filter f_martian    { facility(kern) and match('^martian source'); };
filter f_console    { level(warn) and facility(kern) and not filter(f_iptables)
                      or level(err) and not facility(authpriv)
                      and not filter(f_martian); };
destination martian { file("/var/log/martian"); };
log { source(src); filter(f_martian); destination(martian); };

kill -HUP `cat /var/run/syslog-ng.pid'

Oct 11 18:03:50 node1 syslog-ng[2153]: Configuration reload request received, reloading configuration;
Oct 11 18:03:50 node1 syslog-ng[2153]: New configuration initialized;

# egrep -v '^#|^$' syslog-ng.conf
options { long_hostnames(off); sync(0); perm(0640); stats(3600); };
source src {
	#
	# include internal syslog-ng messages
	# note: the internal() soure is required!
	#
	internal();
	#
	# the default log socket for local logging:
	#
	unix-dgram("/dev/log");
	#
	# uncomment to process log messages from network:
	#
	#udp(ip("0.0.0.0") port(514));
};
filter f_iptables   { facility(kern) and match("IN=") and match("OUT="); };
filter f_martian    { facility(kern) and match('^martian source'); };
filter f_console    { level(warn) and facility(kern) and not filter(f_iptables)
                      or level(err) and not facility(authpriv)
                      and not filter(f_martian); };
filter f_newsnotice { level(notice) and facility(news); };
filter f_newscrit   { level(crit)   and facility(news); };
filter f_newserr    { level(err)    and facility(news); };
filter f_news       { facility(news); };
filter f_mailinfo   { level(info)      and facility(mail); };
filter f_mailwarn   { level(warn)      and facility(mail); };
filter f_mailerr    { level(err, crit) and facility(mail); };
filter f_mail       { facility(mail); };
filter f_cron       { facility(cron); };
filter f_local      { facility(local0, local1, local2, local3,
                               local4, local5, local6, local7); };
filter f_acpid_full { match('^acpid:'); };
filter f_acpid      { level(emerg..notice) and match('^acpid:'); };
filter f_acpid_old  { match('^\[acpid\]:'); };
filter f_netmgm     { match('^NetworkManager:'); };
filter f_messages   { not facility(news, mail) and not filter(f_iptables); };
filter f_warn       { level(warn, err, crit) and not filter(f_iptables); };
filter f_alert      { level(alert); };
destination console  { pipe("/dev/tty10"    owner(-1) group(-1) perm(-1)); };
log { source(src); filter(f_console); destination(console); };
destination xconsole { pipe("/dev/xconsole" owner(-1) group(-1) perm(-1)); };
log { source(src); filter(f_console); destination(xconsole); };
destination newscrit   { file("/var/log/news/news.crit"
                              owner(news) group(news)); };
log { source(src); filter(f_newscrit); destination(newscrit); };
destination newserr    { file("/var/log/news/news.err"
                              owner(news) group(news)); };
log { source(src); filter(f_newserr); destination(newserr); };
destination newsnotice { file("/var/log/news/news.notice"
                              owner(news) group(news)); };
log { source(src); filter(f_newsnotice); destination(newsnotice); };
destination mailinfo { file("/var/log/mail.info"); };
log { source(src); filter(f_mailinfo); destination(mailinfo); };
destination mailwarn { file("/var/log/mail.warn"); };
log { source(src); filter(f_mailwarn); destination(mailwarn); };
destination mailerr  { file("/var/log/mail.err" fsync(yes)); };
log { source(src); filter(f_mailerr);  destination(mailerr); };
destination mail { file("/var/log/mail"); };
log { source(src); filter(f_mail); destination(mail); };
 
destination acpid { file("/var/log/acpid"); };
destination null { };
log { source(src); filter(f_acpid); destination(acpid); flags(final); };
log { source(src); filter(f_acpid_full); destination(null); flags(final); };
log { source(src); filter(f_acpid_old); destination(acpid); flags(final); };
destination netmgm { file("/var/log/NetworkManager"); };
log { source(src); filter(f_netmgm); destination(netmgm); flags(final); };
destination localmessages { file("/var/log/localmessages"); };
log { source(src); filter(f_local); destination(localmessages); };
destination messages { file("/var/log/messages"); };
log { source(src); filter(f_messages); destination(messages); };
destination firewall { file("/var/log/firewall"); };
log { source(src); filter(f_iptables); destination(firewall); };
destination martian { file("/var/log/martian"); };
log { source(src); filter(f_martian); destination(martian); };
destination warn { file("/var/log/warn" fsync(yes)); };
log { source(src); filter(f_warn); destination(warn); };

filter f_martian    { facility(kern) and match('^martian source'); };

filter f_martian    { facility(kern) and match("martian source"); };

# this is for the old acpid < 1.0.6

# acpi -v
acpi 0.09

Copyright (C) 2001 Grahame Bowland.
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

and not filter(f_martian)