Dear syslog-ng users, This is the 118th issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news. NEWS Native MacOS source in syslog-ng -------------------------------- You know that support for MacOS is important when every third visitor at the syslog-ng booth of Red Hat Summit asks if syslog-ng works on MacOS. With the upcoming syslog-ng version 4.6.0, syslog-ng not only compiles on MacOS, but it also collects local log messages natively.

From this blog you can learn how to compile syslog-ng yourself, options of the MacOS source, and also a bit of history. https://www.syslog-ng.com/community/b/blog/posts/native-macos-source-in-sysl...

Using OpenTelemetry between syslog-ng instances ----------------------------------------------- Do you have to forward large amounts of logs between two syslog-ng instances? OTLP (OpenTelemetry protocol) support in syslog-ng can solve this problem. Just like the ewmm() destination, syslog-ng-otlp() forwards most name-value pairs, however, unlike a tcp() connection, it scales well with multiple CPU cores. Support for OpenTelemetry was added to syslog-ng a couple of releases ago. OpenTelemetry is an observability framework, mainly used in Linux / Cloud / Kubernetes environments. However, I already had users asking to make this feature available on FreeBSD. (It already worked once, but now it fails to compile again.) Version 4.6.0 added many new OTLP-related enhancements. Batching and multiple workers make OTLP connections significantly faster, while compression can save you bandwidth at the expense of some more CPU usage. This changes the syslog-ng-otlp() destination from an interesting experiment into something really useful. It enables you to send a lot more log messages between two syslog-ng instances than with a tcp() connection, while using less bandwidth. https://www.syslog-ng.com/community/b/blog/posts/using-opentelemetry-between... Collecting even more logs on MacOS using syslog-ng -------------------------------------------------- Version 4.6.0 of syslog-ng features not just a new, native log collector for MacOS, but also darwin-oslog-stream(), which can also collect non-persistent log events. Beware that it can collect many megabytes of logs even in just a few minutes! However, if you need to debug MacOS, these logs might come handy. https://www.syslog-ng.com/community/b/blog/posts/collecting-even-more-logs-o... WEBINARS * You can browse recordings of past webinars at https://www.syslog-ng.com/events/ Your feedback and news, or tips about the next issue are welcome. To read this newsletter online, visit: https://syslog-ng.com/blog/ Peter Czanik (CzP) <peter.czanik@oneidentity.com> Balabit (a OneIdentity company) / syslog-ng upstream https://syslog-ng.com/community/ https://twitter.com/PCzanik