Dear syslog-ng users, This is the 45th issue of the syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news. NEWS ESK: Elasticsearch + syslog-ng + Kibana --------------------------------------- An official Elasticsearch destination was a long awaited feature of syslog-ng. The Elasticsearch syslog-ng Kibana (ESK) stack provides high performance log collection, message parsing and filtering on the syslog-ng side and storage and analysis on the Elastic side. Read more about the benefits at https://czanik.blogs.balabit.com/2015/10/how-to-parse-data-with-syslog-ng-st... and https://czanik.blogs.balabit.com/2015/12/elasticsearch-and-syslog-ng-fast-an... The power of SCL ---------------- SCL, the syslog-ng configuration library is a lesser known feature of syslog-ng. It can provide reusable configuration blocks, which help to format messages to a specific format, hide complex configurations, This blog shows how to create a simple SCL through the example of a Loggly (logging as a service provider) destination: https://bazsi.blogs.balabit.com/2015/11/the-power-of-scl-integrating-with-lo... Kafka and syslog-ng ------------------- Kafka is a high-throughput distributed messaging system. It was originally developed by LinkedIn as the backbone of a website activity tracking infrastructure and is now used by Netflix, Spotify, Twitter and many other companies for message queuing, log aggregation and stream processing. Read more about how syslog-ng can collect messages from multiple sources and process as well as filter them before forwarding them to Kafka: https://czanik.blogs.balabit.com/2015/11/kafka-and-syslog-ng/ syslog-ng on Windows -------------------- Most Linux admins only consider Windows as a client machine and use syslog-ng Agent for Windows if they need to collect logs from Windows. The following use cases demonstrate why you would want to use syslog-ng Premium Edition server on Windows instead of the syslog-ng Agent for Windows: https://czanik.blogs.balabit.com/2015/11/syslog-ng-on-windows/ syslog-ng @ conferences ----------------------- This autumn, syslog-ng was present at many conferences. I gave presentations about syslog-ng at the annual FSF Hungary and Virtualization & DevOps day conferences (in Hungarian), and participated SUSECon, LISA and Crunch Big Data Conference as an exhibitor. Most questions I received were related to the Elasticsearch destination and also many people were interested in commercial support for syslog-ng. In January I'll present “syslog-ng: from raw data to Big Data” at the Southern California Linux Expo: https://www.socallinuxexpo.org/scale/14x/presentations/syslog-ng-raw-data-bi... See you there! NEW RELEASES syslog-ng PE 5F5: https://jluby.blogs.balabit.com/2015/11/16/syslog-ng-premium-edition-5f5-rel... syslog-ng OSE 3.7.2: https://github.com/balabit/syslog-ng/releases/tag/syslog-ng-3.7.2 Your feedback and news tips about the next issue is welcome at documentation@balabit.com To read this newsletter on-line, visit: http://insider.blogs.balabit.com/ Peter Czanik (CzP) <peter.czanik@balabit.com> Balabit / syslog-ng upstream http://czanik.blogs.balabit.com/ https://twitter.com/PCzanik