Dear syslog-ng users, This is the 53rd issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news. NEWS Why and how to install the latest syslog-ng RPMs ------------------------------------------------ The syslog-ng application is included in all major Linux distributions. Learn why it is still worth using unofficial repositories providing the latest version of syslog-ng. This blog provides instructions for RPM distributions, like RHEL or SUSE: https://www.balabit.com/blog/installing-latest-syslog-ng-on-rhel-and-other-r... Creating heat maps using syslog-ng and Kibana --------------------------------------------- Using the key=value parser of syslog-ng you can easily extract IP addresses from different firewall log messages. The GeoIP parser can add the geolocation belonging to the IP address and Kibana can display the results on a map. Learn how to do this from https://www.balabit.com/blog/installing-latest-syslog-ng-on-rhel-and-other-r... Getting started with Elasticsearch 5 ------------------------------------ For the last six months, Elastic’s communication centered around the upcoming Elastic Stack 5.0. And finally it is here: tons of new features, improved performance and a single version number for all Elastic products. Compatibility with syslog-ng was checked already during the alpha phase of development, as syslog-ng is becoming popular among Elasticsearch users: it can greatly simplify logging to Elasticsearch. As Elastic Stack 5.0 is now generally available, here is a quick how-to guide to get you started with syslog-ng 3.8.1 and Elasticsearch 5.0 on RHEL/CentOS 7: https://www.balabit.com/blog/syslog-ng-and-elasticsearch-5-getting-started-o... Fedora and openSUSE now feature syslog-ng 3.8.1 ----------------------------------------------- The second half of November brought us two exciting new Linux distribution releases: openSUSE Leap 42.2 and Fedora 25. Both of them are based on the RPM packaging format and cover everything from embedded through desktops to servers. While there are considerable differences: both feature the latest syslog-ng release, version 3.8.1: https://www.balabit.com/blog/fedora-opensuse-what-is-common-in-the-latest-re... NEW RELEASES - syslog-ng PE 7.0: https://www.balabit.com/blog/syslog-ng-premium-edition-7-released/ - SSB 4.6: https://www.balabit.com/blog/syslog-ng-store-box-goes-to-the-cloud/ Your feedback and news, or tips about the next issue are welcome at documentation@balabit.com. To read this newsletter online, visit: https://syslog-ng.org/ Peter Czanik (CzP) <peter.czanik@balabit.com> Balabit / syslog-ng upstream https://www.balabit.com/blog/author/peterczanik/ https://twitter.com/PCzanik