Provided by: syslog-ng-core_4.8.1-1_amd64 bug

NAME

       syslog-ng - syslog-ng system logger application

SYNOPSIS

       syslog-ng [options]

DESCRIPTION

       This manual page is only an abstract, for the complete documentation of syslog-ng, see The
       Administrator Guide[1] or the official syslog-ng website[2].

       The application is a flexible and highly scalable system logging application. Typically,
       syslog-ng is used to manage log messages and implement centralized logging, where the aim
       is to collect the log messages of several devices on a single, central log server. The
       different devices - called syslog-ng clients - all run syslog-ng, and collect the log
       messages from the various applications, files, and other sources. The clients send all
       important log messages to the remote syslog-ng server, where the server sorts and stores
       them.

OPTIONS

       --caps
           Run process with the specified POSIX capability flags.

           •   If the --no-caps option is not set, and the host supports CAP_SYSLOG, uses the
               following capabilities: "cap_net_bind_service, cap_net_broadcast, cap_net_raw,
               cap_dac_read_search, cap_dac_override, cap_chown, cap_fowner=p cap_syslog=ep"

           •   If the --no-caps option is not set, and the host does not support CAP_SYSLOG, uses
               the following capabilities: "cap_net_bind_service, cap_net_broadcast,
               cap_net_raw,cap_dac_read_search, cap_dac_override, cap_chown, cap_fowner=p
               cap_sys_admin=ep"

           For example:

               /usr/sbin/syslog-ng -Fv --caps cap_sys_admin,cap_chown,cap_dac_override,cap_net_bind_service,cap_fowner=pi

           Note that the capabilities are not case sensitive, the following command is also good:
            /usr/sbin/syslog-ng -Fv --caps
           CAP_SYS_ADMIN,CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_NET_BIND_SERVICE,CAP_FOWNER=pi

           For details on the capability flags, see the following man pages: cap_from_text(3) and
           capabilities(7)

       --cfgfile <file> or -f <file>
           Use the specified configuration file.

       --chroot <dir> or -C <dir>
           Change root to the specified directory. The configuration file is read after chrooting
           so, the configuration file must be available within the chroot. That way it is also
           possible to reload the syslog-ng configuration after chrooting. However, note that the
           --user and --group options are resolved before chrooting.

       --control <file>  or -c <file>
           Set the location of the syslog-ng control socket. Default value:
           /var/lib/syslog-ng/syslog-ng.ctl

       --debug or -d
           Start syslog-ng in debug mode.

       --enable-core
           Enable syslog-ng to write core files in case of a crash to help support and debugging.

       --fd-limit <number>
           Set the minimal number of required file descriptors (fd-s). This sets how many files
           syslog-ng can keep open simultaneously. Default value: 4096. Note that this does not
           override the global ulimit setting of the host.

       --foreground or -F
           Do not daemonize, run in the foreground. When running in the foreground, starts from
           the current directory ($CWD) so it can create core files (normally, starts from
           $PREFIX/var).

       --group <group> or -g <group>
           Switch to the specified group after initializing the configuration file.

       --help or -h
           Display a brief help message.

       --module-registry
           Display the list and description of the available modules. Available only in and
           later.

       --no-caps
           Run syslog-ng as root, without capability-support. This is the default behavior. On
           Linux, it is possible to run syslog-ng as non-root with capability-support if
           syslog-ng was compiled with the --enable-linux-caps option enabled. (Execute syslog-ng
           --version to display the list of enabled build parameters.)

           To run with specific capabilities, use the --caps option.

       --persist-file <persist-file> or -R <persist-file>
           Set the path and name of the syslog-ng.persist file where the persistent options and
           data are stored.

       --pidfile <pidfile> or -p <pidfile>
           Set path to the PID file where the pid of the main process is stored.

       --preprocess-into <output-file>
           After processing the configuration file and resolving included files and variables,
           write the resulting configuration into the specified output file. Available only in
           and later.

       --process-mode <mode>
           Sets how to run syslog-ng: in the foreground (mainly used for debugging), in the
           background as a daemon, or in safe-background mode. By default, syslog-ng runs in
           safe-background mode. This mode creates a supervisor process called supervising
           syslog-ng , that restarts syslog-ng if it crashes.

       --stderr or -e
           Log internal messages of syslog-ng to stderr. Mainly used for debugging purposes in
           conjunction with the --foreground option. If not specified, syslog-ng will log such
           messages to its internal source.

       --syntax-only or -s
           Verify that the configuration file is syntactically correct and exit.

       --user <user> or -u <user>
           Switch to the specified user after initializing the configuration file (and optionally
           chrooting). Note that it is not possible to reload the syslog-ng configuration if the
           specified user has no privilege to create the /dev/log file.

       --verbose or -v
           Enable verbose logging used to troubleshoot syslog-ng.

       --version or -V
           Display version number and compilation information, and also the list and short
           description of the available modules. For detailed description of the available
           modules, see the --module-registry option.

       --worker-threads
           Sets the number of worker threads can use, including the main thread. Note that
           certain operations in can use threads that are not limited by this option. This
           setting has effect only when is running in multithreaded mode. Available only in and
           later. See The 4.8 Administrator Guide for details.

FILES

       /usr/

       /etc/syslog-ng/syslog-ng.conf

SEE ALSO

       syslog-ng.conf(5)

           Note
           For the detailed documentation of see The 4.8 Administrator Guide[3]

           If you experience any problems or need help with syslog-ng, visit the syslog-ng
           mailing list[4].

           For news and notifications about of syslog-ng, visit the syslog-ng blogs[5].

AUTHOR

       This manual page was written by the Balabit Documentation Team
       <documentation@balabit.com>.

COPYRIGHT

NOTES

        1. The  Administrator Guide
           https://www.balabit.com/support/documentation/

        2. the official syslog-ng website
           https://www.balabit.com/log-management

        3. The  4.8 Administrator Guide
           https://www.balabit.com/documents/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/index.html

        4. syslog-ng mailing list
           https://lists.balabit.hu/mailman/listinfo/syslog-ng

        5. syslog-ng blogs
           https://syslog-ng.org/blogs/