Last Tuesday, I was in London to present syslog-ng at the Linuxing in London meetup. It was my first trip to the UK, so I had some trouble with vehicles driving always on the unexpected side of the road. As it was my first ...
I am happy to announce that after almost a year of development, syslog-ng 3.8.1 has been released. This is the first stable release from the syslog-ng 3.8 branch. Version 3.8.1 adds some long-awaited features to syslog-ng and improves ...
I am pleased to announce our latest long-term supported version of syslog-ng Premium Edition, 6 LTS. In addition to the long-awaited key-value parser, we updated the TLS cipher suite and introduced .NET Framework 4.0 support in the Windows agent...
Almost a year has passed since the last major syslog-ng release. The first beta of the upcoming 3.8 release was published last week. This brought many changes both in terms of new features and in packaging. To encourage testing I would like to highli…
An effective security operations center starts with a reliable tool for securely collecting all logs which are relevant from a security perspective. However, as the size and complexity of the enterprise IT infrastructure increases, the amount of logs…
While most people know syslog-ng as a central syslog server, there is another use, which is less known but most likely has a lot larger installed base. It is syslog-ng embedded. Tens of millions of Kindle e-readers were sold around the world, all of …
Until recently, the correlation and aggregation of information from multiple messages was within the domain of the PatternDB parser. The limitation of this implementation is that it only worked for data extracted by PatternDB. There are now many...
Java based destination drivers were introduced to syslog-ng last year. The syslog-ng application uses libjvm.so to embed a Java Virtual Machine inside syslog-ng. Java libraries tend to have a large binary footprint, even just the Java Runtime Environ…
Figuring out how to parse your firewall logs is not always easy. This blogpost shows you some useful log-parsing techniques. For the examples, I use the logs of the Zorp proxy firewall, developed now by Balasys, the Hungarian distributor of Bala...
Once upon a time I was working on the birth of EFIKA, one of the first affordable PPC developer boards (if not the first ever). This made PowerPC available to thousands of users and developers instead of just a chosen few. Later on, already as a...
Dell’s Sonicwall firewalls protect many businesses ranging from small offices to large enterprises. Depending on the network traffic these appliances can generate an extreme amount of log messages about the hosts you connected to or t...
Performance of syslog-ng on the original Raspberry Pi was not outstanding, the peak I could reach was at about 6500 messages per second, as I wrote it in my blog in 2013.
So I was curious, how the Raspberry Pi 2, with a four-core ARMv7 CPU and double…
