Remote logging to syslog-ng (part two)

In a previous post I explained how to configure syslog-ng to accept logs from other hosts on the network. Back then I used a filter to only write logs from a specific host to a specific destination.

While this approach works fine, it requires you to create a filter for each host. So I started looking for a different way to do this, and quickly found it can be done much simpler by using the SOURCEIP macro.



Remote logging to syslog-ng

To be able to keep some log history of my OpenWRT based router, I want to send it's output to a remote syslog server.

Fortunately I have another machine that is running 24/7, so I don't have to send it over the WAN link to one of my servers in the datacenter. My HTPC is running Gentoo Linux, and I configured syslog-ng as syslog daemon.

Now, by default, syslog-ng does not listen on the "Well Known" syslog port, so we have to configure it to do so. Start with adding a new source to syslog-ng.conf:

source syslog_udp {

We also need to configure a destination, a file in this case, where syslog-ng will write logging information received on the syslog port:

destination df_wrt0 {



