We are ending this unusually hot June (at least here at our headquarter in Budapest) with a new syslog-ng PE release. As we said when moving over to a rolling release model, we will be delivering new features with every release, and 7.0.3 is no excep…

Why use syslog-ng for collecting Docker logs? Docker already provides many drivers for logging, even for central log collection. On the other hand, remote logging drivers arrive with a minimalist feature set and you are not able to use the “doc...

Starting with version 3.10, syslog-ng can collect messages from multiple text files. You do not have to specify file names one by one, just use a wildcard to select which files to read. This is especially useful when you do not know the file names by…

The release candidate of version 3.7 of Turris OS – the OpenWRT-based operating system of Turris Omnia routers – is now available. Among many other changes, this updates syslog-ng from version 3.0 to 3.9, so it adds about seven years&rsqu…

Being a long-time openSUSE user, I visit the openSUSE conference not only to present on one of its components – syslog-ng – but also to meet friends and learn about new technologies and the plans for the upcoming year. Some talks, like th...

One of the most important discoveries of this decade was the Higgs boson. But researchers at High Energy Physics and Nuclear Physics laboratories and institutes would have been unable to find the Higgs boson without the IT staff maintaining the compu…

Security-Enhanced Linux (SELinux) is a set of kernel and user-space tools enforcing strict access control policies. It is also the tool behind at least half of the syslog-ng problem reports. SELinux rules in Linux distributions cover all aspects of t…

Using osquery you can ask questions about your machine using an SQL-like language. For example, you can query running processes, logged in users, installed packages and syslog messages as well. You can make queries on demand, and also schedule them t…

Today we’re announcing syslog-ng Premium Edition 7.0.2, our latest stable release for syslog-ng PE. We crammed a couple great new features in this release: a streamlined and easy-to-integrate self-monitoring tool, and Python support for message…

From this blog you will learn how to compile a simple configuration for Suricata on the Turris Omnia router and how to configure syslog-ng to forward its log messages to a central log collector. In the second part of this blog, you will learn why and…

Containerization, and Docker in particular, changed the way we distribute and run applications. I used containers – FreeBSD jails – for nearly twenty years, but Docker brought us the ease of use necessary for wide adoption. Containers pro...

In our previous blogs on central log management, we touched on the topic of effective search in a centralized log repository. In this post, we take a look at the risk of ‘sudoing’, and how you can quickly and easily surface sudo related i...