A question I often receive is ‘what are the differences between rsyslog and syslog-ng?’ It’s a little tricky to answer. First, because my experience is mostly with syslog-ng, and because there are many similarities between the two p...

Dear syslog-ng users, This is the 76th issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news. NEWS Logging to Elasticsearch made simple with syslog-ng Elasticsearch is gaining momentum as the ultimate destination for…

Learn the major steps necessary to upgrade your system from syslog-ng Premium Edition version 6 to 7. As you will see, it is no more difficult than any other major software version upgrade, and after the upgrade you can start using all the new and us…

UNITE is the partner and user conference of One Identity, the company behind syslog-ng. This time the conference took place in Phoenix, Arizona where I talked to a number of American business customers and partners about syslog-ng. They were really e…

“How can I install the unofficial syslog-ng packages on a machine without Internet access?” This question has been raised several times recently. As it entails more than simply downloading the repository containing the packages, syslog-ng...

Dear syslog-ng users, This is the 75th issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news. NEWS Building blocks of syslog-ng Recently I gave a syslog-ng introductory workshop at Pass the SALT conference in Lille, …

Recently, a number of quite complex configurations came up while syslog-ng users were asking for advice. Some of these configurations were even pushing the limits of syslog-ng (regarding the maximum number of configuration objects). As it turned out,…

Version 7 of the Elastic stack was released a few months ago, and brought several breaking changes that affect syslog-ng. In my previous blog post, I gave details about how it affects sending GeoIP information to Elasticsearch. From this blog post yo…

One of the most popular destinations of syslog-ng is Elasticsearch. Any time a new language binding was introduced to syslog-ng, someone implemented an Elasticsearch destination for it. For many years, the official Elasticsearch destination for syslo…

Elasticsearch is gaining momentum as the ultimate destination for log messages. There are two major reasons for this: You can store arbitrary name-value pairs coming from structured logging or message parsing. You can use Kibana as a search and v…

Recently I gave a syslog-ng introductory workshop at Pass the SALT conference in Lille, France. I got a lot of positive feedback, so I decided to turn all that feedback into a blog post. Naturally, I shortened and simplified it, but still managed to …

Version 7 of the Elastic Stack, packed with new features and improved performance, has now been available for some time. Elasticsearch is not the only one to have come up with a major new version recently: starting with version 3.21, syslog-ng featur…