No matter how awkward you feel when you hear about UDP syslog in the age of encrypted TCP connections, UDP syslog is here to stay in some special cases. The scalability issues of UDP log collection were first addressed in syslog-ng Open Source Editio…

One of the returning questions I receive is how many log messages can a given hardware handle. My typical answer is that it depends on the configuration. I have now an answer, or rather a tool to answer your question sngbench.sh. It is a shell script…

In version 4 of syslog-ng, the role of Python became even more important. Previously, all parts of syslog-ng could be extended using Python code, but no actual Python code was provided with syslog-ng. Version 4.0 added a Kubernetes module implemented…

Dear syslog-ng users, This is the 110th issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news. NEWS Learning syslog-ng, the easier way Last year, one of the returning questions I received was how to learn syslog-…

Version 4 of syslog-ng was released last December. Quite a few people use it already in production. How can you install it for a test drive? It might be already available in your Linux distribution. There are also several unofficial repositories with…

Version 4 of syslog-ng works perfectly well in version 3 compatibility mode. However, if you want to use the syslog-ng 4 features, you need to be aware of some significant changes. If you have a simple configuration, like those in Linux distributions…

Dear syslog-ng users, This is the 109th issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news. NEWS Installing a syslog-ng 4 development snapshot on FreeBSD Unless there is a serious problem, FreeBSD ports usuall…

Getting data to Splunk can be challenging. Syslog is still the most important data source, and it can provide you with hard-to-solve problems (for example, like high volume, non-compliant messages, unreliable network protocol (UDP), and more). The sy…

Last year, one of the returning questions I received was how to learn syslog-ng. My answer was that read the first few chapters of the documentation, read my blogs related to your use case, and then read a few relevant parts from the rest of the docu…

This is the 13th part of my syslog-ng tutorial. Last time, we learned about sending log messages to Elasticsearch. Today, we learn about updating syslog-ng, and some of the new features of syslog-ng 4. You can watch the video or read the text below. …

Dear syslog-ng users, This is the 108th issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news. NEWS Version 4.1 of syslog-ng available Version 4.1.1 of syslog-ng is now available. It brings PROXY protocol v2 su…

This is the 12th part of my syslog-ng tutorial. Last time, we learned about enriching log messages using syslog-ng. Today, we learn about how to send log messages to Elasticsearch. You can watch the video or read the text below. https://youtu.be/44rF…