<div dir="ltr"><pre>Hi,<br><br>Originally I responsed to a digest message so you might did not get it.<br><br>You can make a copy of elasticsearch-http SCL like elasticsearch-http2 and
adjust the http() block's body part to use create, instead of index.
- body("$(format-json --scope none --omit-empty-values index._index=`index`
index._type=`type` index._id=`custom_id`)\n`template`")
+ body("$(format-json --scope none --omit-empty-values
create._index=`index` index._type=`type`
index._id=`custom_id`)\n`template`")
<a href="https://github.com/syslog-ng/syslog-ng/blob/master/scl/elasticsearch/elastic-http.conf">https://github.com/syslog-ng/syslog-ng/blob/master/scl/elasticsearch/elastic-http.conf</a>
Although this will make it work with data streams you will still have to
take care of everything else just as with now called legacy indexes
(templates, mapping).
Data streams on Kibana are quite new (7.0.9 or 7.10 maybe). It is still in
flux.
ILM is mostly used for cases when you want to replace indexes according to
storage tiers in multi node clusters (warm, hot, cold node) or want to have
delete indexes older than a specified time.
If you just need a separate index for example every month, then use the
data macros in the elasticsearch-http destination when you specify the
index name.
/ Warning
I do not work for Elastic, these are my personal experiences.
ILM highly depends on things like rollover alias, which is set by the index
template - created by beats in advance - whenever a new index is created.
And it is versioned.
Elasticsearch - the vendor - puts a lot of effort into making beats +
Elasticsearch nodes themselves to work together.
However they always change something upon upgrades which requires great
effort to accomodate in syslog-ng.
If you use syslog-ng with Elasticsearch, I highly recommend to go full
manually with everything, maybe add enrichments with Logstash.
You should not mix things used by beats with syslog-ng (templates, mapping,
ILM, pipelines, dashboards, etc).
/
If you need some maintained examples, have a look at my configs.:
<a href="https://github.com/abalage/balagetech-openwrt-syslog-ng-elasticsearch/blob/master/elasticsearch/template-network.json">https://github.com/abalage/balagetech-openwrt-syslog-ng-elasticsearch/blob/master/elasticsearch/template-network.json</a>
Regards,
Balázs</pre><div class="gmail_quote"><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><br>---------- Forwarded message ----------<br>From: Russell Fulton <<a href="mailto:r.fulton@auckland.ac.nz" target="_blank">r.fulton@auckland.ac.nz</a>><br>To: "Syslog-ng users' and developers' mailing list" <<a href="mailto:syslog-ng@lists.balabit.hu" target="_blank">syslog-ng@lists.balabit.hu</a>><br>Cc: <br>Bcc: <br>Date: Sat, 19 Dec 2020 21:47:12 +0000<br>Subject: Re: [syslog-ng] elasticsearch and ILM<br>
<div style="overflow-wrap: break-word;">
Russell wishes to delete this post :)
<div><br>
</div>
<div>Russell did what he should have done before posting! He ran tcpdump and found the error response from ES!</div>
<div><br>
</div>
<div>Apologies for the noise. The original question is still open!<br>
<div><br>
<blockquote type="cite">
<div>On 20/12/2020, at 10:38 AM, Russell Fulton <<a href="mailto:r.fulton@auckland.ac.nz" target="_blank">r.fulton@auckland.ac.nz</a>> wrote:</div>
<br>
<div>
<div style="overflow-wrap: break-word;">
<span style="color:rgb(255,0,0)">Caution - Forged Internal Domain!<br>
This e-mail cannot be validated and may not have been sent by the sender shown in the 'From' field.<br>
If you were not expecting to receive this e-mail we recommend you contact the sender to confirm that they sent it.<br>
If you believe this email was legitimately sent, we suggest the sender notify the Staff Service Centre that it has been received as a forged (fake) e-mail.<br>
Please contact the Staff Service Centre on extension 86000 if you require further assistance.<br>
</span><br>
<br>
<div><br>
<blockquote type="cite">
<div>On 19/12/2020, at 2:40 PM, Russell Fulton <<a href="mailto:r.fulton@auckland.ac.nz" target="_blank">r.fulton@auckland.ac.nz</a>> wrote:</div>
<div>
<div><br>
I have been using the elasticsearch_http driver to push stuff into ES for well over a year. Now I am trying to use the Index Lifecycle Management (ILM) to manage these indexes and finding it very confusing. There seem to be holes in the ES docs and help on
their forum is a bit erratic. <br>
<br>
The most confusing thing is the “rollover index alias” and I have yet to find a coherent explanation of exactly what it does and how to set it. Most of the documentation seems to assume you are using filebeat, logstash or datastreams.<br>
<br>
So far as I can see you syslog-ng can not write to datastreams as you need to use “create” rather than “index”.
<br>
<br>
If anyone has a working set up that they are happy to share it would be wonderful.<br>
<br>
Russell<br>
</div>
</div>
</blockquote>
<br>
</div>
<div>This is getting weirder !</div>
<div><br>
</div>
<div>ES is now failing to create my new index at all in spite of the destination definition being practically identical to one that works:</div>
<div><br>
</div>
<div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(45,150,30)">
<span style="font-variant-ligatures:no-common-ligatures">destination d_auth_elastic</span><span style="font-variant-ligatures:no-common-ligatures"> {</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(193,101,28)">
<span style="font-variant-ligatures:no-common-ligatures"> </span><span style="font-variant-ligatures:no-common-ligatures">elasticsearch_http(</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(157,32,111)">
<span style="font-variant-ligatures:no-common-ligatures"> index(</span><span style="font-variant-ligatures:no-common-ligatures">"auth_${YEAR}.${MONTH}.${DAY}"</span><span style="font-variant-ligatures:no-common-ligatures">)</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo">
<span style="font-variant-ligatures:no-common-ligatures"> type(</span><span style="font-variant-ligatures:no-common-ligatures;color:rgb(157,32,111)">"_doc"</span><span style="font-variant-ligatures:no-common-ligatures">)</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo">
<span style="font-variant-ligatures:no-common-ligatures"> persist-name(</span><span style="font-variant-ligatures:no-common-ligatures;color:rgb(157,32,111)">"auth"</span><span style="font-variant-ligatures:no-common-ligatures">)</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(157,32,111)">
<span style="font-variant-ligatures:no-common-ligatures"> template(</span><span style="font-variant-ligatures:no-common-ligatures">"$(format-json --scope nv-pairs --exclude HOST_FROM
</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(157,32,111)">
<span style="font-variant-ligatures:no-common-ligatures"> --exclude HOST </span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(157,32,111)">
<span style="font-variant-ligatures:no-common-ligatures"> --exclude srcip* </span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(157,32,111)">
<span style="font-variant-ligatures:no-common-ligatures"> --exclude SOURCE </span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(157,32,111)">
<span style="font-variant-ligatures:no-common-ligatures"> --exclude PROGRAM </span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(157,32,111)">
<span style="font-variant-ligatures:no-common-ligatures"> --exclude 0 </span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(157,32,111)">
<span style="font-variant-ligatures:no-common-ligatures"> --exclude 1 </span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(157,32,111)">
<span style="font-variant-ligatures:no-common-ligatures"> --exclude PID </span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(157,32,111)">
<span style="font-variant-ligatures:no-common-ligatures"> --exclude LEGACY_MSGHDR </span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(157,32,111)">
<span style="font-variant-ligatures:no-common-ligatures"> --key ISODATE)\n"</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo">
<span style="font-variant-ligatures:no-common-ligatures"> </span>
<span style="font-variant-ligatures:no-common-ligatures;color:rgb(193,101,28)">)</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;min-height:13px">
<span style="font-variant-ligatures:no-common-ligatures"></span><br>
</div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(157,32,111)">
<span style="font-variant-ligatures:no-common-ligatures"> url(</span><span style="font-variant-ligatures:no-common-ligatures">"<a href="http://secesprd01.its.auckland.ac.nz:9200/_bulk" target="_blank">http://secesprd01.its.auckland.ac.nz:9200/_bulk</a>"</span><span style="font-variant-ligatures:no-common-ligatures">)</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo">
<span style="font-variant-ligatures:no-common-ligatures"> </span><span style="font-variant-ligatures:no-common-ligatures;color:rgb(193,101,28)">);</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(193,101,28)">
<span style="font-variant-ligatures:no-common-ligatures">};</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;min-height:13px">
<span style="font-variant-ligatures:no-common-ligatures"></span><br>
</div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(45,150,30)">
<span style="font-variant-ligatures:no-common-ligatures">destination d_authm_elastic</span><span style="font-variant-ligatures:no-common-ligatures"> {</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(193,101,28)">
<span style="font-variant-ligatures:no-common-ligatures"> </span><span style="font-variant-ligatures:no-common-ligatures">elasticsearch_http(</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(157,32,111)">
<span style="font-variant-ligatures:no-common-ligatures"> index(</span><span style="font-variant-ligatures:no-common-ligatures">"auth-000001"</span><span style="font-variant-ligatures:no-common-ligatures">)</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo">
<span style="font-variant-ligatures:no-common-ligatures"> type(</span><span style="font-variant-ligatures:no-common-ligatures;color:rgb(157,32,111)">""</span><span style="font-variant-ligatures:no-common-ligatures">)</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(157,32,111)">
<span style="font-variant-ligatures:no-common-ligatures"> template(</span><span style="font-variant-ligatures:no-common-ligatures">"$(format-json --scope nv-pairs --exclude HOST_FROM
</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(157,32,111)">
<span style="font-variant-ligatures:no-common-ligatures"> --exclude HOST </span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(157,32,111)">
<span style="font-variant-ligatures:no-common-ligatures"> --exclude srcip* </span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(157,32,111)">
<span style="font-variant-ligatures:no-common-ligatures"> --exclude SOURCE </span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(157,32,111)">
<span style="font-variant-ligatures:no-common-ligatures"> --exclude PROGRAM </span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(157,32,111)">
<span style="font-variant-ligatures:no-common-ligatures"> --exclude 0 </span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(157,32,111)">
<span style="font-variant-ligatures:no-common-ligatures"> --exclude 1 </span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(157,32,111)">
<span style="font-variant-ligatures:no-common-ligatures"> --exclude PID </span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(157,32,111)">
<span style="font-variant-ligatures:no-common-ligatures"> --exclude LEGACY_MSGHDR )\n"</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo">
<span style="font-variant-ligatures:no-common-ligatures"> </span>
<span style="font-variant-ligatures:no-common-ligatures;color:rgb(193,101,28)">)</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;min-height:13px">
<span style="font-variant-ligatures:no-common-ligatures"></span><br>
</div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(157,32,111)">
<span style="font-variant-ligatures:no-common-ligatures"> url(</span><span style="font-variant-ligatures:no-common-ligatures">"<a href="http://secesprd01.its.auckland.ac.nz:9200/_bulk" target="_blank">http://secesprd01.its.auckland.ac.nz:9200/_bulk</a>"</span><span style="font-variant-ligatures:no-common-ligatures">)</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo">
<span style="font-variant-ligatures:no-common-ligatures"> </span><span style="font-variant-ligatures:no-common-ligatures;color:rgb(193,101,28)">);</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(193,101,28)">
<span style="font-variant-ligatures:no-common-ligatures">};</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;min-height:13px">
<span style="font-variant-ligatures:no-common-ligatures"></span><br>
</div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;min-height:13px">
<span style="font-variant-ligatures:no-common-ligatures"></span><br>
</div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;min-height:13px">
<span style="font-variant-ligatures:no-common-ligatures"></span><br>
</div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(45,150,30)">
<span style="font-variant-ligatures:no-common-ligatures">log</span><span style="font-variant-ligatures:no-common-ligatures"> {</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo">
<span style="font-variant-ligatures:no-common-ligatures"> </span><span style="font-variant-ligatures:no-common-ligatures;color:rgb(193,101,28)">source(</span><span style="font-variant-ligatures:no-common-ligatures"> s_loghost );</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo">
<span style="font-variant-ligatures:no-common-ligatures"> </span><span style="font-variant-ligatures:no-common-ligatures;color:rgb(193,101,28)">parser(</span><span style="font-variant-ligatures:no-common-ligatures"> p_patterns );</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo">
<span style="font-variant-ligatures:no-common-ligatures"> </span><span style="font-variant-ligatures:no-common-ligatures;color:rgb(193,101,28)">filter(</span><span style="font-variant-ligatures:no-common-ligatures"> f_classified );</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo">
<span style="font-variant-ligatures:no-common-ligatures"> </span><span style="font-variant-ligatures:no-common-ligatures;color:rgb(193,101,28)">filter(</span><span style="font-variant-ligatures:no-common-ligatures"> f_ping999 );</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo">
<span style="font-variant-ligatures:no-common-ligatures"> </span><span style="font-variant-ligatures:no-common-ligatures;color:rgb(193,101,28)">filter(</span><span style="font-variant-ligatures:no-common-ligatures"> f_forti_stats
);</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo">
<span style="font-variant-ligatures:no-common-ligatures"> </span><span style="font-variant-ligatures:no-common-ligatures;color:rgb(193,101,28)">rewrite(</span><span style="font-variant-ligatures:no-common-ligatures"> r_user1 );</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo">
<span style="font-variant-ligatures:no-common-ligatures"> </span><span style="font-variant-ligatures:no-common-ligatures;color:rgb(193,101,28)">rewrite(</span><span style="font-variant-ligatures:no-common-ligatures"> r_user2 );</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo">
<span style="font-variant-ligatures:no-common-ligatures"> </span><span style="font-variant-ligatures:no-common-ligatures;color:rgb(193,101,28)">rewrite(</span><span style="font-variant-ligatures:no-common-ligatures"> r_srcip );</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo">
<span style="font-variant-ligatures:no-common-ligatures"> </span><span style="font-variant-ligatures:no-common-ligatures;color:rgb(193,101,28)">parser(</span><span style="font-variant-ligatures:no-common-ligatures"> p_srcip );</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo">
<span style="font-variant-ligatures:no-common-ligatures"> </span><span style="font-variant-ligatures:no-common-ligatures;color:rgb(193,101,28)">rewrite(</span><span style="font-variant-ligatures:no-common-ligatures"> r_srcip_country
);</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo">
<span style="font-variant-ligatures:no-common-ligatures"> </span><span style="font-variant-ligatures:no-common-ligatures;color:rgb(193,101,28)">rewrite(</span><span style="font-variant-ligatures:no-common-ligatures"> r_srcip_city);</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo">
<span style="font-variant-ligatures:no-common-ligatures"> </span><span style="font-variant-ligatures:no-common-ligatures;color:rgb(193,101,28)">rewrite(</span><span style="font-variant-ligatures:no-common-ligatures"> r_src_loc);</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo">
<span style="font-variant-ligatures:no-common-ligatures"> </span><span style="font-variant-ligatures:no-common-ligatures;color:rgb(193,101,28)">rewrite(</span><span style="font-variant-ligatures:no-common-ligatures"> r_ISODATE );</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo">
<span style="font-variant-ligatures:no-common-ligatures"> </span><span style="font-variant-ligatures:no-common-ligatures;color:rgb(193,101,28)">destination(</span><span style="font-variant-ligatures:no-common-ligatures"> d_auth_elastic
);</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo">
<span style="font-variant-ligatures:no-common-ligatures"> </span><span style="font-variant-ligatures:no-common-ligatures;color:rgb(193,101,28)">destination(</span><span style="font-variant-ligatures:no-common-ligatures"> d_authm_elastic);</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo">
<span style="font-variant-ligatures:no-common-ligatures"> </span><span style="font-variant-ligatures:no-common-ligatures;color:rgb(193,101,28)">flags(</span><span style="font-variant-ligatures:no-common-ligatures"> flow-control);</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(193,101,28)">
<span style="font-variant-ligatures:no-common-ligatures">};</span></div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;min-height:13px">
<span style="font-variant-ligatures:no-common-ligatures"></span><br>
</div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;min-height:13px">
<span style="font-family:Menlo">d_auth_elastic </span>works fine but <span style="font-family:Menlo">d_authm_elastic
</span>never gets created. No errors on the ES end.</div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;min-height:13px">
<br>
</div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;min-height:13px">
Anyone have any clues as to what is going on?</div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;min-height:13px">
<br>
</div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;min-height:13px">
I am at the point of starting tcpdump and looking at what is going over the network.</div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;min-height:13px">
<br>
</div>
<div style="margin:0px;font-stretch:normal;font-size:11px;line-height:normal;min-height:13px">
</div>
</div>
<br>
</div>
______________________________________________________________________________<br>
Member info: <a href="https://lists.balabit.hu/mailman/listinfo/syslog-ng" target="_blank">
https://lists.balabit.hu/mailman/listinfo/syslog-ng</a><br>
Documentation: <a href="http://www.balabit.com/support/documentation/?product=syslog-ng" target="_blank">
http://www.balabit.com/support/documentation/?product=syslog-ng</a><br>
FAQ: <a href="http://www.balabit.com/wiki/syslog-ng-faq" target="_blank">http://www.balabit.com/wiki/syslog-ng-faq</a><br>
<br>
</div>
</blockquote>
</div>
<br>
</div>
</div>
_______________________________________________<br>
syslog-ng maillist - <a href="mailto:syslog-ng@lists.balabit.hu" target="_blank">syslog-ng@lists.balabit.hu</a><br>
<a href="https://lists.balabit.hu/mailman/listinfo/syslog-ng" rel="noreferrer" target="_blank">https://lists.balabit.hu/mailman/listinfo/syslog-ng</a><br>
</blockquote></div></div>