It’s syslog-ng v3.28 from the apt repos included in Ubuntu 21.04.
When I initially set it up, I used:
sudo apt-get -y purge rsyslog && sudo apt-get -y install syslog-ng-core syslog-ng-mod-add-contextual-data
# syslog-ng -V
syslog-ng 3 (3.28.1)
Config version: 3.22
Installer-Version: 3.28.1
Revision: 3.28.1-2build3
Compile-Date: Jan 8 2021 01:08:39
Module-Directory: /usr/lib/syslog-ng/3.28
Module-Path: /usr/lib/syslog-ng/3.28
Include-Path: /usr/share/syslog-ng/include
Available-Modules: afsocket,sdjournal,appmodel,syslogformat,affile,csvparser,system-source,basicfuncs,hook-commands,tags-parser,pseudofile,disk-buffer,pacctformat,afuser,cef,json-plugin,linux-kmsg-format,confgen,afprog,timestamp,dbparser,add-contextual-data,kvformat,cryptofuncs
Enable-Debug: off
Enable-GProf: off
Enable-Memtrace: off
Enable-IPv6: on
Enable-Spoof-Source: on
Enable-TCP-Wrapper: on
Enable-Linux-Caps: on
Enable-Systemd: on
|
|||||||||||||||||||||||||
From: "Laszlo Varady (lvarady)" <Laszlo.Varady@oneidentity.com>
Date: Wednesday, January 12, 2022 at 11:53 AM
To: Syslog-ng users' and developers' mailing list <syslog-ng@lists.balabit.hu>, Clayton Dukes <cdukes@logzilla.net>
Subject: Re: [syslog-ng] destination plugin syslog-ng not found
Hi,
The syslog-ng-mod-extra package has been removed in v3.27.1, it is now basically an alias for syslog-ng-core since then.
Were you upgrading syslog-ng from a previous version when the syslog-ng() destination stopped working?
Are you using our new APT repository (https://github.com/syslog-ng/syslog-ng/#debianubuntu)?
--
László Várady
From: syslog-ng <syslog-ng-bounces@lists.balabit.hu> on behalf of Clayton Dukes <cdukes@logzilla.net>
Sent: Wednesday, January 12, 2022 17:39
To: Syslog-ng users' and developers' mailing list <syslog-ng@lists.balabit.hu>
Subject: Re: [syslog-ng] destination plugin syslog-ng not found
CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.
Interesting. I didn't work until I added syslog-ng-mod-extra
Clayton Dukes
CEO, LogZilla Corporation
<https://nam12.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.linkedin.com%2Fin%2Flzcdukes%2F&data=04%7C01%7Claszlo.varady%40oneidentity.com%7C9a8748ca984f4db8bb2b08d9d5ea211b%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637776023831224394%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Z7pT%2BAnzy3QyMBMh9tUGEb2TmY2MOx5ht5SOrXku7Ho%3D&reserved=0>
<https://nam12.safelinks.protection.outlook.com/?url=http%3A%2F%2Ftwitter.com%2Flogzilla&data=04%7C01%7Claszlo.varady%40oneidentity.com%7C9a8748ca984f4db8bb2b08d9d5ea211b%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637776023831224394%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=tB%2BHnp32pBRddP67YKud0u8vxFn44fJJtq6BSlFTBMs%3D&reserved=0>
(855) LogZilla <tel:(855)%20LogZilla>
9106.CDUKES <tel:(910)%20623-8537>
cdukes@logzilla.net <mailto:cdukes@logzilla.net>
logzilla.net <https://nam12.safelinks.protection.outlook.com/?url=http%3A%2F%2Flogzilla.net%2F&data=04%7C01%7Claszlo.varady%40oneidentity.com%7C9a8748ca984f4db8bb2b08d9d5ea211b%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637776023831224394%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=kbbk6VriGR1tZq3lveA1FC71UqcAWO42peFeyQ4fwTE%3D&reserved=0>
4819 Emperor Blvd., Suite 400, Raleigh, NC, 27703
<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcalendly.com%2Fteamneo%2Flogzilla-neo-discovery&data=04%7C01%7Claszlo.varady%40oneidentity.com%7C9a8748ca984f4db8bb2b08d9d5ea211b%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637776023831224394%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=IC4dhU0EWT3xr7xXRPxQsjjpM%2BrbkvjAZsd4sJ4yh4Q%3D&reserved=0>
Schedule a 15 minute demo <https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcalendly.com%2Fteamneo%2Flogzilla-neo-discovery&data=04%7C01%7Claszlo.varady%40oneidentity.com%7C9a8748ca984f4db8bb2b08d9d5ea211b%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637776023831224394%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=IC4dhU0EWT3xr7xXRPxQsjjpM%2BrbkvjAZsd4sJ4yh4Q%3D&reserved=0>
<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fyoutu.be%2FyGQqkXegdoo&data=04%7C01%7Claszlo.varady%40oneidentity.com%7C9a8748ca984f4db8bb2b08d9d5ea211b%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637776023831224394%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=jX7cv8EgbKKZZyBwh8e7M1Y49Xff6dS2bNI6jiBoPL0%3D&reserved=0>
LZ in 4 Minutes <https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fyoutu.be%2FyGQqkXegdoo&data=04%7C01%7Claszlo.varady%40oneidentity.com%7C9a8748ca984f4db8bb2b08d9d5ea211b%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637776023831224394%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=jX7cv8EgbKKZZyBwh8e7M1Y49Xff6dS2bNI6jiBoPL0%3D&reserved=0>
LogZilla Corporation delivers a Centralized Log Management (CLM) platform, designed for IT Operations, Security, and Risk Management leaders who want to gain better incident investigation capabilities by capturing all network and security related logs into
a single log collection platform.
On 1/12/22, 2:24 AM, "syslog-ng on behalf of Peter Kokai (pkokai)" <syslog-ng-bounces@lists.balabit.hu on behalf of Peter.Kokai@oneidentity.com> wrote:
Hello,
The syslog-ng-core should contain both syslog and syslog-ng destination plugin.
--
Kokan
________________________________________
From: syslog-ng <syslog-ng-bounces@lists.balabit.hu> on behalf of Clayton Dukes <cdukes@logzilla.net>
Sent: 12 January 2022 01:36
To: Syslog-ng users' and developers' mailing list
Subject: [syslog-ng] destination plugin syslog-ng not found
CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.
Hi All,
Which Debian/apt module do I need for the `syslog-ng` destination plugin?
# apt-cache search syslog-ng
syslog-ng - Enhanced system logging daemon (metapackage)
syslog-ng-core - Enhanced system logging daemon (core)
syslog-ng-dbg - Enhanced system logging daemon (debug symbols)
syslog-ng-dev - Enhanced system logging daemon (development files)
syslog-ng-mod-add-contextual-data - Enhanced system logging daemon (add-contextual-data plugin)
syslog-ng-mod-amqp - Enhanced system logging daemon (AMQP plugin)
syslog-ng-mod-examples - Enhanced system logging daemon (example plugins)
syslog-ng-mod-extra - Enhanced system logging daemon (extra plugins)
syslog-ng-mod-geoip2 - Enhanced system logging daemon (GeoIP2 plugin)
syslog-ng-mod-getent - Enhanced system logging daemon (getent plugin)
syslog-ng-mod-graphite - Enhanced system logging daemon (graphite plugin)
syslog-ng-mod-http - Enhanced system logging daemon (HTTP destination)
syslog-ng-mod-map-value-pairs - Enhanced system logging daemon (map-value-pairs plugin)
syslog-ng-mod-mongodb - Enhanced system logging daemon (MongoDB plugin)
syslog-ng-mod-python - Enhanced system logging daemon (Python plugin)
syslog-ng-mod-rdkafka - Enhanced system logging daemon (Kafka destination, based on librdkafka)
syslog-ng-mod-redis - Enhanced system logging daemon (Redis plugin)
syslog-ng-mod-riemann - Enhanced system logging daemon (Riemann destination)
syslog-ng-mod-slog - Enhanced system logging daemon (secure logging plugin)
syslog-ng-mod-smtp - Enhanced system logging daemon (SMTP plugin)
syslog-ng-mod-snmp - Enhanced system logging daemon (SNMP plugin)
syslog-ng-mod-sql - Enhanced system logging daemon (SQL plugin)
syslog-ng-mod-stardate - Enhanced system logging daemon (stardate plugin)
syslog-ng-mod-stomp - Enhanced system logging daemon (STOMP plugin)
syslog-ng-mod-xml-parser - Enhanced system logging daemon (xml parser plugin)
[photo]
[signature_870575490]
Clayton Dukes
CEO, LogZilla Corporation
[signature_1853374605]<https://nam12.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.linkedin.com%2Fin%2Flzcdukes%2F&data=04%7C01%7Claszlo.varady%40oneidentity.com%7C9a8748ca984f4db8bb2b08d9d5ea211b%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637776023831224394%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Z7pT%2BAnzy3QyMBMh9tUGEb2TmY2MOx5ht5SOrXku7Ho%3D&reserved=0>
[signature_1525617044]<https://nam12.safelinks.protection.outlook.com/?url=http%3A%2F%2Ftwitter.com%2Flogzilla&data=04%7C01%7Claszlo.varady%40oneidentity.com%7C9a8748ca984f4db8bb2b08d9d5ea211b%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637776023831224394%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=tB%2BHnp32pBRddP67YKud0u8vxFn44fJJtq6BSlFTBMs%3D&reserved=0>
[signature_470467322] (855) LogZilla<tel:(855)%20LogZilla>
[signature_1064870479] 9106.CDUKES<tel:(910)%20623-8537>
[signature_288996986] cdukes@logzilla.net<mailto:cdukes@logzilla.net>
[signature_2057347955] logzilla.net<https://nam12.safelinks.protection.outlook.com/?url=http%3A%2F%2Flogzilla.net%2F&data=04%7C01%7Claszlo.varady%40oneidentity.com%7C9a8748ca984f4db8bb2b08d9d5ea211b%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637776023831224394%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=kbbk6VriGR1tZq3lveA1FC71UqcAWO42peFeyQ4fwTE%3D&reserved=0>
[signature_518161642] 4819 Emperor Blvd., Suite 400, Raleigh, NC, 27703
[signature_1426204243]<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcalendly.com%2Fteamneo%2Flogzilla-neo-discovery&data=04%7C01%7Claszlo.varady%40oneidentity.com%7C9a8748ca984f4db8bb2b08d9d5ea211b%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637776023831224394%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=IC4dhU0EWT3xr7xXRPxQsjjpM%2BrbkvjAZsd4sJ4yh4Q%3D&reserved=0>
Schedule a 15 minute demo<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcalendly.com%2Fteamneo%2Flogzilla-neo-discovery&data=04%7C01%7Claszlo.varady%40oneidentity.com%7C9a8748ca984f4db8bb2b08d9d5ea211b%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637776023831224394%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=IC4dhU0EWT3xr7xXRPxQsjjpM%2BrbkvjAZsd4sJ4yh4Q%3D&reserved=0>
[signature_1135219367]<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fyoutu.be%2FyGQqkXegdoo&data=04%7C01%7Claszlo.varady%40oneidentity.com%7C9a8748ca984f4db8bb2b08d9d5ea211b%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637776023831224394%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=jX7cv8EgbKKZZyBwh8e7M1Y49Xff6dS2bNI6jiBoPL0%3D&reserved=0>
[signature_1977302009]LZ in 4 Minutes<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fyoutu.be%2FyGQqkXegdoo&data=04%7C01%7Claszlo.varady%40oneidentity.com%7C9a8748ca984f4db8bb2b08d9d5ea211b%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637776023831224394%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=jX7cv8EgbKKZZyBwh8e7M1Y49Xff6dS2bNI6jiBoPL0%3D&reserved=0>
LogZilla Corporation delivers a Centralized Log Management (CLM) platform, designed for IT Operations, Security, and Risk Management leaders who want to gain better incident investigation capabilities by capturing all network and security related logs into
a single log collection platform.
[Logo Description automatically generated]
IMPORTANT NOTICE: This e-mail message is intended to be received only by persons entitled to receive the confidential information it may contain. E-mail messages to clients of Logzilla Corporation may contain information that is confidential and legally
privileged. Please do not read, copy, forward, or store this message unless you are an intended recipient of it. If you have received this message in error, please forward it to the sender and delete it completely from your computer system.
______________________________________________________________________________
Member info:
https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.balabit.hu%2Fmailman%2Flistinfo%2Fsyslog-ng&data=04%7C01%7Claszlo.varady%40oneidentity.com%7C9a8748ca984f4db8bb2b08d9d5ea211b%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637776023831224394%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=sLS%2BclC%2BrDsJ9PDsfVLnvep%2FG0BoKV0zLyZZVQYnsV0%3D&reserved=0
Documentation:
https://nam12.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fsupport%2Fdocumentation%2F%3Fproduct%3Dsyslog-ng&data=04%7C01%7Claszlo.varady%40oneidentity.com%7C9a8748ca984f4db8bb2b08d9d5ea211b%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637776023831224394%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=VrOgXnlF%2FMihUQ0v%2FZIfuhaCiobyeZ9RduZ3O9LQkBc%3D&reserved=0
FAQ:
https://nam12.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fwiki%2Fsyslog-ng-faq&data=04%7C01%7Claszlo.varady%40oneidentity.com%7C9a8748ca984f4db8bb2b08d9d5ea211b%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637776023831224394%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=IPjMhEVFVVH%2F63GVncAllPvLqvJ%2FojLeyoJBMUAfyrA%3D&reserved=0
IMPORTANT NOTICE: This e-mail message is intended to be received only by persons entitled to receive the confidential information it may contain. E-mail messages to clients of Logzilla Corporation may contain information that is confidential and legally privileged.
Please do not read, copy, forward, or store this message unless you are an intended recipient of it. If you have received this message in error, please forward it to the sender and delete it completely from your computer system.
______________________________________________________________________________
Member info:
https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.balabit.hu%2Fmailman%2Flistinfo%2Fsyslog-ng&data=04%7C01%7Claszlo.varady%40oneidentity.com%7C9a8748ca984f4db8bb2b08d9d5ea211b%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637776023831224394%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=sLS%2BclC%2BrDsJ9PDsfVLnvep%2FG0BoKV0zLyZZVQYnsV0%3D&reserved=0
Documentation:
https://nam12.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fsupport%2Fdocumentation%2F%3Fproduct%3Dsyslog-ng&data=04%7C01%7Claszlo.varady%40oneidentity.com%7C9a8748ca984f4db8bb2b08d9d5ea211b%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637776023831224394%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=VrOgXnlF%2FMihUQ0v%2FZIfuhaCiobyeZ9RduZ3O9LQkBc%3D&reserved=0
FAQ:
https://nam12.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fwiki%2Fsyslog-ng-faq&data=04%7C01%7Claszlo.varady%40oneidentity.com%7C9a8748ca984f4db8bb2b08d9d5ea211b%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637776023831224394%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=IPjMhEVFVVH%2F63GVncAllPvLqvJ%2FojLeyoJBMUAfyrA%3D&reserved=0