The syslog-ng insider 2022-04: typing; sudo; Zinc; Elastic Cloud; 3.36;

Dear syslog-ng users,

This is the 100th issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news.


syslog-ng 4 theme: typing

Balázs Scheidler, founder of the syslog-ng project, describes a major new syslog-ng version 4.0 feature: typing.

“syslog-ng traditionally assumes that log data, even if it comes in a structured form (like RFC5424 structured data or JSON) is primarily textual in nature. For this reason, name-value pairs in syslog-ng are text values just as the log message as a whole.”

Read the rest of the blog to learn how typing helps not just when forwarding logs to Elasticsearch and others, but also when doing routing decisions:

Working with JSON logs from sudo in syslog-ng

From this blog you will learn how to work with JSON formatted logs in syslog-ng and also about new sudo features along the way: JSON logging in sudo, chroot support, logging sub-commands, and how to work with these logs in syslog-ng.

Elasticsearch 8 and syslog-ng

General availability of Elasticsearch 8 was announced recently. There were quite a few rumors that it will break compatibility with third party tools. I tested it as soon as I had a little time: I am happy to share that anything I tested with the elasticsearch-http() destination of syslog-ng still seems to work perfectly well with the latest version of Elasticsearch.

Contacting the syslog-ng team: reporting problems, asking questions

Recently I got some complaints that it is difficult to figure out how to contact the syslog-ng team to get help or report problems. Most of this information is available both on the syslog-ng website and at the syslog-ng repository on GitHub, but collecting here all information might be still useful for some people.


Your feedback and news, or tips about the next issue are welcome. To read this newsletter online, visit:

Related Content