Dear syslog-ng users,

This is the 89th issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news.

NEWS

Consuming logs from a Kafka topic

There is no official Kafka source in syslog-ng, but because this question comes up often enough, I created one. It is just a temporary workaround using the program() source, but it works. It involves Java and installing Kafka manually, but it was fast and reliabe in my tests: ingesting 50,000–100,000 messages a second on my laptop in a resource-constrained virtual machine.

https://www.syslog-ng.com/community/b/blog/posts/consuming-logs-from-a-kafka-topic-using-syslog-ng

Collecting logs from Windows

Normally I cover free and open-source software in the syslog-ng blog. But recently quite a few members of the community reached out to me and asked about collecting logs from Windows. So, I prepared a quick overview of the topic. The good news is, that syslog-ng supports collecting logs from Windows in multiple ways. The not so good news is that Windows support is only available in the commercial version of syslog-ng. There are multiple ways for collecting log messages from Windows. You can either install syslog-ng agents on Windows hosts, or you can use the Windows Event Collector (WEC) component of syslog-ng PE.

https://www.syslog-ng.com/community/b/blog/posts/collecting-logs-from-windows-using-syslog-ng

Running syslog-ng in Bastille

Bastille is a container management system for FreeBSD, similar to Docker or Podman on Linux. The historical name of containers on FreeBSD is jail, and they appeared a lot earlier than containers on Linux. Managing jails was not always easy. When I started to use this technology in production in 2001, nothing was automated. Using Bastille, you can easily create, configure, or update jails at scale. It has a template system to install applications in containers and there is a template also for syslog-ng. From this blog, you can learn how to get started with Bastille and how to create and run a syslog-ng jail using the freshly released 0.8 version of Bastille.

https://www.syslog-ng.com/community/b/blog/posts/running-syslog-ng-in-bastille-revisited

Syslog-ng OSE 3.31.1 released

Version 3.31.1 of syslog-ng OSE was released with the Fortigate parser, many parsing-related enhancements, silent Telegram messages, and more. For a complete list of changes, check https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-3.31.1

WEBINARS

• Scale log collection from Windows endpoints with WEC clustering in syslog-ng https://www.syslog-ng.com/event/scale-log-collection-from-windows-endpoints-with-wec-clustering-in-sys8147879/

• You can browse recordings of past webinars at https://www.syslog-ng.com/events/

Your feedback and news, or tips about the next issue are welcome. To read this newsletter online, visit: https://syslog-ng.com/blog/