Last year, I received many requests about syslog-ng for Amazon Linux 2023, but I could not find an easy way to create syslog-ng packages. Recently, however, I found that Fedora Copr supports building packages for Amazon Linux 2023. So, with a little bit…

Many Linux distributions provide build services under various names: openSUSE Build Service (OBS), Fedora Copr, and so on. These resources are indispensable for upstream developers, and also for their users. I will demonstrate this through some examples…

Last week I posted about my new syslog-ng-stable RPM repositories. I tried to explain the use case and how it relates to my other repos, nonetheless I got some questions. So, in this blog I provide you an overview of syslog-ng RPM repositories: why to…

In my past two Python blogs I introduced you to the basics of the syslog-ng Python destination. In this blog I show you a working example of how you can publish your logs to MQTT using the Python destination of syslog-ng. If you are new to the Python…

Getting started with the Telegram destination of syslog-ng is not an easy and straightforward process, but it is well worth the efforts. If you do not know Telegram yet, Telegram is a cloud-based messaging application known for its security and speed…

When starting a new project, Big Data vendors usually recommend a “save all” and “save raw” approach, as you never know what data might come handy later and in what format. Companies starting those projects also often have the same approach, as they still…

During the past six weeks I visited five different conferences in four different countries either as a speaker or as booth staff. While traveling so much in such a short span of time was quite exhausting, I would do it again without hesitation. Altogether…

Last week I learned, that using Cacti ‘s syslog plugin with syslog-ng is not fully documented. While I’m not a Cacti user, I’m always in search of web interfaces to be used with syslog-ng. So I wanted to give Cacti and its syslog plugin a try and document…

The release candidate of version 3.7 of Turris OS – the OpenWRT-based operating system of Turris Omnia routers – is now available. Among many other changes, this updates syslog-ng from version 3.0 to 3.9, so it adds about seven years’ worth of new syslog…

syslog-ng users often face the challenge of not being able to send logs over the network from one syslog-ng instance to another. There can be many reasons for this; some are independent from syslog-ng, while others are related to the syslog-ng configuration…

Java based destination drivers were introduced to syslog-ng last year. The syslog-ng application uses libjvm.so to embed a Java Virtual Machine inside syslog-ng. Java libraries tend to have a large binary footprint, even just the Java Runtime Environment…

For the last six months, Elastic’s communication centered around the upcoming Elastic Stack 5.0. And finally it is here: tons of new features, improved performance and a single version number for all Elastic products. Compatibility with syslog-ng was…

Last week, news came out that unprotected MongoDB databases are being actively compromised: content copied and replaced by a message asking for a ransom to get it back. As The Register reports: Elasticsearch is next . Learn how syslog-ng can help you…

Starting with version 3.10, syslog-ng can collect messages from multiple text files. You do not have to specify file names one by one, just use a wildcard to select which files to read. This is especially useful when you do not know the file names by…

If you operate web servers, you want to have insight about your traffic. Traditional solutions to process access logs include: scripts to create nightly reports with tools like AWStats run a JavaScript snippet on each page load, like Google Analytics…

I am happy to announce that after almost a year of development, syslog-ng 3.8.1 has been released . This is the first stable release from the syslog-ng 3.8 branch. Version 3.8.1 adds some long-awaited features to syslog-ng and improves the performance…

For most of its history, syslog-ng could only be used for collecting, processing and storing log messages. Not any more. The R edis and R iemann destinations are already a step into the direction of metrics-based monitoring, and the monitoring source…

Last week I visited All Things Open , one of the largest open source conferences of the US East Coast. The venue was the monumental building of the Raleigh Convention Center, just two blocks from Red Hat’s headquarters. I was presenting syslog-ng in the…

Figuring out how to parse your firewall logs is not always easy. This blogpost shows you some useful log-parsing techniques. For the examples, I use the logs of the Zorp proxy firewall, developed now by Balasys , the Hungarian distributor of Balabit products…

Elasticsearch is gaining momentum as the ultimate destination for log messages. There are two major reasons for this: You can store arbitrary name-value pairs coming from structured logging or message parsing. You can use Kibana as a search…

Last Tuesday, I was in London to present syslog-ng at the Linuxing in London meetup. It was my first trip to the UK, so I had some trouble with vehicles driving always on the unexpected side of the road. As it was my first time in London, I took a two…

Version 6 of the Elastic Stack has now been available for some time packed with new features and improved performance. Compatibility of syslog-ng was checked already during the alpha phase of development, as syslog-ng is becoming popular among Elasticsearch…

This is the 2020 edition of my most read blog entry about syslog-ng web-based graphical user interfaces (web GUIs). Many things have changed in the past few years. In 2011, only a single logging as a service solution was available, while nowadays, I regularly…

It is the fourth year that syslog-ng has participated at Southern California Linux Expo or, as better known to many, SCALE ‒ the largest Linux event in the USA. In many ways, it is similar to FOSDEM in Europe, however, SCALE also focuses on users and…

netdata is a system for distributed real-time performance and health monitoring. You can use syslog-ng to collect and filter data provided by netdata and then send it to Elasticsearch for long-term storage and analysis. The aim is to send both metrics…