Dear syslog-ng users,


This is the 85th issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news.

NEWS

Parsing Cisco logs in syslog-ng

Log messages generated by Cisco devices look like syslog messages at first glance, but on a closer inspection you will see that there are many smaller differences. By default, syslog-ng treats all incoming messages as syslog messages, however, Cisco logs do not conform. Log messages collected over the network from Cisco devices and saved to a file look broken. There are many Cisco log variants but luckily a good part of them are covered by the cisco-parser() of syslog-ng.From this blog you can learn how the Cisco parser in syslog-ng works and how you can check if it really works with your Cisco log messages.

https://www.syslog-ng.com/community/b/blog/posts/parsing-cisco-logs-in-syslog-ng

Sending alerts to Signal Messenger from syslog-ng

Signal Messenger is becoming the instant messaging platform of choice for privacy-minded individuals, including many sysadmins. No wonder that some of them would like to see alerts from syslog-ng in this IM platform. Developing a new destination for syslog-ng from scratch in the C programming language is a considerable effort. As a result, this first implementation is utilizing an already existing command line application. Below, you can learn about an initial implementation, and why it is not part of syslog-ng.

https://www.syslog-ng.com/community/b/blog/posts/sending-alerts-to-signal-messenger-from-syslog-ng

Enabling PCRE dupnames in syslog-ng

One of the major syslog-ng features is that it can parse log messages and create name-value pairs from them. Until now the PCRE parser could not handle duplicate names for named subpatterns. Version 3.29 of syslog-ng resolves this issue by adding the “dupnames” flag. From this blog you can learn why the dupnames flag is important and how you can enable and test it.

https://www.syslog-ng.com/community/b/blog/posts/enabling-pcre-dupnames-in-syslog-ng

WEBINARS


Your feedback and news, or tips about the next issue are welcome. To read this newsletter online, visit: https://syslog-ng.com/blog/

Anonymous
Related Content