Insider 2018-02: New website; One Identity; Docker; Error messages; Elastic 6; DevConf

Dear syslog-ng users,

This is the 65th issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news.


New syslog-ng website

Our new website – – is now live. It is a central hub of information for all syslog-ng related content, including commercial products built around syslog-ng. All documentation and blogs were migrated here. The old site will go away once all open source related content found its place on the new site. Feedback is much appreciated!

Balabit acquired by One Identity

You might have already heard that Balabit, the company behind syslog-ng, has been acquired by One Identity (, and you may be wondering what would happen to syslog-ng in the future. Learn how Balázs Scheidler, original author of syslog-ng, sees the future:
Tl;dr: nothing to worry about!

Logging in Docker using syslog-ng

Collecting logs can be especially important in a containerized environment, where you start and stop containers around the clock, and the container might not even exist anymore by the time you investigate an event. Read this white paper to find out how to:

  • Run your central log server in Docker
  • Collect Docker infrastructure logs using syslog-ng
  • Collect logs from containers using Docker volumes

Common syslog-ng error messages and their solutions

In this post, we explain a few common syslog-ng error and warning messages, what they mean, and how to solve them.

Getting started with Elasticsearch 6 on RHEL/CentOS

Version 6 of the Elastic Stack has now been available for some time, packed with new features and improved performance. Compatibility of syslog-ng was checked already during the alpha phase of development, as syslog-ng is becoming popular among Elasticsearch users: it can greatly simplify logging to Elasticsearch. There are no major changes from a syslog-ng point of view but – to improve your copy & paste experience – I updated my getting started guide from Elastic Stack 5 to 6.

DevConf 2018

DevConf is a yearly conference for developers, administrators, and users of Linux and related technologies. It is organized by Red Hat in Brno, home to one of their major development centers. Since the majority of syslog-ng users are running their logging server on Red Hat Enterprise Linux or CentOS, it is important to know their needs and the directions where RHEL is heading. It is also a good possibility to discuss logging-related questions with Red Hat engineers in person.


SCALE: Logging Docker using syslog-ng:
Pasadena Convention Center
March 8 – 11, 2018

Your feedback and news, or tips about the next issue are welcome at