Insider 2018-04: RHEL6; Windows Event Log; Patched RPM; HEC; Conferences

Dear syslog-ng users,

This is the 66th issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news.

NEWS

syslog-ng is available for RHEL 6 / CentOS 6 again

After more than a year, the latest version of syslog-ng compiles again on Red Hat Enterprise Linux version 6. This is thanks to a patch from Balázs Scheidler which resolves compatibility problems with older glib releases by implementing the missing functions within syslog-ng.
https://syslog-ng.com/blog/latest-syslog-ng-available-rhel-6-centos-6/

Agentless Windows logging

With syslog-ng Premium Edition, you can collect Windows event logs without installing any third-party application on your Windows-based computer.
Learn more about it from our blog at https://syslog-ng.com/blog/how-to-collect-windows-event-logs-with-syslog-ng-without-installing-an-agent/ or join our webinar where you can also ask questions: https://www.brighttalk.com/webcast/16207/314789?utm_source=OSE/

Build your own syslog-ng RPM

When a user reports a problem with syslog-ng, developers create code to fix it. The fix is called a patch or a pull request (PR) in Git terminology. Often this code does not enter the main source code automatically but developers ask the user to test the fix before the code is merged. A new challenge starts here: figuring out how to test a proposed fix. This blog shows you how to download and patch the syslog-ng source code and build easy-to-install (and remove) RPM packages from it.
https://syslog-ng.com/blog/build-syslog-ng-rpm-patched-git-sources-rhel-centos-7/
While this blog introduces you to package building in depth, a lot simpler method is also available for Ubuntu packages and should be working soon again for RHEL / CentOS as well:
https://github.com/balabit/syslog-ng/tree/master/dbld

Sending logs to Splunk HEC

Recently Splunk started to recommend the use of the HTTP Event Collector (HEC) instead of forwarders. syslog-ng supports this in multiple ways. In a previous blog, we showed you how to use the http() destination of syslog-ng. This time, we introduce you to another possibility: using an external python script to send logs to HEC.
Read our blog at https://syslog-ng.com/blog/splunk-hec-sending-logs-using-program-destination-syslog-ng/ or watch the webinar at https://www.brighttalk.com/webcast/16207/308061

Conferences: CentOS Dojo, FOSDEM and SCALE

Recently syslog-ng was presented at some popular open source conferences. Read about the presentations and experiences in related blogs:
CentOS Dojo & FOSDEM: https://syslog-ng.com/blog/centos-dojo-fosdem-2018/
SCALE: https://syslog-ng.com/blog/syslog-ng-scale-2018/

UPCOMING EVENTS

LOADays: http://loadays.org/ (Antwerp)
Red Hat Summit: https://www.redhat.com/en/summit/2018 (San Francisco)

Your feedback and news, or tips about the next issue are welcome at documentation@balabit.com.

Anonymous