How to efficiently send log data to Google Stackdriver, Part 1

Google Stackdriver is a flexible and convenient way to monitor and manage your cloud based assets, regardless of where they're located or how they're configured. syslog-ng delivers the log data critical to understanding what is happening in your IT environment. Whether it's user activity, performance metrics, network traffic, or any other type of log data, syslog-ng can collect and centralize it. You can remove data silos and gain full stack visibility of your IT environment. In this video, join a staff engineer with One Identity's research and development team as he dives into how to use syslog-ng premium edition's log management capabilities to collect and analyze log data, and then ultimately forward it to Google Stackdriver. Zoltan begins by demonstrating how to work with Stackdriver by working with a simple configuration to highlight the basic functionality. Here is the configuration of my syslog-ng. It's a very simple configuration. It contains only one network source and the Stackdriver destination itself. You only have to fill in these important parameters for Stackdriver. The path of the JSON file that contains the key of the service account, the project ID, and the log ID. As you can see, I use my settings for this demo config. In this case, I'm using generic node as a resource type, but you can configure any valid type. For valid values, please check the documentation of Stackdriver. Now, let's start syslog-ng. I will start it in verbose mode so we can see what happens under the hood. We can see the debug message of syslog-ng. I will send the native Windows log on event to syslog-ng and it will forward to Stackdriver. In the debug output, you can see how syslog-ng uses the HTTP API. Here, you can see the complete message processed by syslog-ng. Because syslog-ng uses the JSON payload field of Stackdriver, the message is formatted as JSON. Now, let's switch to Stackdriver's interface. Just hit refresh and you can see the Windows Event forwarded by syslog-ng. Opening it, you can see the details of the message. And not just the text representation of the message, but [? the S ?] data fields as well. Here are my settings for location or node ID. And that's how easy it is to use syslog-ng. There's a very high level overview how to configure syslog-ng to work with Google Stackdriver. Thank you for joining us. To can get more information about syslog-ng and how our solutions can help to optimize your log management processes, go to syslog-ng.com.