One of the most important discoveries of this decade was the Higgs boson. But researchers at High Energy Physics and Nuclear Physics laboratories and institutes would have been unable to find the Higgs boson without the IT staff maintaining the compu…

Security-Enhanced Linux (SELinux) is a set of kernel and user-space tools enforcing strict access control policies. It is also the tool behind at least half of the syslog-ng problem reports. SELinux rules in Linux distributions cover all aspects of t…

Using osquery you can ask questions about your machine using an SQL-like language. For example, you can query running processes, logged in users, installed packages and syslog messages as well. You can make queries on demand, and also schedule them t…

Today we’re announcing syslog-ng Premium Edition 7.0.2, our latest stable release for syslog-ng PE. We crammed a couple great new features in this release: a streamlined and easy-to-integrate self-monitoring tool, and Python support for message…

From this blog you will learn how to compile a simple configuration for Suricata on the Turris Omnia router and how to configure syslog-ng to forward its log messages to a central log collector. In the second part of this blog, you will learn why and…

Containerization, and Docker in particular, changed the way we distribute and run applications. I used containers – FreeBSD jails – for nearly twenty years, but Docker brought us the ease of use necessary for wide adoption. Containers pro...

In our previous blogs on central log management, we touched on the topic of effective search in a centralized log repository. In this post, we take a look at the risk of ‘sudoing’, and how you can quickly and easily surface sudo related i...

It is the third year that syslog-ng has participated at Southern California Linux Expo or, as better known to many, SCALE ‒ the largest Linux event in the USA. In many ways it is similar to FOSDEM in Europe, however, SCALE also focuses on users and a…

Centralized log management certainly is a great solution when you are trying to tackle issues related to handling huge amounts of logs. With the right tool, it can be also beneficial on collection and search performance – areas that syslog-ng S...

In our previous post, we discussed the performance of syslog-ng, streaming logs to HDFS destinations. Now we’ll pick up where we left off, and continue our performance evaluation with the Kafka. In our Kafka tests, we used syslog-ng Premiu...

A couple weeks ago our CTO, Balázs Scheidler reflected on the importance of central log management, an approach that we have been advocating for a long time and was also underpinned by a recent report by Gartner. Having spent the past week at …

If you operate web servers, you want to have insight about your traffic. Traditional solutions to process access logs include: scripts to create nightly reports with tools like AWStats run a JavaScript snippet on each page load, like Google Analytic…