For the last six months, Elastic’s communication centered around the upcoming Elastic Stack 5.0. And finally it is here: tons of new features, improved performance and a single version number for all Elastic products. Compatibility with syslog-ng was…

Last week, news came out that unprotected MongoDB databases are being actively compromised: content copied and replaced by a message asking for a ransom to get it back. As The Register reports: Elasticsearch is next . Learn how syslog-ng can help you…

I am happy to announce that after almost a year of development, syslog-ng 3.8.1 has been released . This is the first stable release from the syslog-ng 3.8 branch. Version 3.8.1 adds some long-awaited features to syslog-ng and improves the performance…

Figuring out how to parse your firewall logs is not always easy. This blogpost shows you some useful log-parsing techniques. For the examples, I use the logs of the Zorp proxy firewall, developed now by Balasys , the Hungarian distributor of Balabit products…

Elasticsearch is gaining momentum as the ultimate destination for log messages. There are two major reasons for this: You can store arbitrary name-value pairs coming from structured logging or message parsing. You can use Kibana as a search…

Version 6 of the Elastic Stack has now been available for some time packed with new features and improved performance. Compatibility of syslog-ng was checked already during the alpha phase of development, as syslog-ng is becoming popular among Elasticsearch…

This is the 2020 edition of my most read blog entry about syslog-ng web-based graphical user interfaces (web GUIs). Many things have changed in the past few years. In 2011, only a single logging as a service solution was available, while nowadays, I regularly…

netdata is a system for distributed real-time performance and health monitoring. You can use syslog-ng to collect and filter data provided by netdata and then send it to Elasticsearch for long-term storage and analysis. The aim is to send both metrics…

You can create your own time lapse videos from log messages. It is not rocket science and is possible using a purely open source tool chain. In my previous blog , I explained how you can create a heat map from IP addresses in your log messages using syslog…

The new geoip2 parser of syslog-ng 3.11 is not only faster than its predecessor, but can also provide a lot more detailed geographical information about IP addresses. Next to the usual country name and longitude/latitude information, it also provides…

Do you want to simplify parsing your log messages? Try the new “application adapter” and “enterprise-wide message model” frameworks in syslog-ng: you can automatically parse log messages and forward the results to another syslog-ng instance. Optionally…

Last week after publishing my Elasticsearch 5 blog, I finally had a little time to take a look at the logs coming from my Turris Omnia router. It is running in a quiet neighborhood of Budapest, but looking at my logs it shows that I’m living in a busy…

One of the most important discoveries of this decade was the Higgs boson. But researchers at High Energy Physics and Nuclear Physics laboratories and institutes would have been unable to find the Higgs boson without the IT staff maintaining the computer…