Syslog-ng remote logging only (without saving anything to local files)
-
Hi all,
we are just making setup to send all logs from pfsense device to remote syslog server using TCP.
Because standard syslog package does not support TCP, we use syslog-ng and forward all logs there.
Next, there is an remote destination defined to log to external syslog server using TCP.Everything work as it should, but unfortunately, there is no way how to clearly disable file logging in syslog-ng.
We can change filename and path, but we cannot disable it. Moreover, DEFAULT objects defined are not configurable because they are generated automatically.We did a workaround so /var/syslog-ng/default.log is pointing to /dev/null by symlink but this is not "nice" solution.
Is there any way how to clearly disable all file logging via web interface? If not, this would be very useful feature request.
Of course I can create feature request, I just wanted to discuss on forum first.Thank you
Lukas -
I have done this before by just creating custom objects for all the required stages and ignoring the default objects. Then you can do whatever you want.
Steve
-
@stephenw10 This does not seems to be so easy. We have created custom objects for logging. But default log object looks like this and it cannot be edited/deleted. So it is still used and I did not find way how to just "ignore" it.
-
Mmm, but you can set the default source to a non used port for example it won't ever log anything. Just use your custom source on the real port.
Or just use a non standard port to send traffic to your custom source.Steve