Process accounting logs are collected into binary log files on Linux. You can turn them into human readable format locally, using various tools. You can also use syslog-ng to read those files. Syslog-ng can parse those binary logs, create name-value …

One of the most popular destinations in syslog-ng is Elasticsearch. Due to the license change of the Elastic stack, some people changed quickly to Grafana/Loki and other technologies. However, most syslog-ng users decided to wait and see. Versio...

UDP-based log collection is so last century. We had TCP-based log collection for decades and TLS encryption to secure connections. Still, UDP is in wide use, especially at large companies and industrial automation, where every change is slow. In most…

Version 3.33 of syslog-ng introduced an MQTT destination. It uses the paho-c client library to send log messages to an MQTT broker. The current implementation supports version 3.1 and 3.1.1 of the protocol over non-encrypted connections, but this is …

Recently, many services provide an HTTP-based API to send messages. With a bit of luck, the given service is already supported directly by syslog-ng, or by using the Apprise Python library from the syslog-ng Python destination. In other cases, you ne…

Opensearch is a fork of the Elastic stack code base, made right before the license change. The first release candidate (RC1) has been released recently. Next to plain text files, Elasticsearch is one of the most popular destinations in syslog-ng, but…

Dear syslog-ng users, This is the 92nd issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news. NEWS First steps of sending alerts to Discord and others from syslog-ng: http() and Apprise A returning question I get is:…

Recently I have found that the number of syslog-ng users on OpenBSD is growing, even with an ancient syslog-ng version in OpenBSD ports that is unable to collect local log messages. Then I remembered that Todd Miller – maintainer of sudo, and m...

MongoDB is one of the most popular NoSQL databases. Support for MongoDB was added to syslog-ng almost a decade ago. It was the first syslog-ng destination where you could store arbitrary name-value pairs. The performance of MongoDB has improved consi…

Dear syslog-ng users, This is the 91st issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news. NEWS syslog-ng 3.32 is now available Highlights include multi-threaded connection pooling to MongoDB servers and templat…

Last year, the CentOS project announced a major shift in strategy. Until recently, CentOS Linux has been a rebuild of Red Hat Enterprise Linux (RHEL) sources, each RHEL release was quickly followed by a corresponding CentOS Linux release. While CentO…

A returning question I get is: “I see, that you can send alerts from syslog-ng to Slack and Telegram, but do you happen to support XYZ?” Replace XYZ with Discord and countless others. So, last week I showed you how to send alerts to Disco...