Why use syslog-ng to alert on sudo events? At the moment, alerting in sudo is limited to E-mail. Using syslog-ng, however, you can send alerts (more precisely, selected logs) to a wide variety of destinations. Logs from sudo are automatically parsed …

Recently I visited two conferences: LOADays and Red Hat Summit. They both focus on open source software, but similarities end there. LOADays in Antwerp is small, free and focuses on Linux administrators. The Red Hat Summit in Boston is huge, expensiv…

With about two thirds of syslog-ng users running their logging application on Red Hat Enterprise Linux (or CentOS), it is one of our most important platforms both for the open source edition (OSE) and the premium edition (PE) of syslog-ng. Next week …

While there are some users who run syslog-ng as a stand-alone application, the main strength of syslog-ng is central log collection. In this case the central syslog-ng instance is called the server, while the instances sending log messages to the cen…

This feature is available from syslog-ng PE 7.0.14 and syslog-ng OSE 3.21 on. The configuration is really simple: - you should use the elasticsearch-http() destination (which is based on http destination).syslog-ng will use the Elasticsearch Bulk API…

Dear syslog-ng users, This is the 74th issue of syslog-ng Insider, a monthly newsletter that brings you news related to syslog-ng. NEWS Tetris destination In this blog post we show you a fun way of using the Python destination of syslog-ng. We will w…

Getting log messages into the desired format can sometimes be a problem, but with syslog-ng you can use Python to get exactly the format you need. The syslog-ng Python template function allows you to write custom templates for syslog-ng in Python. It…

Tetris destination Tetris destination Table of Contents Overview The Emacs destination Inserting messages into an Emacs buffer Inserting messages outside Emacs The Tetris destination Overview In this blog post, I would like to show yo…

The syslog-ng source code includes a container-based build system. You can use it to generate source tarballs (the official syslog-ng release tarball is also generated this way) and to build packages for RHEL 7 and different Debian and Ubuntu release…

Using python-fetcher() simplifies developing a source driver for syslog-ng even further. You do not have to implement your own eventloop, since syslog-ng does it for you. You only need to focus on what information you need and how you (or your code) …

“I'd tell you the joke about UDP, but you might not get it.” The old joke above perfectly summarizes UDP. There is no guarantee (frankly, not even a real effort) that data sent over UDP ever reaches the receiving end. Still, a surprisingl...

I used containers (namely, FreeBSD jail) in production already in 2001. Still, it was the tool and company called Docker that made the use of containers mainstream. Fast forward another few years and you can hear the names skopeo, buildah and podman …