peter.czanik.hu · What I learned from Russian students: logging is importantWhen I published my blog about openSUSE a couple of weeks ago, most questions I received in private were about the Russian students I mentioned. In that blog I quickly described how my interest in information security started, about 25 years ago. This blog gives you a bit of historical background and a few more details.
Historical background It was 1995. I was studying at a university, but I was already running one of the servers of the faculty.
Recent searches
Search options
#logmanagement
0 posts0 participants0 posts today
#syslog_ng version 4.8.3 is now available. It is a re-release of 4.8.2. For details check the syslog-ng release notes at:
https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.8.3
GitHubRelease syslog-ng-4.8.3 · syslog-ng/syslog-ng4.8.3
Highlights
Version 4.8.3 fixes a problem in the syslog-ng release process (side
effects of the master -> develop change on GitHub). Nothing has changed
at the code level compared to the 4.8.2...
Version 4.8.2 of syslog-ng is now available. It is a buf fix release. It resolves a reliability issue in the #S3 destination, fixes the #Elasticsearch destination, and a low impact #CVE problem.
https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.8.2
GitHubRelease syslog-ng-4.8.2 · syslog-ng/syslog-ng4.8.2
This is a bug fix release.
Bugfixes
CVE-2024-47619 fixed: When using a wildcard syntax in the configuration file to specify the tls
certificate name, syslog-ng would match the wildcard too...
Installing nightly syslog-ng #arm64 packages on a Raspberry Pi:
www.syslog-ng.comInstalling nightly syslog-ng arm64 packages on a Raspberry PiLast week, I posted about running nightly syslog-ng container images on arm64. However, you can also install syslog-ng directly on the host (in my case, a Raspberry Pi 3), running the latest Raspberry OS.
Before you begin
Right now, syslog-ng nightly...
Learn how to work with #OneIdentity Active Roles #debug logs, that is reading them using #syslog_ng Agent for #Windows and forwarding them to a central syslog-ng server for long(er) term storage.
https://www.syslog-ng.com/community/b/blog/posts/working-with-active-roles-debug-logs-in-syslog-ng
www.syslog-ng.comWorking with Active Roles debug logs in syslog-ngFrom my previous Active Roles blogs, you could learn how to forward regular Active Roles logs from Windows Event Log to a central syslog-ng server, where it parses, filters, stores and forwards the logs. In this blog, I show you how to work with Acti...
The April syslog-ng newsletter is now available on-line:
- Testing #Elasticsearch 9.0.0 beta1 with #syslog_ng
- Working with parsed #OneIdentity Active Roles logs in syslog-ng
- Running syslog-ng PE in #RHEL UBI
You can read it at: https://www.syslog-ng.com/community/b/blog/posts/the-syslog-ng-insider-2025-04-elasticsearch-beta-active-roles-rhel-ubi
#LogManagement
www.syslog-ng.comThe syslog-ng Insider 2025-04: Elasticsearch beta; Active Roles; RHEL UBIDear syslog-ng users,
This is the 130th issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news.
NEWS
Testing Elasticsearch 9.0.0 beta1 with syslog-ng
Each time a new major Elasticsearch version is released, someone ...
Which #logging system do you prefer for managing logs in #Kubernetes?
Recently we enabled nightly #syslog_ng builds and #container builds for #arm64. It means that from now on, you can run the latest syslog-ng on 64bit #ARM platforms.
www.syslog-ng.comNightly arm64 syslog-ng container builds are now availableRecently we enabled nightly syslog-ng builds and container builds for arm64. It means that from now on, you can run the latest syslog-ng on 64bit ARM platforms.
Before you begin
For this test, I used a Raspberry Pi 3 running the latest Raspberry Pi O...
In my previous #OneIdentity Active Roles blog, you learned how to forward #Active #Roles logs to a central #syslog_ng server to parse and store the logs. In this blog, I’ll show you how to:
- Work with parsed Active Roles logs.
- Store #logs to various document stores.
- Prepare long-term storage.
- Send #alerts for some critical events.
https://www.syslog-ng.com/community/b/blog/posts/working-with-parsed-active-roles-logs-in-syslog-ng
Even if this blog about commercial software, the name-value pairs concept is the same in the #opensource syslog-ng.
www.syslog-ng.comWorking with parsed Active Roles logs in syslog-ngIn my previous Active Roles blog, you learned how to forward Active Roles logs to a central syslog-ng server to parse and store the logs. In this blog, I’ll show you how to:
- Work with parsed Active Roles logs.
- Store logs to various document...
#syslog_ng 4.8.1 is now available in #EPEL 10, so you do not have to use the testing repository anymore. Thanks everyone for the feedback!
However, support for #Elasticsearch 7+ is broken in this release. Learn how to fix this problem!
https://www.syslog-ng.com/community/b/blog/posts/syslog-ng-ose-4-8-1-is-now-in-epel-10-quick-fix-for-elasticsearch
#LogManagement
www.syslog-ng.comsyslog-ng OSE 4.8.1 is now in EPEL 10, quick fix for ElasticsearchThis blog is just a quick announcement that syslog-ng 4.8.1 is now available in EPEL 10, so you do not have to use the testing repository anymore. Thanks everyone for the feedback!
However, support for Elasticsearch 7+ is broken in this release, as s...
Last December, I added support for #EPEL 10 in my unofficial #syslog_ng Git snapshot repository. This week, I call for #testing the official syslog-ng EPEL 10 package.
https://www.syslog-ng.com/community/b/blog/posts/syslog-ng-is-coming-to-epel-10
www.syslog-ng.comSyslog-ng is coming to EPEL 10Last December, I added <a href="/community/b/blog/posts/test-syslog-ng-on-epel-10">support for EPEL 10 in my unofficial syslog-ng Git snapshot repository</a>. This week, I call for testing the official syslog-ng EPEL 10 package.
Once I saw in my unofficial syslog-ng repo that syslog-ng compiles fine on EPEL 10, I...
#CentOS Stream 10 and #EPEL 10 just became available, and as usual, I tried to build #syslog_ng as soon as possible. For now it is available in my syslog-ng git snapshot repository, but I am also planning to make it available in EPEL 10 soon.
https://www.syslog-ng.com/community/b/blog/posts/test-syslog-ng-on-epel-10
www.syslog-ng.comTest syslog-ng on EPEL 10!<a href="https://www.centos.org/centos10/">CentOS Stream 10</a> and <a href="https://communityblog.fedoraproject.org/epel-10-is-now-available/">EPEL 10</a> just became available, and as usual, I tried to build syslog-ng as soon as possible. For now it is available in <a href="/community/b/blog/posts/rpm-packages-from-syslog-ng-git-head/">my git snapshot repository</a>, but I am also planning to make it available in EPEL 10 soon.
Before you begin
Fir...
Last week I introduced you to my latest project: a #syslog_ng #container based on @almalinux . This week I added a syslog-ng #Prometheus #exporter to the container, so you can also monitor syslog-ng, if you enable it.
www.syslog-ng.comSyslog-ng Prometheus exporter added to RPM syslog-ng container imageLast week I introduced you to my latest project: a syslog-ng container based on Alma Linux. This week I added a syslog-ng Prometheus exporter to the container, so you can also monitor syslog-ng, if you enable it.
Before you begin
The syslog-ng Promet...
If you already know some #syslog_ng configuration bulding blocks, but you have no idea how to build a configuration from them:
https://www.syslog-ng.com/community/b/blog/posts/developing-a-syslog-ng-configuration
This blog helps you to develop a syslog-ng configuration from the very basics to complex.
#LogManagement
www.syslog-ng.comDeveloping a syslog-ng configurationThis year I started publishing a syslog-ng tutorial series both on my blog and on YouTube: <a href="https://peter.czanik.hu/posts/syslog-ng-tutorial-toc/">https://peter.czanik.hu/posts/syslog-ng-tutorial-toc/</a> And while the series was praised as the best possible introduction to syslog-ng, viewers also mentioned t...
#syslog_ng 4.8.1 was released recently. It is primarily a #bugfix release, but some minor features also slipped in. From this blog, you can learn what changed in syslog-ng 4.8.1 and where you can get its latest stable version.
https://www.syslog-ng.com/community/b/blog/posts/version-4-8-1-of-syslog-ng-is-now-available
www.syslog-ng.comVersion 4.8.1 of syslog-ng is now availableVersion 4.8.1 was released recently. As you could guess from the version number change, it is primarily a bug fix release, but some minor features also slipped in. From this blog, you can learn what changed in syslog-ng 4.8.1 and where you can get it...
peter.czanik.hu · Syslog-ng needs some karma on FedoraVersion 4.8.1 of syslog-ng was released last week. It is a bugfix release, and it contains fixes for problems also reported by members of the Fedora community. The Fedora 41 release is near, so package updates now need some additional testing, and “karma” in Bodhi. You can find information on how to install syslog-ng 4.8.1 from a testing repo on Fedora 41 beta at https://bodhi.fedoraproject.org/updates/FEDORA-2024-4e812b8a23. This is also the place where you can provide feedback and karma.
Version 4.8.1 of syslog-ng is now available. The focus of this release was bug fixing, but there are a few minor new features also available, like #macports support and #ElasticSearch datastream support. For details check:
https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.8.1
GitHubRelease syslog-ng-4.8.1 · syslog-ng/syslog-ng4.8.1
Highlights
elasticsearch-datastream() destinations can be used to feed Elasticsearch data streams.
Example config:
elasticsearch-datastream(
url("https://elastic-endpoint:9200/my-data-str...
Our enthusiastic community helps fixing & enhancing #syslog_ng. Thanks to this, there is a new syslog-ng-devel port in #macports, where you can enable almost all syslog-ng features even for older #MacOS versions and #PowerPC hardware.
https://www.syslog-ng.com/community/b/blog/posts/huge-improvements-for-syslog-ng-in-macports
www.syslog-ng.comHuge improvements for syslog-ng in MacPortsLast week I wrote about a campaign that we started to resolve issues on GitHub. Some of the fixes are coming from our enthusiastic community. Thanks to this, there is a new syslog-ng-devel port in MacPorts, where you can enable almost all syslog-ng f...
Why it is useful to set the version number in the syslog-ng configuration? Yes, it is annoying. Yes, it can be worked around. But it is useful.
www.syslog-ng.comWhy it is useful to set the version number in the syslog-ng configurationThe syslog-ng configuration starts with a version number declaration. Up until recently, if it was missing, syslog-ng did not start. With syslog-ng 4.8, this is changing.
From this blog, you can learn why version information is useful, what workaroun...
Last time we looked at how syslog-ng can send logs to #Quickwit using its #Elasticsearch compatible API. This time we are going to look at how to use the #OpenTelemetry protocol to send logs to Quickwit with #syslog_ng.
www.syslog-ng.comSending logs to Quickwit using the OpenTelemetry destination of syslog-ngLast time we looked at how syslog-ng can send logs to Quickwit using its Elasticsearch compatible API. This time we are going to look at how to use the OpenTelemetry protocol to send logs to Quickwit with syslog-ng.
Before you begin
On the syslog-ng ...