Looks like you are on the right track. Below is a copy/paste from my syslog.conf file.
NOTE: local2.none in second part. This keeps local2 events from logging in both files.
Code:
# Firewall logs at local2
local2.* /var/log/firewall.log
# Log anything (except mail,local2) of level info
# or higher. Don't log private authentication messages!
*.info;mail.none;local2.none;authpriv.none;cron.none /var/log/messages
Obviously, the above requires the device sending log events to be configured to log at facility local2.