[syslog-ng] Insider 2019-12: Kibana 7 & GeoIP; PE 6 to 7 upgrade; RHEL 8; Elastic stack;

Peter Czanik (pczanik) Peter.Czanik at oneidentity.com
Thu Dec 12 11:37:23 UTC 2019 

Dear syslog-ng users,

This is the 77th issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news.

NEWS

Set up Kibana 7 for syslog-ng & GeoIP
-------------------------------------
Version 7 of the Elastic stack was released a few months ago, and brought several breaking changes that affect syslog-ng. In my previous blog post, I gave details about how it affects sending GeoIP information to Elasticsearch. From this blog post you can learn about the Kibana side, which has also changed considerably compared to previous releases. Configuration files for syslog-ng are included, but not explained in depth, as that was already done in previous posts.
https://www.syslog-ng.com/community/b/blog/posts/set-up-kibana-7-for-syslog-ng-geoip

Upgrading a syslog-ng PE 6 configuration to 7
---------------------------------------------
Upgrading syslog-ng PE 6 to 7 is no more difficult than any major version upgrade. The key here is to use the latest version of PE 7 (at least version 7.0.17), as it has the necessary compatibility fixes to make the upgrade experience smoother. From this blog, you can learn how to upgrade a simple configuration containing a wildcard file source and an RLTP source to work correctly with syslog-ng PE 7.
https://www.syslog-ng.com/community/b/blog/posts/upgrading-a-syslog-ng-pe-6-configuration-to-7

State of syslog-ng on RHEL 8 / CentOS 8
---------------------------------------
Version 8, a new major version of Red Hat Enterprise Linux was released this spring. Now that CentOS 8 is also available, there is a rapidly growing interest in syslog-ng running on these platforms. From this blog, you can learn about the availability of the current syslog-ng package and future plans.
https://www.syslog-ng.com/community/b/blog/posts/state-of-syslog-ng-on-rhel-8-centos-8

Using syslog-ng with the Elastic stack
--------------------------------------
One of the most popular destinations of syslog-ng is Elasticsearch. Any time a new language binding was introduced to syslog-ng, someone implemented an Elasticsearch destination for it. For many years, the official Elasticsearch destination for syslog-ng was implemented in Java. With the recent enhancements to the http() destination of syslog-ng, a new, native C-based implementation called the elasticsearch-http() destination is available.
https://www.syslog-ng.com/community/b/blog/posts/using-syslog-ng-with-the-elastic-stack


WEBINARS

* You can achieve 1m+ UDP messages per second ingestion challenge: https://www.syslog-ng.com/webcast-ondemand/you-can-achieve-1m-udp-messages-per-second-ingestion-challenge8141092/

* You can browse recordings of past webinars at https://www.syslog-ng.com/events/ 

Your feedback and news, or tips about the next issue are welcome. To read this newsletter online, visit: https://syslog-ng.com/blog/




Peter Czanik (CzP) <peter.czanik at oneidentity.com>
Balabit (a OneIdentity company) / syslog-ng upstream
https://syslog-ng.com/community/
https://twitter.com/PCzanik

More information about the syslog-ng mailing list