[syslog-ng] insider 2014-09: 3.6 beta; eCSI; DevOps; anonymization; GSoC;

Czanik, Péter peter.czanik at balabit.com
Fri Sep 19 08:46:10 CEST 2014

Dear syslog-ng users,

This is the 37th issue of the syslog-ng Insider, a monthly newsletter
that brings you syslog-ng related news.


Beta testing of syslog-ng 3.6 started


Beta testing period of syslog-ng 3.6 started two weeks ago with a
beta1 release. It was quickly followed by a beta2 release, fixing
mostly portability. Some of the new features are coming from the
syslog-ng incubator, like Riemann support or the graphite template
function. The journal source and many enhancements to existing
features are coming from the syslog-ng PE team. Also, the @cim prefix
can be used as a local "rich" log transport on /dev/log, and messages
will be parsed by the JSON parser if available.

Beta2 is already available in the FreeBSD ports in
sysutils/syslog-ng-devel. For RPM distributions, check

BalaBit syslog-ng team takes over the syslog-ng OSE development


algernon, the full-time syslog-ng OSE developer at BalaBit decided to
look for new challenges.

First of all, thank you very much for all your hard work, bugfixes
nifty new features, and everything else you did for syslog-ng OSE! We
all wish you the best, and hope you'll have a great time outside
BalaBit as well :)

To keep the development, maintenance, and releases of syslog-ng OSE on
track, the developer team of syslog-ng Premium Edition will take over
the tasks related to syslog-ng OSE: they will manage bugfixes,
patches, pull requests, and also the general development of syslog-ng
OSE. Naturally, this does not affect the current or future openness of
syslog-ng OSE in any way: Your contribution is as welcome as ever.

For more details about this change, see algernon's blog post at

eCSI training


BalaBit provides now a free training, which provides a fresh insight
on logmanagement. The first level introduces the listener to
compliance, planning an infrastructure and logs in forensics
situations. Once your knowledge is tested, you can go to the next
level and learn about IT security and eCSI:

syslog-ng, riemann, collectd-notifications, elasticsearch


How to build an event-based infrastructure to push structured messages
to different subsystems for alerting, reporting and storage. Using
syslog-ng, each message is normalized into a structured event,
optionally correlated with other messages, and conditionally routed to
systems. Read more at:


Data Privacy, Anonymization and Log Data


Strong data privacy laws are arriving slowly but surely in Europe,
which also affects logging. Raw data contains too much information, on
the other hand anonymized data does not have enough information to
handle a security incident. Read about a possible solution and how
syslog-ng can help at

Google Summer of Code: success


Google Summer of Code ended a few weeks ago. All of our students
successfully completed their projects. We would like to thank for the
hard work of students and their mentors, and Google for the

You can read more about the completed projects at


syslog-ng OSE 3.6 beta2:

syslog-ng PE 5LTS (5.0.6a):

Your feedback and news tips about the next issue is welcome at
documentation at balabit.com To read this newsletter on-line, visit:

Peter Czanik (CzP) <peter.czanik at balabit.com>
BalaBit IT Security / syslog-ng upstream

More information about the syslog-ng mailing list