Using osquery you can ask questions about your machine using an SQL-like language. For example, you can query running processes, logged in users, installed packages and syslog messages as well. You can make queries on demand, and also schedule them t…

Today we’re announcing syslog-ng Premium Edition 7.0.2, our latest stable release for syslog-ng PE. We crammed a couple great new features in this release: a streamlined and easy-to-integrate self-monitoring tool, and Python support for message…

From this blog you will learn how to compile a simple configuration for Suricata on the Turris Omnia router and how to configure syslog-ng to forward its log messages to a central log collector. In the second part of this blog, you will learn why and…

Containerization, and Docker in particular, changed the way we distribute and run applications. I used containers – FreeBSD jails – for nearly twenty years, but Docker brought us the ease of use necessary for wide adoption. Containers pro...

In our previous blogs on central log management, we touched on the topic of effective search in a centralized log repository. In this post, we take a look at the risk of ‘sudoing’, and how you can quickly and easily surface sudo related i...

It is the third year that syslog-ng has participated at Southern California Linux Expo or, as better known to many, SCALE ‒ the largest Linux event in the USA. In many ways it is similar to FOSDEM in Europe, however, SCALE also focuses on users and a…

Centralized log management certainly is a great solution when you are trying to tackle issues related to handling huge amounts of logs. With the right tool, it can be also beneficial on collection and search performance – areas that syslog-ng S...

In our previous post, we discussed the performance of syslog-ng, streaming logs to HDFS destinations. Now we’ll pick up where we left off, and continue our performance evaluation with the Kafka. In our Kafka tests, we used syslog-ng Premiu...

A couple weeks ago our CTO, Balázs Scheidler reflected on the importance of central log management, an approach that we have been advocating for a long time and was also underpinned by a recent report by Gartner. Having spent the past week at …

If you operate web servers, you want to have insight about your traffic. Traditional solutions to process access logs include: scripts to create nightly reports with tools like AWStats run a JavaScript snippet on each page load, like Google Analytic…

This is a guest post by Fabien Wernli (faxm0dem). He has been administering Linux clusters at the Computing Centre of the National Institute of Nuclear Physics and Particle Physics (CC-IN2P3) for 10+ years. Among others, he is an expert on performanc…

Hadoop and Kafka are part of modern high speed data management, and syslog-ng has been supporting these destinations for some time now, as it’s an integral part of a versatile central log management solution. Seamless integration is great, but ...