Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Syslog-ng remote logging only (without saving anything to local files)

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 2 Posters 539 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      limos
      last edited by

      Hi all,

      we are just making setup to send all logs from pfsense device to remote syslog server using TCP.
      Because standard syslog package does not support TCP, we use syslog-ng and forward all logs there.
      Next, there is an remote destination defined to log to external syslog server using TCP.

      Everything work as it should, but unfortunately, there is no way how to clearly disable file logging in syslog-ng.
      We can change filename and path, but we cannot disable it. Moreover, DEFAULT objects defined are not configurable because they are generated automatically.

      We did a workaround so /var/syslog-ng/default.log is pointing to /dev/null by symlink but this is not "nice" solution.
      Is there any way how to clearly disable all file logging via web interface? If not, this would be very useful feature request.
      Of course I can create feature request, I just wanted to discuss on forum first.

      Thank you
      Lukas

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        I have done this before by just creating custom objects for all the required stages and ignoring the default objects. Then you can do whatever you want.

        Steve

        L 1 Reply Last reply Reply Quote 0
        • L
          limos @stephenw10
          last edited by

          @stephenw10 This does not seems to be so easy. We have created custom objects for logging. But default log object looks like this and it cannot be edited/deleted. So it is still used and I did not find way how to just "ignore" it.

          b6cc4654-282a-4b3a-884c-8cdf2de6fd5a-image.png

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            Mmm, but you can set the default source to a non used port for example it won't ever log anything. Just use your custom source on the real port.
            Or just use a non standard port to send traffic to your custom source.

            Steve

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.