Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Testing CONF file under conf.d directory on DEV box. Uses 9999 UDP
############################################################################
### TEMPLATE
############################################################################
### Filters
# Filter desc
#filter f_testing {host("fqdnhostname") or netmask("0.0.0.0/32"); };
############################################################################
### Sources
# Multiple sources means using multiple threads, so split them up as much
# as possible!
# Don't specify an IP so we listen on all.
# Tuning: https://codeascraft.com/2012/08/13/performance-tuning-syslog-ng/
# log-fetch-limit = number of lines from source in a "chunk"
# log-iw-size = max-connections * log-fetch-limit
# log-fifo-size = log-iw-size * 20 (set globally above)
# UDP
source s_udp9999_testing {
# Default protocol is TCP, so specify UDP
network(port(9999) transport("udp") max-connections(500) log-fetch-limit(1000) log-iw-size(100000) flags(assume-utf8, syslog-protocol));
};
#############################################################################
### Destinations
#
destination d_testing {
file("/syslog/TESTING/${HOST}/${YEAR}${MONTH}${DAY}-$HOUR");
};
#############################################################################
### Logging
#
# Multiple log destinations means multi-threading!
# Log desc
log {
source (s_udp9999_testing);
# filter (f_testing);
destination(d_testing);
flags(final);
};
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.