Logging rules are called Routers in syslog-ng terminology. Rules consist of a source, optionally a filter and a destination. The System logging
component represents this philosophy well.
Just like sources, destinations and filters, more than one router can be present in the system. If you use several routers, it is recommended to apply a good naming strategy to easily identify the relevant log rules.
There are virtually endless possibilities for configuring a complex system logging architecture with syslog-ng. This chapter focused only on the basic concept and provided an architecture view including not only PNS and the MS host nodes, but presenting as well that the syslog-ng architecture can also include practically Unix/Linux machines.
For further information and details, see The syslog-ng Administrator Guide.
© 2021 BalaSys IT Security.
Send your comments to support@balasys.hu