syslog-ng documentation

Your main source of knowledge

The syslog-ng product family has an extensive documentation, covering everything from how to install a product to the most complex configuration and settings descriptions. If you cannot find an answer to your question, try the mailing list - our community is always eager to help.

syslog-ng Store Box


The syslog-ng Store Box 4 F9 Administrator Guide

List of Procedures

2.2. Collecting logs with SSB
3.1.1. Creating an alias IP address (Microsoft Windows)
3.1.2. Creating an alias IP address (Linux)
3.1.3. Modifying the IP address of SSB
3.2. Configuring SSB with the Welcome Wizard
4.3.1. Configuring the management interface
4.3.2. Configuring the routing table
4.4.1. Configuring a time (NTP) server
4.5.1. Configuring e-mail alerts
4.5.2. Configuring SNMP alerts
4.5.3. Querying SSB status information using agents
4.6.1. Configuring monitoring
4.6.3. Preventing disk space fill up
4.6.4. Configuring message rate alerting
4.7.1. Creating a backup policy using Rsync over SSH
4.7.2. Creating a backup policy using SMB/CIFS
4.7.3. Creating a backup policy using NFS
4.7.4. Creating configuration backups
4.7.5. Creating data backups
4.7.6. Encrypting configuration backups with GPG
4.8.1. Creating a cleanup policy
4.8.2. Creating an archive policy using SMB/CIFS
4.8.3. Creating an archive policy using NFS
4.8.4. Archiving or cleaning up the collected data
5.1.1. Creating local users in SSB
5.1.2. Deleting a local user from SSB
5.2. Setting password policies for local users
5.3. Managing local usergroups
5.4. Managing SSB users from an LDAP database
5.5. Authenticating users to a RADIUS server
5.6.1. Assigning privileges to usergroups for the SSB web interface
5.6.2. Modifying group privileges
6.2.3. Redundant heartbeat interfaces
6.2.4. Next-hop router monitoring
6.3.2. Upgrading SSB (single node)
6.3.3. Upgrading an SSB cluster
6.3.5. Reverting to an older firmware version
6.3.6. Updating the SSB license
6.3.7. Exporting the configuration of SSB
6.3.8. Importing the configuration of SSB
6.4.2. Enabling SSH access to the SSB host
6.4.3. Changing the root password of SSB
6.5.1. Disabling sealed mode
6.6.1. Configuring the IPMI interface from the console
6.6.2. Configuring the IPMI interface from the BIOS
6.7.1. Generating certificates for SSB
6.7.2. Uploading external certificates to SSB
6.7.3. Generating TSA certificate with Windows Certificate Authority on Windows Server 2008
6.7.4. Generating TSA certificate with Windows Certificate Authority on Windows Server 2012
6.8.1. Creating hostlists
6.8.2. Importing hostlists from files
7.2. Receiving SNMP messages
7.3. Creating syslog message sources in SSB
7.4.1. Fetching the SQL database
7.4.2. Configuring message parts in Basic mode
7.4.3. Configuring message parts in Advanced mode
8.1.1. Creating logstores
8.1.2. Configuring the indexer service
8.2. Creating text logspaces
8.4. Creating filtered logspaces
8.5. Creating remote logspaces
8.6. Creating multiple logspaces
8.7.1. Sharing log files in standalone mode
8.7.2. Sharing log files in domain mode
9.1. Forwarding log messages to SQL databases
9.3. Forwarding log messages to remote servers
9.4. Forwarding log messages to SNMP destinations
9.5. Using SSB as a relay
10.2. Creating new log paths
10.4. Modifying messages using rewrite
10.5. Parsing sudo log messages
10.6. Parsing key-value pairs
11.4. Setting the certificates used in TLS-encrypted log transport
12.1.1. Customizing columns of the log message search interface
12.2.1. Using persistent decryption keys
12.2.2. Using session-only decryption keys
12.2.3. Assigning decryption keys to a logstore
12.3.2. Creating reports from custom statistics
12.4.1. Setting up alerts on the search interface
12.4.2. Setting up alerts on the Search > Content-Based Alerts page
13.1.3. Customizing columns of the internal search interfaces
13.6.1. Displaying custom syslog-ng statistics
13.7.2. Generating partial reports
13.7.3. Configuring custom reports
14.4. Creating new rulesets and rules
14.8. Using parser results in filters and templates
16.1. Network troubleshooting
16.3. Viewing logs on SSB
16.4. Collecting logs and system information for error reporting
16.5.2. Recovering SSB if both nodes broke down
16.5.3. Recovering from a split brain situation
16.5.4. Replacing a node in an SSB HA cluster
16.5.5. Resolving an IP conflict between cluster nodes
16.6. Restoring SSB configuration and data
16.7. Configuring the IPMI interface from the BIOS after losing IPMI password