslog protocol (tcp(), udp() drivers), tcp(), tcp6(), udp(), and udp6() destination options, tcp(), tcp6(), udp(), and udp6() destination options, tcp(), tcp6(), udp(), and udp6() destination options, mark-mode(), mark-mode(), mark-mode(), ts-format(), Managing incoming and outgoing messages with flow-control, Using disk-based and memory buffering, Enabling reliable disk-based buffering, Enabling normal disk-based buffering, mark-mode(), mark-mode(), mark-mode(), ts-format(), Secure logging using TLS, Encrypting log messages with TLS, Encrypting log messages with TLS, Encrypting log messages with TLS, Mutual authentication using TLS, Mutual authentication using TLS, Mutual authentication using TLS, TLS options, ts-format(), Glossary
network(transport(tcp) flag(syslog-protocol)), Things to consider when forwarding messages between syslog-ng OSE hosts
network(transport(tcp)), Things to consider when forwarding messages between syslog-ng OSE hosts, Things to consider when forwarding messages between syslog-ng OSE hosts
network(transport(tls) flag(syslog-protocol)), Things to consider when forwarding messages between syslog-ng OSE hosts
network(transport(tls)), Things to consider when forwarding messages between syslog-ng OSE hosts
network(transport(udp) flag(syslog-protocol)), Things to consider when forwarding messages between syslog-ng OSE hosts
network(transport(udp)), Things to consider when forwarding messages between syslog-ng OSE hosts, Things to consider when forwarding messages between syslog-ng OSE hosts
no-hostname, flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags()
no-multi-line, flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags()
no-parse, flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags()
nobody, Setting multiple message fields to specific values
nodejs, nodejs: Receiving JSON messages from nodejs applications
nodejs(), nodejs: Receiving JSON messages from nodejs applications, nodejs: Receiving JSON messages from nodejs applications, nodejs() source options
none, http-auth-type(), Children, Children, aggregate()
normalize-hostnames(), FULLHOST, HOST
notice, level() or priority()
NULL, MsSQL-specific interaction methods
null(), MsSQL-specific interaction methods, null(), null(), null()
nv-pairs, value-pairs()

P

pacct, pacct: Collecting process accounting logs on Linux
pacct(), Compiling options of syslog-ng OSE, Compiling options of syslog-ng OSE, Passing arguments to configuration blocks, pacct: Collecting process accounting logs on Linux, pacct: Collecting process accounting logs on Linux, pacct: Collecting process accounting logs on Linux, pacct: Collecting process accounting logs on Linux, pacct: Collecting process accounting logs on Linux, pacct() options
pacctformat, pacct: Collecting process accounting logs on Linux
pad-size(), pad-size(), pad-size(), pad-size(), pad-size(), pad-size(), pad-size(), pad-size(), pad-size()
PADD, loggen
padding, Version 3.5 - 3.6
padding(), padding
pair(), Structuring macros, metadata, and other value-pairs, value-pairs()
pair-separator(), extract-stray-words-into()
Parameters, Typographical conventions
parse(), Methods of the python() parser
parse(self, log_message), Methods of the python() parser
parser, The syslog-ng OSE configuration file, Reusing configuration blocks, Managing complex syslog-ng configurations, syslog-ng.conf
pass-unix-credentials(), pass-unix-credentials()
password, Version 3.5 - 3.6
path(), path() (DEPRECATED), servers() (DEPRECATED)
path.home, Client modes, client-mode(), client-mode(), Client modes, client-mode()
payload, payload()
payload(), payload()
peer-verify, peer-verify()
peer-verify(), ca-file(), cert-file(), key-file(), peer-verify(), ca-dir(), ca-file(), cert-file(), cipher-suite(), key-file(), peer-verify(), ssl-version()
perm(), perm()
persist-name(), persist-name(), persist-name()
persist_only, use-dns(), use-dns(), use-dns(), Using name resolution in syslog-ng
pid, null()
PID, Hard vs. soft macros
pipe, pipe: Collecting messages from named pipes, pipe() source options, pipe: Sending messages to named pipes, Multithreading concepts of syslog-ng OSE, Multithreading concepts of syslog-ng OSE
pipe(), flags(), flags(), flags(), pipe: Collecting messages from named pipes, pipe: Collecting messages from named pipes, pipe() source options, flags(), optional(), flags(), optional(), flags(), optional(), flags(), flags(), optional(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), pipe: Sending messages to named pipes, pipe() destination options, mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), flags()
pkcs12-file(), pkcs12-file(), pkcs12-file()
poll(), follow-freq(), follow-freq(), follow-freq(), follow-freq(), follow-freq(), time-sleep() (DEPRECATED)
port(), tcp(), tcp6(), udp() and udp6() source options — OBSOLETE, Client modes, client-mode(), Client modes, elasticsearch2: Sending messages directly to Elasticsearch version 2.0 or higher, client-mode(), smtp: Generating SMTP messages (e-mail) from logs, tcp(), tcp6(), udp(), and udp6() destination options
prefix, The Cisco Parser
prefix(), Parsing key=value pairs, extract-stray-words-into(), The JSON parser, prefix()
PRI, BSD-syslog or legacy-syslog messages, IETF-syslog messages, Hard vs. soft macros
PRIORITY, Hard vs. soft macros
processed, Statistics of syslog-ng, Statistics of syslog-ng
program, program: Receiving messages from external applications, program() source options, program: Sending messages to external applications, mark-mode()
PROGRAM, Hard vs. soft macros
program(), program: Receiving messages from external applications, inherit-environment(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), program: Sending messages to external applications, program() destination options, inherit-environment(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), Splunk: Sending log messages to Splunk, mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), Using disk-based and memory buffering, Enabling reliable disk-based buffering, Enabling normal disk-based buffering, Using wildcards, special characters, and regular expressions in filters, mark-mode(), mark-mode(), mark-mode(), mark-mode(), Optimizing regular expressions, External actions
program-override(), log-prefix() (DEPRECATED), log-prefix() (DEPRECATED), log-prefix() (DEPRECATED), log-prefix() (DEPRECATED), log-prefix() (DEPRECATED), log-prefix() (DEPRECATED)
properties-file, How syslog-ng OSE interacts with Apache Kafka
proto-template, ts-format(), ts-format(), ts-format(), ts-format(), ts-format(), ts-format(), ts-format(), ts-format(), ts-format(), ts-format(), ts-format(), ts-format()
pseudofile(), pseudofile(), pseudofile() destination options
p_apache_parser, Using channels in configuration objects

R

RCPTID, Hard vs. soft macros
read-old-records(), Version 3.11 - 3.12
recursive, recursive()
recv-time-zone(), Timezones and daylight saving, A note on timezones and timestamps
redis, redis: Storing name-value pairs in Redis
redis(), redis: Storing name-value pairs in Redis, redis: Storing name-value pairs in Redis, redis() destination options, redis() destination options, redis() destination options, Using disk-based and memory buffering, Enabling reliable disk-based buffering, Enabling normal disk-based buffering
rekey(), value-pairs(), value-pairs(), value-pairs(), value-pairs()
relay-hostname-resolved-on-the-server, chain-hostnames()
reliable(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), disk-buffer(), Using disk-based and memory buffering, Using disk-based and memory buffering, Using disk-based and memory buffering
replace(), value-pairs()
reply-to(), reply-to()
resource(), Client modes, Elasticsearch destination options, client-mode(), Client modes, Elasticsearch2 destination options, client-mode()
retries, Version 3.5 - 3.6, retries(), retries(), retries(), retries(), retries(), retries(), retries(), retries(), retries(), retries(), retries(), retries(), retries()
retries(), How syslog-ng OSE interacts with Elasticsearch, flush-limit(), How syslog-ng OSE interacts with Elasticsearch, flush-limit(), hdfs: Storing messages on the Hadoop Distributed File System (HDFS), sync-send(), flush-lines()
rewrite, The syslog-ng OSE configuration file, Reusing configuration blocks, Managing complex syslog-ng configurations, syslog-ng.conf
rfc3164, value-pairs()
rfc5424, value-pairs()
riemann, riemann: Monitoring your data with Riemann
riemann(), riemann: Monitoring your data with Riemann, riemann: Monitoring your data with Riemann, riemann() destination options, flush-lines(), Using disk-based and memory buffering, Enabling reliable disk-based buffering, Enabling normal disk-based buffering
root, Reusing configuration blocks, Managing complex syslog-ng configurations
routing-key(), amqp: Publishing messages using AMQP
R_UNIXTIME, A note on timezones and timestamps

S

safe-background, syslog-ng
safe-mode(), mongodb: Storing messages in a MongoDB database, safe-mode() (DEPRECATED)
sanitize-utf8, flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags()
scope(), Structuring macros, metadata, and other value-pairs, value-pairs(), value-pairs(), value-pairs(), value-pairs(), Correlating messages using the grouping-by() parser, Correlating messages using the grouping-by() parser
SDATA, Hard vs. soft macros
SEC, Date-related macros, Hard vs. soft macros
selected-macros, value-pairs()
selector(), Options add-contextual-data(), selector()
send-time-zone(), Timezones and daylight saving
sender(), from()
SEQNUM, Hard vs. soft macros
server(), Client modes, client-mode(), client-mode(), client-mode(), cluster-url(), Client modes, Client modes, Client modes, elasticsearch2: Sending messages directly to Elasticsearch version 2.0 or higher, client-mode(), client-mode(), client-mode(), cluster-url(), server(), mongodb: Storing messages in a MongoDB database
server-hostname, chain-hostnames()
servers(), mongodb: Storing messages in a MongoDB database, mongodb: Storing messages in a MongoDB database, mongodb: Storing messages in a MongoDB database, mongodb: Storing messages in a MongoDB database, path() (DEPRECATED), servers() (DEPRECATED)
set(), Version 3.7 - 3.8, Setting message fields to specific values
set-message-macro(), set-message-macro()
silently-drop-message, on-error(), on-error(), on-error(), on-error(), on-error(), on-error(), on-error()
silently-drop-property, on-error(), on-error(), on-error(), on-error(), on-error(), on-error(), on-error()
silently-fallback-to-string, on-error(), on-error(), on-error(), on-error(), on-error(), on-error(), on-error()
smtp, smtp: Generating SMTP messages (e-mail) from logs
smtp(), Installing syslog-ng, smtp: Generating SMTP messages (e-mail) from logs, smtp: Generating SMTP messages (e-mail) from logs, smtp: Generating SMTP messages (e-mail) from logs, smtp: Generating SMTP messages (e-mail) from logs, smtp() destination options, Using disk-based and memory buffering, Enabling reliable disk-based buffering, Enabling normal disk-based buffering
snmp(), Using disk-based and memory buffering, Enabling reliable disk-based buffering, Enabling normal disk-based buffering
snmptrap, snmptrap: Read Net-SNMP traps
snmptrap(), snmptrap: Read Net-SNMP traps, snmptrap: Read Net-SNMP traps, snmptrap: Read Net-SNMP traps, snmptrap() source options, set-message-macro()
so-rcvbuf(), so-rcvbuf(), transport(), syslog: Collecting messages using the IETF syslog protocol (syslog() driver), so-rcvbuf(), transport(), system: Collecting the system-specific log messages of a platform, so-rcvbuf(), Possible causes of losing log messages, Handling large message load
SOCK_DGRAM, How sources work, How sources work, How sources work, How sources work, How sources work, unix-stream, unix-dgram: Collecting messages from UNIX domain sockets, unix-stream, unix-dgram: Collecting messages from UNIX domain sockets, Sending and storing log messages — destinations and destination drivers, unix-stream, unix-dgram: Sending messages to UNIX domain sockets, unix-stream() and unix-dgram() destination options, syslog-ng.conf, syslog-ng.conf
SOCK_STREAM, How sources work, How sources work, How sources work, unix-stream, unix-dgram: Collecting messages from UNIX domain sockets, unix-stream, unix-dgram: Collecting messages from UNIX domain sockets, Sending and storing log messages — destinations and destination drivers, unix-stream, unix-dgram: Sending messages to UNIX domain sockets, unix-stream() and unix-dgram() destination options, syslog-ng.conf, syslog-ng.conf
source, The syslog-ng OSE configuration file, Reusing configuration blocks, Managing complex syslog-ng configurations, syslog-ng.conf
SOURCE, Hard vs. soft macros
source(), Using embedded log statements
SOURCEIP, Hard vs. soft macros
SO_BROADCAST, so-broadcast(), so-broadcast(), so-broadcast(), so-broadcast(), so-broadcast()
spoof-source(), How relaying log messages works
sql, sql: Storing messages in an SQL database, Multithreading concepts of syslog-ng OSE
sql(), Sending and storing log messages — destinations and destination drivers, sql: Storing messages in an SQL database, Using the sql() driver with an Oracle database, sql() destination options, flags(), flags(), Using disk-based and memory buffering, Enabling reliable disk-based buffering, Enabling normal disk-based buffering, syslog-ng.conf
ssl-options, ssl-options()
ssl-options(), Version 3.6 - 3.7
ssl-version(), ca-dir(), ca-file(), cert-file(), cipher-suite(), key-file(), peer-verify(), ssl-version()
sslv2, ssl-version()
sslv3, ssl-version()
STAMP, ts-format(), Date-related macros, Hard vs. soft macros
stamp, Statistics of syslog-ng
stats-level(), Statistics of syslog-ng, Statistics of syslog-ng
stats-lifetime(), Version 3.5 - 3.6
stdin, program: Sending messages to external applications, program() destination options
stomp, stomp: Publishing messages using STOMP
stomp(), Structuring macros, metadata, and other value-pairs, stomp: Publishing messages using STOMP, stomp: Publishing messages using STOMP, stomp: Publishing messages using STOMP, stomp() destination options, stomp() destination options, stomp() destination options, Using disk-based and memory buffering, Enabling reliable disk-based buffering, Enabling normal disk-based buffering
store-matches, Replacing message parts
stored, Statistics of syslog-ng
STREAMS, How sources work, How sources work, How sources work, sun-streams: Collecting messages on Sun Solaris, syslog-ng.conf
string, Specifying data types in value-pairs
strip-whitespace, flags()
strip-whitespaces, strip-whitespaces
strip-whitespaces(), The XML parser
STRUCTURED-DATA, IETF-syslog messages
subject(), smtp: Generating SMTP messages (e-mail) from logs, subject()
subject_alt_name, Encrypting log messages with TLS, Encrypting log messages with TLS, Mutual authentication using TLS
sun-streams, sun-streams: Collecting messages on Sun Solaris
sun-streams(), sun-streams: Collecting messages on Sun Solaris, sun-streams: Collecting messages on Sun Solaris, sun-streams() source options
supervising syslog-ng, syslog-ng
suppress(), Statistics of syslog-ng
suppressed, Statistics of syslog-ng
sync-send, sync-send()
syslog, flags(), flags(), flags(), flags(), flags(), flags(), flags(), syslog: Collecting messages using the IETF syslog protocol (syslog() driver), flags(), flags(), flags(), flags(), flags(), flags(), flags(), syslog: Sending messages to a remote logserver using the IETF-syslog protocol, syslog: Sending messages to a remote logserver using the IETF-syslog protocol, flags(), flags(), Parsers and segmenting structured messages, flags(), Multithreading concepts of syslog-ng OSE
syslog(), Things to consider when forwarding messages between syslog-ng OSE hosts, The syslog-ng OSE quick-start guide, network: Collecting messages using the RFC3164 protocol (network() driver), ip-protocol(), syslog: Collecting messages using the IETF syslog protocol (syslog() driver), syslog: Collecting messages using the IETF syslog protocol (syslog() driver), syslog() source options, ip-protocol(), ts-format(), ts-format(), mark-mode(), mark-mode(), mark-mode(), ts-format(), ts-format(), ts-format(), ip-protocol(), mark-mode(), mark-mode(), mark-mode(), ts-format(), mark-mode(), mark-mode(), mark-mode(), ts-format(), mark-mode(), mark-mode(), mark-mode(), ts-format(), syslog: Sending messages to a remote logserver using the IETF-syslog protocol, syslog() destination options, ip-protocol(), mark-mode(), mark-mode(), mark-mode(), ts-format(), mark-mode(), mark-mode(), mark-mode(), ts-format(), Using disk-based and memory buffering, Enabling reliable disk-based buffering, Enabling normal disk-based buffering, mark-mode(), mark-mode(), mark-mode(), ts-format(), Secure logging using TLS, Encrypting log messages with TLS, Encrypting log messages with TLS, Encrypting log messages with TLS, Encrypting log messages with TLS, Mutual authentication using TLS, Mutual authentication using TLS, Mutual authentication using TLS, TLS options, ts-format(), The XML parser, Glossary
syslog(transport(tcp)), Things to consider when forwarding messages between syslog-ng OSE hosts
syslog(transport(tls)), Things to consider when forwarding messages between syslog-ng OSE hosts
syslog(transport(udp)), Things to consider when forwarding messages between syslog-ng OSE hosts
syslog-ng-relay, How relaying log messages works, How relaying log messages works, How relaying log messages works, How relaying log messages works, How relaying log messages works, How relaying log messages works
syslog-ng-server, How relaying log messages works, How relaying log messages works
syslog-parser, Parsing syslog messages, Parsing syslog messages, Parsing syslog messages, Parsing syslog messages, Options of syslog-parser parsers
syslog-proto, value-pairs(), loggen
syslog-protocol, flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), flags(), network: Sending messages to a remote log server using the RFC3164 protocol (network() driver), flags(), flags(), flags(), flags(), flags(), flags()
syslogd, How sources work, How sources work, sun-streams: Collecting messages on Sun Solaris, unix-stream, unix-dgram: Collecting messages from UNIX domain sockets, template(), template(), template(), template(), template(), template(), template(), template(), template(), template()
system, system: Collecting the system-specific log messages of a platform
system(), Version 3.12 - 3.13, What is new in syslog-ng Open Source Edition 3.13?, sun-streams: Collecting messages on Sun Solaris, system: Collecting the system-specific log messages of a platform, system: Collecting the system-specific log messages of a platform, system: Collecting the system-specific log messages of a platform, system: Collecting the system-specific log messages of a platform, system: Collecting the system-specific log messages of a platform, system: Collecting the system-specific log messages of a platform, UNIX credentials and other metadata, loggly: Using Loggly, logmatic: Using Logmatic.io
systemd-journal, systemd-journal: Collecting messages from the systemd-journal system log storage
systemd-journal(), Version 3.11 - 3.12, system: Collecting the system-specific log messages of a platform, systemd-journal: Collecting messages from the systemd-journal system log storage, systemd-journal: Collecting messages from the systemd-journal system log storage, systemd-journal: Collecting messages from the systemd-journal system log storage, systemd-journal() source options
systemd-syslog, systemd-syslog: Collecting systemd messages using a socket
systemd-syslog(), systemd-syslog: Collecting systemd messages using a socket
s_apache, Using channels in configuration objects
S_UNIXTIME, A note on timezones and timestamps

T

table, sql: Storing messages in an SQL database
table(), sql: Storing messages in an SQL database
TAG, Hard vs. soft macros
TAGS, Hard vs. soft macros
tags(), Message representation in syslog-ng OSE, tags(), Tagging messages, tags(), tags(), Using parser results in filters and templates, Using parser results in filters and templates
tcp, flags(), listen-backlog(), flags(), listen-backlog(), tcp, tcp6, udp, udp6: Collecting messages from remote hosts using the BSD syslog protocol, listen-backlog(), syslog: Sending messages to a remote logserver using the IETF-syslog protocol, tcp, tcp6, udp, udp6: Sending messages to a remote log server using the legacy BSD-syslog protocol (tcp(), udp() drivers), Multithreading concepts of syslog-ng OSE, Multithreading concepts of syslog-ng OSE, Optimizing multithreaded performance
tcp(), Version 3.6 - 3.7, Things to consider when forwarding messages between syslog-ng OSE hosts, tcp, tcp6, udp, udp6: Collecting messages from remote hosts using the BSD syslog protocol, tcp, tcp6, udp, udp6: Collecting messages from remote hosts using the BSD syslog protocol, tcp(), tcp6(), udp() and udp6() source options — OBSOLETE, tcp(), tcp6(), udp() and udp6() source options — OBSOLETE, tcp(), tcp6(), udp() and udp6() source options — OBSOLETE, loggly: Using Loggly, loggly() destination options, logmatic: Using Logmatic.io, logmatic() destination options, tcp, tcp6, udp, udp6: Sending messages to a remote log server using the legacy BSD-syslog protocol (tcp(), udp() drivers), tcp, tcp6, udp, udp6: Sending messages to a remote log server using the legacy BSD-syslog protocol (tcp(), udp() drivers), tcp(), tcp6(), udp(), and udp6() destination options, tcp(), tcp6(), udp(), and udp6() destination options, tcp(), tcp6(), udp(), and udp6() destination options, Using disk-based and memory buffering, Enabling reliable disk-based buffering, Enabling normal disk-based buffering
tcp-keepalive-intvl(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time()
tcp-keepalive-probes(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time()
tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time()
tcp-keepalive-time() + tcp-keepalive-intvl() * tcp-keepalive-probes(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time()
tcp6, tcp, tcp6, udp, udp6: Collecting messages from remote hosts using the BSD syslog protocol, tcp, tcp6, udp, udp6: Sending messages to a remote log server using the legacy BSD-syslog protocol (tcp(), udp() drivers)
tcp6(), Version 3.6 - 3.7, tcp, tcp6, udp, udp6: Collecting messages from remote hosts using the BSD syslog protocol, tcp, tcp6, udp, udp6: Collecting messages from remote hosts using the BSD syslog protocol, tcp(), tcp6(), udp() and udp6() source options — OBSOLETE, tcp(), tcp6(), udp() and udp6() source options — OBSOLETE, tcp(), tcp6(), udp() and udp6() source options — OBSOLETE, tcp, tcp6, udp, udp6: Sending messages to a remote log server using the legacy BSD-syslog protocol (tcp(), udp() drivers), tcp, tcp6, udp, udp6: Sending messages to a remote log server using the legacy BSD-syslog protocol (tcp(), udp() drivers), tcp(), tcp6(), udp(), and udp6() destination options, tcp(), tcp6(), udp(), and udp6() destination options, tcp(), tcp6(), udp(), and udp6() destination options, Using disk-based and memory buffering, Enabling reliable disk-based buffering, Enabling normal disk-based buffering
TCP_KEEPCNT, tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time()
TCP_KEEPIDLE, tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time()
TCP_KEEPINTVL, tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time(), tcp-keepalive-intvl(), tcp-keepalive-probes(), tcp-keepalive-time()
template, The syslog-ng OSE configuration file, syslog-ng.conf
template(), The JSON parser, The XML parser, The Linux Audit Parser
template-escape(), Templates and macros, Templates and macros
threaded, flags(), flags(), flags(), Configuring multithreading
threaded(), Multithreading concepts of syslog-ng OSE, Multithreading concepts of syslog-ng OSE, Multithreading concepts of syslog-ng OSE
throttle, Version 3.5 - 3.6, Possible causes of losing log messages
Thu, WEEK_DAY_ABBREV, C_WEEK_DAY_ABBREV, R_WEEK_DAY_ABBREV, S_WEEK_DAY_ABBREV
time-reap(), file: Storing messages in plain-text files
time-reopen(), How syslog-ng OSE interacts with Elasticsearch, How syslog-ng OSE interacts with Elasticsearch, hdfs: Storing messages on the Hadoop Distributed File System (HDFS), The way syslog-ng interacts with the database, The way syslog-ng interacts with the database, The way syslog-ng interacts with the database
time-stamp(recvd), Parsing dates and timestamps
time-zone(), Timezones and daylight saving, Timezones and daylight saving, Compiling options of syslog-ng OSE, Date-related macros, time-zone()
timeout(), Correlating messages using the grouping-by() parser
tls, flags(), listen-backlog(), flags(), listen-backlog(), listen-backlog(), syslog: Sending messages to a remote logserver using the IETF-syslog protocol
tls(), Version 3.12 - 3.13, What is new in syslog-ng Open Source Edition 3.13?, ca-file(), cert-file(), key-file(), peer-verify(), ca-dir(), ca-file(), cert-file(), cipher-suite(), key-file(), peer-verify(), ssl-version(), type(), Encrypting log messages with TLS, Mutual authentication using TLS, Mutual authentication using TLS, TLS options
tlsv1, ssl-version()
tlsv1_0, ssl-version()
tlsv1_1, ssl-version()
tlsv1_2, ssl-version()
to(), smtp: Generating SMTP messages (e-mail) from logs, to()
topic(), Kafka destination options
transport(tls), TLS options
trigger, Attributes
trigger(), Correlating messages using the grouping-by() parser
trusted-dn(), trusted-keys(), trusted-keys()
trusted-keys(), trusted-keys(), trusted-keys(), trusted-keys()
ts-format(), The HEADER message part, The HEADER message part, ts-format(), ts-format(), ts-format(), ts-format(), ts-format(), ts-format(), ts-format(), ts-format(), ts-format(), ts-format(), STAMP, R_STAMP, S_STAMP, ts-format()
type(), Elasticsearch destination options, Elasticsearch2 destination options, type(), sql: Storing messages in an SQL database, Using wildcards, special characters, and regular expressions in filters, Using wildcards, special characters, and regular expressions in filters, Replacing message parts, Types and options of regular expressions, pcre
TZ, Date-related macros, Hard vs. soft macros
TZOFFSET, Date-related macros, Hard vs. soft macros
tztab, Compiling options of syslog-ng OSE

U

udp, ip() or localip(), ip() or localip(), ip() or localip(), tcp, tcp6, udp, udp6: Collecting messages from remote hosts using the BSD syslog protocol, syslog: Sending messages to a remote logserver using the IETF-syslog protocol, tcp, tcp6, udp, udp6: Sending messages to a remote log server using the legacy BSD-syslog protocol (tcp(), udp() drivers), Using disk-based and memory buffering, Enabling reliable disk-based buffering, Enabling normal disk-based buffering, Multithreading concepts of syslog-ng OSE
udp(), Version 3.6 - 3.7, Things to consider when forwarding messages between syslog-ng OSE hosts, tcp, tcp6, udp, udp6: Collecting messages from remote hosts using the BSD syslog protocol, tcp, tcp6, udp, udp6: Collecting messages from remote hosts using the BSD syslog protocol, tcp(), tcp6(), udp() and udp6() source options — OBSOLETE, tcp(), tcp6(), udp() and udp6() source options — OBSOLETE, tcp(), tcp6(), udp() and udp6() source options — OBSOLETE, tcp, tcp6, udp, udp6: Sending messages to a remote log server using the legacy BSD-syslog protocol (tcp(), udp() drivers), tcp, tcp6, udp, udp6: Sending messages to a remote log server using the legacy BSD-syslog protocol (tcp(), udp() drivers), tcp(), tcp6(), udp(), and udp6() destination options, tcp(), tcp6(), udp(), and udp6() destination options, tcp(), tcp6(), udp(), and udp6() destination options
udp6, tcp, tcp6, udp, udp6: Collecting messages from remote hosts using the BSD syslog protocol, tcp, tcp6, udp, udp6: Sending messages to a remote log server using the legacy BSD-syslog protocol (tcp(), udp() drivers)
udp6(), Version 3.6 - 3.7, tcp, tcp6, udp, udp6: Collecting messages from remote hosts using the BSD syslog protocol, tcp, tcp6, udp, udp6: Collecting messages from remote hosts using the BSD syslog protocol, tcp(), tcp6(), udp() and udp6() source options — OBSOLETE, tcp(), tcp6(), udp() and udp6() source options — OBSOLETE, tcp(), tcp6(), udp() and udp6() source options — OBSOLETE, tcp, tcp6, udp, udp6: Sending messages to a remote log server using the legacy BSD-syslog protocol (tcp(), udp() drivers), tcp, tcp6, udp, udp6: Sending messages to a remote log server using the legacy BSD-syslog protocol (tcp(), udp() drivers), tcp(), tcp6(), udp(), and udp6() destination options, tcp(), tcp6(), udp(), and udp6() destination options, tcp(), tcp6(), udp(), and udp6() destination options
ulimit, file() destination options
unicode, pcre
unix-dgram, How sources work, optional(), optional(), optional(), unix-stream, unix-dgram: Collecting messages from UNIX domain sockets, optional(), unix-stream, unix-dgram: Sending messages to UNIX domain sockets, Possible causes of losing log messages
unix-dgram(), unix-stream, unix-dgram: Collecting messages from UNIX domain sockets, UNIX credentials and other metadata, unix-stream() and unix-dgram() source options, keep-alive(), max-connections(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), unix-stream, unix-dgram: Sending messages to UNIX domain sockets, unix-stream() and unix-dgram() destination options, mark-mode(), mark-mode(), mark-mode(), mark-mode(), Using disk-based and memory buffering, Enabling reliable disk-based buffering, Enabling normal disk-based buffering, mark-mode(), mark-mode(), mark-mode(), mark-mode()
unix-stream, How sources work, listen-backlog(), optional(), optional(), optional(), listen-backlog(), unix-stream, unix-dgram: Collecting messages from UNIX domain sockets, listen-backlog(), optional(), unix-stream, unix-dgram: Sending messages to UNIX domain sockets, Possible causes of losing log messages
unix-stream(), The syslog-ng OSE configuration file, unix-stream, unix-dgram: Collecting messages from UNIX domain sockets, UNIX credentials and other metadata, unix-stream() and unix-dgram() source options, mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), mark-mode(), unix-stream, unix-dgram: Sending messages to UNIX domain sockets, unix-stream() and unix-dgram() destination options, mark-mode(), mark-mode(), mark-mode(), mark-mode(), Using disk-based and memory buffering, Enabling reliable disk-based buffering, Enabling normal disk-based buffering, mark-mode(), mark-mode(), mark-mode(), mark-mode(), syslog-ng.conf
UNIXTIME, Date-related macros, Hard vs. soft macros
unknown, Using parser results in filters and templates
uri(), database() (DEPRECATED), password() (DEPRECATED), path() (DEPRECATED), safe-mode() (DEPRECATED), servers() (DEPRECATED), username() (DEPRECATED)
url(), HTTP destination options
use-dns(), How relaying log messages works, keep-hostname(), keep-hostname(), keep-hostname(), FULLHOST, FULLHOST_FROM, FULLHOST_FROM, HOST, HOST_FROM, HOST_FROM, Using name resolution in syslog-ng
use-fqdn(), FULLHOST, FULLHOST_FROM, HOST, HOST_FROM
use-rcptid, use-rcptid() , RCPTID
use-uniqid(), custom-id(), custom-id()
USEC, Date-related macros
user, wildcard-file: Collecting messages from multiple text files
user@example.com, @EMAIL@, @EMAIL@, @EMAIL@
useracct, pdbtool
username, Version 3.5 - 3.6
usertty, usertty: Sending messages to a user terminal — usertty() destination
usertty(), usertty: Sending messages to a user terminal — usertty() destination, Handling large message load

X

xml(), The XML parser
xmllint, The XML parser
xml_parser, The XML parser
xx:xx:xx:..., @LLADDR@