
<div dir="ltr"><div dir="ltr"><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;color:#0b5394">Thank you for the information. What will be the best recommendation for the syslog-ng in regards to the disk space and memory. I am pushing average of 60 Gigs of logs per day.</div><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;color:#0b5394"><br></div><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;color:#0b5394">Thanks,</div><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;color:#0b5394"><br></div><input name="virtru-metadata" type="hidden" value="{"email-policy":{"state":"closed","expirationUnit":"days","disableCopyPaste":false,"disablePrint":false,"disableForwarding":false,"enableNoauth":false,"persistentProtection":false,"expandedWatermarking":false,"expires":false,"isManaged":false},"attachments":{},"compose-id":"10","compose-window":{"secure":false}}"></div><br><div class="gmail_quote" style=""><div dir="ltr" class="gmail_attr">On Mon, Jun 20, 2022 at 2:01 PM Laszlo Varady (lvarady) <<a href="mailto:Laszlo.Varady@oneidentity.com">Laszlo.Varady@oneidentity.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">


<div dir="ltr">

<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:11pt;color:rgb(0,0,0)">

Hi,</div>

<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:11pt;color:rgb(0,0,0)">

<br>

</div>

<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:11pt;color:rgb(0,0,0)">

This project might also be interesting to you as it is based on syslog-ng:<br>

</div>

<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:11pt;color:rgb(0,0,0)">

<a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__splunk.github.io_splunk-2Dconnect-2Dfor-2Dsyslog_main_&d=DwMFAw&c=0CCt47_3RbNABITTvFzZbA&r=HtvpF_Lhld9M3sO_mZdHw9Ab6uI2MVoIQAAZj4-LRs8&m=u_UlC4497IX0pTQeKVpHIOVpBsNANPikgKp4HXagk1ZEhRU2VXCZ03ojkxqO54dm&s=fyFPwNdEo8AhEHmGeROZpMu1fcTYDORjyiK3JDicg7k&e=" id="gmail-m_-9052086468689204873LPNoLPOWALinkPreview" target="_blank">https://splunk.github.io/splunk-connect-for-syslog/main/</a></div>

<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:11pt;color:rgb(0,0,0)">

<br>

</div>

<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:11pt;color:rgb(0,0,0)">

--</div>

<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:11pt;color:rgb(0,0,0)">

László Várady<br>

</div>

<div id="gmail-m_-9052086468689204873appendonsend"></div>

<hr style="display:inline-block;width:98%">

<div id="gmail-m_-9052086468689204873divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" style="font-size:11pt" color="#000000"><b>From:</b> syslog-ng <<a href="mailto:syslog-ng-bounces@lists.balabit.hu" target="_blank">syslog-ng-bounces@lists.balabit.hu</a>> on behalf of Szilárd Parrag <<a href="mailto:szilard.parrag@gmail.com" target="_blank">szilard.parrag@gmail.com</a>><br>

<b>Sent:</b> Monday, June 20, 2022 16:54<br>

<b>To:</b> Syslog-ng users' and developers' mailing list <<a href="mailto:syslog-ng@lists.balabit.hu" target="_blank">syslog-ng@lists.balabit.hu</a>><br>

<b>Subject:</b> Re: [syslog-ng] I am a novice on syslog-ng needs help.</font>

<div> </div>

</div>

<div>

<div style="background-color:rgb(255,235,156);width:100%;border-style:solid;border-color:rgb(156,101,0);border-width:1pt;padding:2pt;font-size:10pt;line-height:12pt;font-family:Calibri;color:black;text-align:left">

<span style="color:rgb(156,101,0);font-weight:bold">CAUTION:</span> This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.</div>

<br>

<div>

<div dir="auto">Hi Alex, 

<div dir="auto"><br>

</div>

<div dir="auto">There's an APT repository for Debian based systems, see: <a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__nam12.safelinks.protection.outlook.com_-3Furl-3Dhttps-253A-252F-252Fgithub.com-252Fsyslog-2Dng-252Fsyslog-2Dng-2523installation-2Dfrom-2Dbinaries-26data-3D05-257C01-257Claszlo.varady-2540balabit.com-257C02a92cad53744a78074d08da52ccc533-257C91c369b51c9e439c989c1867ec606603-257C0-257C1-257C637913336689447183-257CUnknown-257CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0-253D-257C2000-257C-257C-257C-26sdata-3Dvqwut8pLz8dj35ElPm16EyKlYtdtJQdA7yobzaiiFc0-253D-26reserved-3D0&d=DwMFAw&c=0CCt47_3RbNABITTvFzZbA&r=HtvpF_Lhld9M3sO_mZdHw9Ab6uI2MVoIQAAZj4-LRs8&m=u_UlC4497IX0pTQeKVpHIOVpBsNANPikgKp4HXagk1ZEhRU2VXCZ03ojkxqO54dm&s=qGxkqxR3TYHtxFAaU0n7bAn-9CA6TS7jRot9AhyGOt8&e=" rel="noreferrer" target="_blank">

https://github.com/syslog-ng/syslog-ng#installation-from-binaries</a></div>

<div dir="auto"><br>

</div>

<div dir="auto">After that you should check out the Administration Guide: </div>

<div dir="auto"><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__nam12.safelinks.protection.outlook.com_-3Furl-3Dhttps-253A-252F-252Fwww.syslog-2Dng.com-252Ftechnical-2Ddocuments-252Flist-252Fsyslog-2Dng-2Dopen-2Dsource-2Dedition-252F3.36-26data-3D05-257C01-257Claszlo.varady-2540balabit.com-257C02a92cad53744a78074d08da52ccc533-257C91c369b51c9e439c989c1867ec606603-257C0-257C1-257C637913336689447183-257CUnknown-257CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0-253D-257C2000-257C-257C-257C-26sdata-3DJOAVJBPl4hXxWrEsd73SYwCOM3Q4v4tn3WLOKiowSSo-253D-26reserved-3D0&d=DwMFAw&c=0CCt47_3RbNABITTvFzZbA&r=HtvpF_Lhld9M3sO_mZdHw9Ab6uI2MVoIQAAZj4-LRs8&m=u_UlC4497IX0pTQeKVpHIOVpBsNANPikgKp4HXagk1ZEhRU2VXCZ03ojkxqO54dm&s=7VpbuTtia0ddCbiUs61VJl1nduu7X10C4zYcNVPx1EA&e=" rel="noreferrer" target="_blank">https://www.syslog-ng.com/technical-documents/list/syslog-ng-open-source-edition/3.36</a> <br>

</div>

<div dir="auto"><br>

</div>

<div dir="auto">Peter Czanik's syslog-ng blog contains small step-by-step tutorials, for example Splunk HEC: </div>

<div dir="auto"><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__nam12.safelinks.protection.outlook.com_-3Furl-3Dhttps-253A-252F-252Fwww.syslog-2Dng.com-252Fcommunity-252Fb-252Fblog-252Fposts-252Fsplunk-2Dhec-2Dsending-2Dlogs-2Dusing-2Dprogram-2Ddestination-2Dsyslog-2Dng-26data-3D05-257C01-257Claszlo.varady-2540balabit.com-257C02a92cad53744a78074d08da52ccc533-257C91c369b51c9e439c989c1867ec606603-257C0-257C1-257C637913336689447183-257CUnknown-257CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0-253D-257C2000-257C-257C-257C-26sdata-3D7K38mXUF7tjaCauaRvFHF2i9PaYh6ww6fsxRVeFFd0M-253D-26reserved-3D0&d=DwMFAw&c=0CCt47_3RbNABITTvFzZbA&r=HtvpF_Lhld9M3sO_mZdHw9Ab6uI2MVoIQAAZj4-LRs8&m=u_UlC4497IX0pTQeKVpHIOVpBsNANPikgKp4HXagk1ZEhRU2VXCZ03ojkxqO54dm&s=Rm_x-n_2Dx6Zl9MuCb_UCRbQfCZVivtjcw8v0u5PGLc&e=" target="_blank">https://www.syslog-ng.com/community/b/blog/posts/splunk-hec-sending-logs-using-program-destination-syslog-ng</a></div>

<div dir="auto"><br>

</div>

<div dir="auto">I hope this can you get started.</div>

<div dir="auto"><br>

</div>

<div dir="auto">Cheers, </div>

<div dir="auto">Szilard</div>

<div dir="auto"><br>

</div>

<br>

<br>

<div dir="auto">

<div dir="ltr">On Mon, 20 Jun 2022, 16:26 Alexandre Adao, <<a href="mailto:Alexandre.Adao@morgan.edu" rel="noreferrer" target="_blank">Alexandre.Adao@morgan.edu</a>> wrote:<br>

</div>

<blockquote style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">

<div dir="ltr">

<div style="font-family:verdana,sans-serif;font-size:small;color:rgb(11,83,148)">

Hello,</div>

<div style="font-family:verdana,sans-serif;font-size:small;color:rgb(11,83,148)">

<br>

</div>

<div style="font-family:verdana,sans-serif;font-size:small;color:rgb(11,83,148)">

I am a novice on syslog-ng. I need some assistance on installing syslog-ng and looking for a good recommendation on step-by-step instructions for Ubuntu (prefered OS) or Windows environment. I googled it but I  My goal is to send the logs to splunk.</div>

<div style="font-family:verdana,sans-serif;font-size:small;color:rgb(11,83,148)">

Any help would be appreciated.</div>

<div><br>

</div>

<div style="font-family:verdana,sans-serif;font-size:small;color:rgb(11,83,148)">

Thanks,</div>

<div style="font-family:verdana,sans-serif;font-size:small;color:rgb(11,83,148)">

--Alex </div>

<br>

<input name="x_virtru-metadata" type="hidden"></div>

______________________________________________________________________________<br>

Member info: <a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__nam12.safelinks.protection.outlook.com_-3Furl-3Dhttps-253A-252F-252Flists.balabit.hu-252Fmailman-252Flistinfo-252Fsyslog-2Dng-26data-3D05-257C01-257Claszlo.varady-2540balabit.com-257C02a92cad53744a78074d08da52ccc533-257C91c369b51c9e439c989c1867ec606603-257C0-257C1-257C637913336689447183-257CUnknown-257CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0-253D-257C2000-257C-257C-257C-26sdata-3DZP60iojHLTqCy7JeP0wXdbsZcctICpdiUxYDvp5xDqk-253D-26reserved-3D0&d=DwMFAw&c=0CCt47_3RbNABITTvFzZbA&r=HtvpF_Lhld9M3sO_mZdHw9Ab6uI2MVoIQAAZj4-LRs8&m=u_UlC4497IX0pTQeKVpHIOVpBsNANPikgKp4HXagk1ZEhRU2VXCZ03ojkxqO54dm&s=jvCS07b-ssaQVYZ2HU4H6Rg2M8sp9rL778BvUesZ98I&e=" rel="noreferrer noreferrer noreferrer" target="_blank">

https://lists.balabit.hu/mailman/listinfo/syslog-ng</a><br>

Documentation: <a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__nam12.safelinks.protection.outlook.com_-3Furl-3Dhttp-253A-252F-252Fwww.balabit.com-252Fsupport-252Fdocumentation-252F-253Fproduct-253Dsyslog-2Dng-26data-3D05-257C01-257Claszlo.varady-2540balabit.com-257C02a92cad53744a78074d08da52ccc533-257C91c369b51c9e439c989c1867ec606603-257C0-257C1-257C637913336689447183-257CUnknown-257CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0-253D-257C2000-257C-257C-257C-26sdata-3Db5wRjzd3DwUfYGmOSlWUWdwavCqTaqyRDMhBQI0IIEQ-253D-26reserved-3D0&d=DwMFAw&c=0CCt47_3RbNABITTvFzZbA&r=HtvpF_Lhld9M3sO_mZdHw9Ab6uI2MVoIQAAZj4-LRs8&m=u_UlC4497IX0pTQeKVpHIOVpBsNANPikgKp4HXagk1ZEhRU2VXCZ03ojkxqO54dm&s=cC4QQCICZOSvZF2toJLiyouPSBCjjzCZBnXjSmSNhcY&e=" rel="noreferrer noreferrer noreferrer" target="_blank">

http://www.balabit.com/support/documentation/?product=syslog-ng</a><br>

FAQ: <a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__nam12.safelinks.protection.outlook.com_-3Furl-3Dhttp-253A-252F-252Fwww.balabit.com-252Fwiki-252Fsyslog-2Dng-2Dfaq-26data-3D05-257C01-257Claszlo.varady-2540balabit.com-257C02a92cad53744a78074d08da52ccc533-257C91c369b51c9e439c989c1867ec606603-257C0-257C1-257C637913336689447183-257CUnknown-257CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0-253D-257C2000-257C-257C-257C-26sdata-3DEET1zYVNlNp796MuI1VCynCAI-252ByznYJ9hZDc0p2m3r8-253D-26reserved-3D0&d=DwMFAw&c=0CCt47_3RbNABITTvFzZbA&r=HtvpF_Lhld9M3sO_mZdHw9Ab6uI2MVoIQAAZj4-LRs8&m=u_UlC4497IX0pTQeKVpHIOVpBsNANPikgKp4HXagk1ZEhRU2VXCZ03ojkxqO54dm&s=nOiu1h2VolZ2wlE2c881Dyu6woXx7lbwDFv0H4h6MBA&e=" rel="noreferrer noreferrer noreferrer" target="_blank">

http://www.balabit.com/wiki/syslog-ng-faq</a><br>

<br>

</blockquote>

</div>

</div>

</div>

</div>

</div>


</blockquote></div><br clear="all"><div><br></div><br></div>