[syslog-ng] insider 2015-12: Elasticsearch & Kibana; SCL; Kafka; syslog-ng on Windows; conferences
Czanik, Péter
peter.czanik at balabit.com
Thu Dec 3 13:28:05 CET 2015
Dear syslog-ng users,
This is the 45th issue of the syslog-ng Insider, a monthly newsletter
that brings you syslog-ng-related news.
NEWS
ESK: Elasticsearch + syslog-ng + Kibana
---------------------------------------
An official Elasticsearch destination was a long awaited feature of
syslog-ng. The Elasticsearch syslog-ng Kibana (ESK) stack provides
high performance log collection, message parsing and filtering on the
syslog-ng side and storage and analysis on the Elastic side. Read more
about the benefits at
https://czanik.blogs.balabit.com/2015/10/how-to-parse-data-with-syslog-ng-store-in-elasticsearch-and-analyze-with-kibana/
and https://czanik.blogs.balabit.com/2015/12/elasticsearch-and-syslog-ng-fast-and-simple/
The power of SCL
----------------
SCL, the syslog-ng configuration library is a lesser known feature of
syslog-ng. It can provide reusable configuration blocks, which help to
format messages to a specific format, hide complex configurations,
This blog shows how to create a simple SCL through the example of a
Loggly (logging as a service provider) destination:
https://bazsi.blogs.balabit.com/2015/11/the-power-of-scl-integrating-with-loggly/
Kafka and syslog-ng
-------------------
Kafka is a high-throughput distributed messaging system. It was
originally developed by LinkedIn as the backbone of a website activity
tracking infrastructure and is now used by Netflix, Spotify, Twitter
and many other companies for message queuing, log aggregation and
stream processing. Read more about how syslog-ng can collect messages
from multiple sources and process as well as filter them before
forwarding them to Kafka:
https://czanik.blogs.balabit.com/2015/11/kafka-and-syslog-ng/
syslog-ng on Windows
--------------------
Most Linux admins only consider Windows as a client machine and use
syslog-ng Agent for Windows if they need to collect logs from Windows.
The following use cases demonstrate why you would want to use
syslog-ng Premium Edition server on Windows instead of the syslog-ng
Agent for Windows:
https://czanik.blogs.balabit.com/2015/11/syslog-ng-on-windows/
syslog-ng @ conferences
-----------------------
This autumn, syslog-ng was present at many conferences. I gave
presentations about syslog-ng at the annual FSF Hungary and
Virtualization & DevOps day conferences (in Hungarian), and
participated SUSECon, LISA and Crunch Big Data Conference as an
exhibitor. Most questions I received were related to the Elasticsearch
destination and also many people were interested in commercial support
for syslog-ng.
In January I'll present “syslog-ng: from raw data to Big Data” at the
Southern California Linux Expo:
https://www.socallinuxexpo.org/scale/14x/presentations/syslog-ng-raw-data-big-data
See you there!
NEW RELEASES
syslog-ng PE 5F5:
https://jluby.blogs.balabit.com/2015/11/16/syslog-ng-premium-edition-5f5-released/
syslog-ng OSE 3.7.2:
https://github.com/balabit/syslog-ng/releases/tag/syslog-ng-3.7.2
Your feedback and news tips about the next issue is welcome at
documentation at balabit.com To read this newsletter on-line, visit:
http://insider.blogs.balabit.com/
Peter Czanik (CzP) <peter.czanik at balabit.com>
Balabit / syslog-ng upstream
http://czanik.blogs.balabit.com/
https://twitter.com/PCzanik
More information about the syslog-ng
mailing list