Version 4.6 of syslog-ng introduced windows-eventlog-xml-parser(), a dedicated parser for XML-formatted event logs from Windows. It makes the EventData portion of log messages more useful, as it combines two arrays into a list of name-value pairs. Be…

Dear syslog-ng users, This is the 117th issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news. NEWS Version 4.5.0 of syslog-ng is now available with OpenObserve JSON API support Recently, syslog-ng 4.5.0 was releas…

Version 4.6.0 of syslog-ng features not just a new, native log collector for MacOS, but also darwin-oslog-stream(), which can also collect non-persistent log events. Beware that it can collect many megabytes of logs even in just a few minutes! Howeve…

Do you have to forward large amounts of logs between two syslog-ng instances? OTLP (OpenTelemetry protocol) support in syslog-ng was contributed by Axoflow, and it can solve this problem. Just like the ewmm() destination, syslog-ng-otlp() forwards mo…

You know that support for MacOS is important when every third visitor at the syslog-ng booth of Red Hat Summit asks if syslog-ng works on MacOS. With the upcoming syslog-ng version 4.6.0, syslog-ng not only compiles on MacOS, but it also collects loc…

Dear syslog-ng users, This is the 116th issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news. NEWS Why use a http()-based destination in syslog-ng? Logging is not just syslog anymore. Still, many syslog-ng users s…

Many Linux distributions provide build services under various names: openSUSE Build Service (OBS), Fedora Copr, and so on. These resources are indispensable for upstream developers, and also for their users. I will demonstrate this through some examp…

Dear syslog-ng users, This is the 115th issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news. NEWS Compressing HTTP traffic in syslog-ng Network traffic is expensive in the cloud, and even a single syslog-ng insta…

One of the most frequent syslog-ng feature requests is now resolved. Welcome the --check-startup option, allowing you to check the syntax and also spot spelling mistakes! Before you begin To use the --check-startup option, you need version 4.5.0 or l…

Recently, syslog-ng 4.5.0 was released with many new features. These include sending logs to OpenObserve using its JSON API, support for Google Pub/Sub, a new macro describing message transport mechanisms like RFC 3164 + TCP, an SSL option to ignore …

Logging into Humio (which was recently re-branded to Falcon LogScale) was available for years, using their Elasticsearch compatible API. However, according to Humio developers, it is slightly slower than other APIs for log ingestion. Axoflow contribu…

Initial support for systemd-journal namespaces is available in syslog-ng 3.29. However, only version 4.4.0 allows you to work with multiple namespaces in your syslog-ng configuration. So, what changed in the latest version of syslog-ng? Previously, y…