Syslog-ng smtp destination

curtisgrice

I am working through the guides at balabit.com and it seems the SMTP is not enabled. Can anyone verify this is the case? Or am I missing something?

I am on pfSense 2.3.2_p1 with syslog-ng 1.13.2 (syslog-ng-3.7.3_7).

My end goal is to email certain log entries from the firewall and Snort. We need and easy to setup (from internal base pfSense config) so no hacking at config files or custom/shoe horned packages.  :P

syslog-ng.confg

# This file is automatically generated by pfSense
# Do not edit manually !
@version:3.7
destination _DEFAULT { file("/var/syslog-ng/default.log"); };
destination d_smtp {
    smtp(
        host("mail.contoso.com")
        port(25)
        from("syslog-ng alert service" "pf-RTR@contoso.com")
        to("Admin" "Admin@contoso.com")
        subject("[ALERT] Important log message of $LEVEL condition received from $HOST/$PROGRAM!")
        body("Alert")
    );
};

log { source(_DEFAULT); destination(_DEFAULT); };
source _DEFAULT { internal(); syslog(transport(udp) port(5140) ip(10.50.30.5) ip(127.0.0.1)); };

doktornotor

$ pkg info syslog-ng
syslog-ng-3.7.3_7
Name           : syslog-ng
Version        : 3.7.3_7
Installed on   : Thu Nov 24 14:07:51 2016 CET
Origin         : sysutils/syslog-ng
Architecture   : freebsd:10:x86:64
Prefix         : /usr/local
Categories     : sysutils
Licenses       :
Maintainer     : cy@FreeBSD.org
WWW            : UNKNOWN
Comment        : Powerful syslogd replacement
Options        :
        DOCS           : off
        GEOIP          : off
        IPV6           : on
        JAVA           : off
        JSON           : on
        MONGO          : off
        PYTHON         : off
        REDIS          : off
        SMTP           : off
        SPOOF          : off
        SQL            : off
        TCP_WRAPPERS   : off

curtisgrice

Thanks!