Version 4.10 of syslog-ng introduced file size-based log rotation. Thanks to this, storage space is no longer filled with logs with the risk that you might not see older logs if the message rate is higher than expected. Before you begin You need at…

Support for IBM’s AIX operating system has been available in syslog-ng for almost two decades. First in open source, then also in syslog-ng Premium Edition. Recently, IBM added syslog-ng to the AIX ToolBox for Open Source Software. AIX ToolBox Just…

I have been providing syslog-ng users with weekly git snapshot RPM packages for almost a decade. From now on, RHEL & Co users can use nightly packages provided by the syslog-ng team, and from a lot less obscure location. As usual, these packages are for…

Dear syslog-ng users, This is the 134th issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news. NEWS Syslog-ng development and AI Recently, several people have asked me about the syslog-ng project’s view on AI…

Version 4.9.0 of syslog-ng has been available for some time. However, it is not available yet in FreeBSD ports, as there were compilation problems on FreeBSD 15-CURRENT. You can still install it using my own updated ports Makefile. I maintain my own…

Whenever I present syslog-ng at a conference or I stand next to a booth, people often ask me why should they use syslog-ng instead of one of its competitors. So let me summarize what the users and developers of syslog-ng typically consider as its most…

Dear syslog-ng users, This is the 133rd issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news. NEWS Deprecating Java-based drivers from syslog-ng: Is HDFS next? While most Java-based drivers have been deprecated…

Bastille, the lightweight jail (container) management system for FreeBSD, was already covered here. Recently, they released Bastille 1.0 and BastilleBSD, a hardened FreeBSD variant that comes with Bastille pre-installed. What is Bastille? Bastille…

Recently, several people have asked me about the syslog-ng project’s view on AI. In short, there is cautious optimism: we embrace AI, but it does not take over any critical tasks from humans. But what does this mean for syslog-ng? Well, it means that…

There are multiple syslog protocols with multiple variants. The new transport(auto) option of the syslog() source allows you to support all TCP-based variants with a single source driver. Why? When it comes to syslog, there are many transport options…

Last year, I wrote a small configuration snippet for syslog-ng: FreeBSD audit source. I published it in a previous blog , and based on feedback, it is already used in production. And soon, it will be available also as part of a syslog-ng release. As…

Last year, we published a Prometheus exporter for syslog-ng, implemented in Python . However, syslog-ng 4.9.0 will include one that runs as part of syslog-ng. Needless to say, testing and feedback are very welcome! Before you begin As syslog-ng 4…

Some of our most active users chose syslog-ng because of its detailed and accurate documentation ( https://syslog-ng.github.io/ ). Later I received complaints that it is too detailed, and we need a tutorial: https://peter.czanik.hu/posts/syslog-ng-tutorial…

Dear syslog-ng users, This is the 132nd issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news. NEWS Installing nightly syslog-ng arm64 packages on a Raspberry Pi Last week, I posted about running nightly syslog…

While most Java-based drivers have been deprecated in syslog-ng years ago, we have recently removed all of them in preparation to syslog-ng 4.9.0. Right now, the only Java-based driver remaining is HDFS, so we want to ask the syslog-ng community if the…

Last year, syslog-ng 4.8.0 improved the wildcard-file() source on FreeBSD and MacOS. Version 4.9.0 will do the same for Linux by using inotify for file and directory monitoring, resulting in faster performance while using significantly less resources…

One Identity Cloud PAM is one of the latest security products by One Identity. It provides asset management as well as secure and monitored remote access for One Identity Cloud users to hosts on their local network. Last year, I showed you how collect…

Dear syslog-ng users, This is the 131st issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news. NEWS Introducing the develop branch of the syslog-ng git repo For many years, the development of syslog-ng happened…

Last week, we released syslog-ng 4.8.2 , containing a CVE fix along with improvements to the Elasticsearch and S3 destinations. As such, an upgrade is highly recommended. Version 4.8.3 does not bring any code changes, just a fix to the release process…

Finally, a new syslog-ng release! As you can see from its version number, this is a bug fix release. It took a bit longer than expected, as we wanted to release it in sync with syslog-ng PE, the commercial variant of syslog-ng. 4.8.2 serves not just as…

While no dates are set to stone yet, we expect a couple of syslog-ng releases in the near future. As version 4.8.1 is used in major Linux distributions and has a couple of known bugs, we will release 4.8.2 to address those. However, we are also working…

From my previous Active Roles blogs, you could learn how to forward regular Active Roles logs from Windows Event Log to a central syslog-ng server, where it parses, filters, stores and forwards the logs. In this blog, I show you how to work with Active…

Dear syslog-ng users, This is the 130th issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news. NEWS Testing Elasticsearch 9.0.0 beta1 with syslog-ng Each time a new major Elasticsearch version is released, someone…

Last week, I posted about running nightly syslog-ng container images on arm64. However, you can also install syslog-ng directly on the host (in my case, a Raspberry Pi 3), running the latest Raspberry OS. Before you begin Right now, syslog-ng nightly…

Recently we enabled nightly syslog-ng builds and container builds for arm64. It means that from now on, you can run the latest syslog-ng on 64bit ARM platforms. Before you begin For this test, I used a Raspberry Pi 3 running the latest Raspberry Pi…