Version 3.31 of syslog-ng has been released recently. One of its most user-visible features is the parser for Fortigate logs, yet another networking vendor that produces log messages not conforming to syslog specifications. Parsing Fortigate logs bui…

Today is March 14th, or as many geeks refer to it: Pi day. On this occasion, I would like to show you a syslog-ng configuration, which prints a huge π on the screen, and two recent articles that feature syslog-ng on the Raspberry Pi. Printing π...

Dear syslog-ng users, This is the 89th issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news. NEWS Consuming logs from a Kafka topic There is no official Kafka source in syslog-ng, but because this question comes up…

The syslog-ng application is included in all major Linux distributions, and you can usually install syslog-ng from the official repositories. If the core functionality of syslog-ng meets your needs, use the package in your distribution repository (yu…

You can collect log messages from a Windows host in multiple ways using syslog-ng. For large scale installations the easiest is to use the Windows Event Collector (WEC) component of syslog-ng Premium Edition (PE). This way you don’t have to ins...

My FOSDEM presentation in the BSD devroom showcased what is new in sudo and syslog-ng and explained how to install or compile these software yourself on FreeBSD. Not only am I a long time FreeBSD user (started with version 1.0 in 1994) I also work on…

Normally I cover free and open-source software in the syslog-ng blog. But recently quite a few members of the community reached out to me and asked about collecting logs from Windows. So, I prepared a quick overview of the topic. The good news is, th…

Dear syslog-ng users, This is the 88th issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news. NEWS Finding the real source IP: using the PROXY protocol Until now collecting logs behind proxies or load balancers n…

Talking to syslog-ng users, I found that many of them plan to take a closer look at Grafana, due to the upheaval around the change of licensing terms for Elastic. Luckily, it is now possible to jump-start the complete, new logging stack – inclu...

Bastille is a container management system for FreeBSD, similar to Docker or Podman on Linux. The historical name of containers on FreeBSD is jail, and they appeared a lot earlier than containers on Linux. Managing jails was not always easy. When I st…

There is no official Kafka source in syslog-ng, but because this question comes up often enough, I created one. It is just a temporary workaround using the program() source, but it works. It involves Java and installing Kafka manually, but it was fas…

The C implementation of the Kafka destination in syslog-ng has been improved in version 3.30. Support for templates in topic names was added as a result of a Google Summer of Code (GSoC) project. The advantage of the new template support feature is t…