This may apply to more than just FreeBSD, but it’s been tested and working on FreeBSD. I wanted to keep the syslogd locked down while letting HAProxy still log. All the example configurations I could find use a network interface to syslogd, which I have completely disabled. So this details using a local socket (which isn’t all that much different).
In /etc/syslogd.conf add the log declaration
Either need to “touch /var/log/haproxy.log” or add the -C for start parameters to /etc/rc.conf
syslogd_enable="YES" syslogd_flags="-ss -C"
The “-ss” flags means completely disable networking.
Now last but not least the changes for “haproxy.conf” I want to log all notice and above messages, no matter which frontend/backend it comes from and I don’t care about successful connections.
global log /var/run/log local0 notice defaults global log option tcplog option dontlog-normal
There are plenty of more options and ways to control haproxy logging. You can find documentation here