I would like to send postgres connection logs to the OVH Logs Data Platform service with syslog-ng. How should syslog-ng be configured to send these logs?

Currently I have the following configuration in the ldp.conf file:

source s_postgres {
file("/var/log/postgresql/postgresql-${YEAR}-${MONTH}-${DAY}_000000.log" flags(no-parse));
}

template t_postgres {
template("<${LEVEL_NUM}>1 ${ISODATE} ${HOST} ${PROGRAM} ${PID} - [sdid X-OVH-TOKEN="" pid="${PID}" facility="${FACILITY}" priority="${PRIORITY}"]$
template_escape(no);
}

d_postgres {
tcp(".logs.ovh.com"
port(12201)
tls(ca_dir("/etc/ssl/certs"))
ts_format(“rfc3339”) template(t_postgres)
keep-alive(yes)
so_keepalive(yes)
log-fifo-size(30000)
);
}

log {
source(s_postgres);
destination(d_postgres);
}

In order to log RFC 5424 syslogs to Logs Data Platform, you must use the appropriate port. The Port for RFC 5424 is 6514. You can find an example of the syslog-ng configuration at the following Official Documentation:
https://docs.ovh.com/fr/logs-data-platform/how-to-log-your-linux/

For your configuration, your are mostly interested in this part of the documentation (for syslog-ng 3.8+, note also the timestamp format).

destination ovhPaaSLogs {
network("<your_cluster>.logs.ovh.com"
port(6514),
template(ovhTemplate),
ts_format(“iso”),
transport(“tls”),
tls(peer-verify(“required-trusted”) ca_dir("/etc/ssl/certs/")),
keep-alive(yes),
so_keepalive(yes),
);
};
The documentation provides also an example Website of a working template, and other guides will give you alternatives.

Don’t hesitate do reach directly the OVH team if you need further assistance at: