The syslog-ng application runs as a daemon process and collects information from various log sources. Depending on the options and filters configured, syslog-ng saves the received log entries to the specified destinations. The configuration of syslog-ng mainly consists of configuring its components correctly.

The components of syslog-ng are the following:

The syslog-ng configuration is stored in a text-based configuration file that is typically the /etc/syslog-ng/syslog-ng.conf file. MC hides the exact structure of this configuration file and takes care of the correct syntax, allowing you to concentrate on the actual configuration tasks. Still, because syslog-ng is present in ever more Linux/Unix distributions, it can be beneficial to know the syntax and contents of this configuration file too. In addition, syslog-ng allows for centralized logging from machines not necessarily under the control of MS. In this case configuring syslog-ng means manually editing the corresponding configuration file.

The syslog-ng.conf file has a C-like syntax with curly braces ({}) separating integral code parts and with semicolons (;) for closing expressions. Comments begin with hashmark (#).