Avoid logging in /var/log/syslog only using /etc/syslog-ng/conf.d/
Solution 1:
in syslog-ng, the log paths determine what happens with the messages.
By default, every log path receives every message from the sources included in the log path, and syslog-ng processes every log path in the order they appear in the configuration file.
You can use the flags() option in the log path to change this behavior (for details, see syslog-ng log flags).
To process your messages only in a specific log path, you have to:
-
use the final flag in the log path
log { source(s_src); filter(f_myapp); destination(d_myapp); flags(final) };
-
Make sure that in your syslog-ng.conf file, this is the first log path that processes this message. You probably have a line like this in your syslog-ng.conf configuration file:
@include "/etc/syslog-ng/conf.d/*.conf"
Make sure that this appears before the other log paths. (If you have other files in the conf.d directory, this can interfere with the other files, in this case move the myapp.conf file somewhere else, and include only this file at the top.)