11 Jul 2024

Dear syslog-ng users,

This is the 121st issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news.

NEWS

Trends in open source logging

Recently I was asked by Chas Clawson of Sumo Logic what I think about open source log management and telemetry. Needless to say, I also talked about syslog_ng, and in the end I showed a couple of simple syslog-ng configurations sending logs to Sumo Logic.

https://www.sumologic.com/blog/securing-open-source-infrastructure-log-all/

Using syslog-ng on multiple platforms

Your favorite Linux distribution is X. You test everything there. However, your colleagues use distro Y, and another team distro Z. Nightmares start here: the same commands install a different set of syslog-ng features, configuration defaults and use different object names in the default configuration. I ran into these problems while working with Gábor Samu on his HPC logging blog.

From this blog you can learn about some of the main differences in packaging and configuration of syslog-ng in various Linux distributions and FreeBSD, and how to recognize these when configuring syslog-ng on a different platform.

https://www.syslog-ng.com/community/b/blog/posts/using-syslog-ng-on-multiple-platforms

Working with sudo’s json_compact logs in syslog-ng

Version 1.9.16 of sudo will feature a new option for logging: json_compact. Why is this important? This new format can easily be read and parsed by a log management software, like syslog-ng.

Note that in this blog I am showing you a sudo feature which has not yet been released officially. You have to compile sudo yourself. By all means, if you have any other application writing JSON-formatted log messages, you can apply most of what you read here with slight modifications.

https://www.syslog-ng.com/community/b/blog/posts/working-with-sudo-s-json_5f00_compact-logs-in-syslog-ng

syslog-ng OSE 4.7.1 retires some old platforms

Version 4.7.1 of syslog-ng OSE was released recently. It brings many smaller enhancements to metrics, OpenTelemetry and other features, while it also retires support for some older platforms.

https://www.syslog-ng.com/community/b/blog/posts/syslog-ng-4-7-1-retires-some-old-platforms

WEBINARS

You can browse recordings of past webinars at https://www.syslog-ng.com/events/

Your feedback and news, or tips about the next issue are welcome. To read this newsletter online, visit: https://syslog-ng.com/blog/

The syslog-ng Insider 2024-07: logging trends; multiple platforms; sudo; retired platforms