Looks like you are on the right track. Below is a copy/paste from my syslog.conf file.
NOTE: local2.none in second part. This keeps local2 events from logging in both files.
# Firewall logs at local2
# Log anything (except mail,local2) of level info
# or higher. Don't log private authentication messages!
Obviously, the above requires the device sending log events to be configured to log at facility local2.