tcp, tcp6, udp, udp6: OBSOLETE - Collect messages from remote hosts using the BSD syslog protocol

1: tcp(), tcp6(), udp() and udp6() source options: OBSOLETE

1.1: Change an old source driver to the network() driver

Note The tcp(), tcp6(), udp(), and udp6() drivers are obsolete. Use the network() source and the network() destination instead. For details, see network: Collect messages using the RFC3164 protocol (network() driver) and network: Send messages to a remote log server using the RFC3164 protocol (network() driver), respectively.

The tcp(), tcp6(), udp(), udp6() drivers can receive syslog messages conforming to RFC3164 from the network using the TCP and UDP networking protocols. The tcp6() and udp6() drivers use the IPv6 network protocol, while tcp() and udp() use IPv4.

To convert your existing tcp(), tcp6(), udp(), udp6() source drivers to use the network() driver, see Change an old source driver to the network() driver.

1 - tcp(), tcp6(), udp() and udp6() source options: OBSOLETE

To convert your existing tcp(), tcp6(), udp(), udp6() source drivers to use the network() driver, see Change an old source driver to the network() driver.

1.1 - Change an old source driver to the network() driver

To replace your existing tcp(), tcp6(), udp(), udp6() sources with a network() source, complete the following steps.

Replace the driver with network. For example, replace udp( with network(
Set the transport protocol.
- If you used TLS-encryption, add the transport("tls") option, then continue with the next step.
- If you used the tcp or tcp6 driver, add the transport("tcp") option.
- If you used the udp or udp driver, add the transport("udp") option.
If you use IPv6 (that is, the udp6 or tcp6 driver), add the ip-protocol(6) option.
If you did not specify the port used in the old driver, check network() source options and verify that your clients send the messages to the default port of the transport protocol you use. Otherwise, set the appropriate port number in your source using the port() option.

All other options are identical. Test your configuration with the syslog-ng --syntax-only command.

The following configuration shows a simple tcp source.

    source s_old_tcp {
        tcp(
            ip(127.0.0.1) port(1999)
            tls(
                peer-verify("required-trusted")
                key-file("/opt/syslog-ng/etc/syslog-ng/syslog-ng.key")
                cert-file('/opt/syslog-ng/etc/syslog-ng/syslog-ng.crt')
            )
        );
    };

When replaced with the network() driver, it looks like this.

    source s_new_network_tcp {
        network(
            transport("tls")
            ip(127.0.0.1) port(1999)
            tls(
                peer-verify("required-trusted")
                key-file("/opt/syslog-ng/etc/syslog-ng/syslog-ng.key")
                cert-file('/opt/syslog-ng/etc/syslog-ng/syslog-ng.crt')
            )
        );
    };