create a default catch-all config

Dockerfile

@@ -1,7 +1,7 @@
 FROM debian:latest
 MAINTAINER Kameron Kenny <kkenny379@gmail.com>
 
-LABEL version="20240619.1.2"
+LABEL version="20240619.1.3"
 LABEL description="Debian Based syslog-ng"
 
 RUN apt-get update

config/syslog-ng.conf

@@ -15,25 +15,4 @@ destination d_local {
   file("/var/log/messages-kv.log" template("$ISODATE $HOST $(format-welf --scope all-nv-pairs)\n") frac-digits(3));
 };
 
-destination d_syslog_ng_es {
-  elasticsearch-http(
-    index("syslog-ng")
-    type("")
-    user("elastic")
-    password("forty6and2")
-    url("http://pi501.in.thelinuxpro.net:9200/_bulk")
-    template("$(format-json --scope rfc5424 --scope dot-nv-pairs
-    --rekey .* --shift 1 --scope nv-pairs
-    --exclude DATE @timestamp=${ISODATE})")
-    persist-name("d_syslog_ng_es")
-  );
-};
-
-log {
-  source(s_local);
-  source(s_network_tcp);
-  source(s_network_udp);
-  destination(d_syslog_ng_es);
-};
-
 @include "/config/syslog-ng.conf.d/*.conf"

config/syslog-ng.conf.d/zzz-catch-all.conf

@@ -0,0 +1,20 @@
+destination d_syslog_ng_es {
+  elasticsearch-http(
+    index("syslog-ng")
+    type("")
+    user("elastic")
+    password("forty6and2")
+    url("http://pi501.in.thelinuxpro.net:9200/_bulk")
+    template("$(format-json --scope rfc5424 --scope dot-nv-pairs
+    --rekey .* --shift 1 --scope nv-pairs
+    --exclude DATE @timestamp=${ISODATE})")
+    persist-name("d_syslog_ng_es")
+  );
+};
+
+log {
+  source(s_local);
+  source(s_network_tcp);
+  source(s_network_udp);
+  destination(d_syslog_ng_es);
+};

docker-compose.yml

@@ -10,7 +10,7 @@ services:
   syslog-ng:
     build:
       dockerfile: Dockerfile
-    image: docker-registry1.in.thelinuxpro.net:5000/tlp/syslog-ng:240619.1.2
+    image: docker-registry1.in.thelinuxpro.net:5000/tlp/syslog-ng:240619.1.3
     container_name: syslog-ng
       #environment:
         #- TZ:America/Indianapolis