[syslog-ng] Insider 2016-12: latest RPMs; heat maps; Elasticsearch 5;

Fri Dec 16 10:11:15 UTC 2016

Dear syslog-ng users,

This is the 53rd issue of syslog-ng Insider, a monthly newsletter that
brings you syslog-ng-related news.

NEWS

Why and how to install the latest syslog-ng RPMs
------------------------------------------------

The syslog-ng application is included in all major Linux
distributions. Learn why it is still worth using unofficial
repositories providing the latest version of syslog-ng. This blog
provides instructions for RPM distributions, like RHEL or SUSE:
https://www.balabit.com/blog/installing-latest-syslog-ng-on-rhel-and-other-rpm-distributions/

Creating heat maps using syslog-ng and Kibana
---------------------------------------------

Using the key=value parser of syslog-ng you can easily extract IP
addresses from different firewall log messages. The GeoIP parser can
add the geolocation belonging to the IP address and Kibana can display
the results on a map. Learn how to do this from
https://www.balabit.com/blog/installing-latest-syslog-ng-on-rhel-and-other-rpm-distributions/

Getting started with Elasticsearch 5
------------------------------------

For the last six months, Elastic’s communication centered around the
upcoming Elastic Stack 5.0. And finally it is here: tons of new
features, improved performance and a single version number for all
Elastic products. Compatibility with syslog-ng was checked already
during the alpha phase of development, as syslog-ng is becoming
popular among Elasticsearch users: it can greatly simplify logging to
Elasticsearch.

As Elastic Stack 5.0 is now generally available, here is a quick
how-to guide to get you started with syslog-ng 3.8.1 and Elasticsearch
5.0 on RHEL/CentOS 7:
https://www.balabit.com/blog/syslog-ng-and-elasticsearch-5-getting-started-on-rhelcentos/

Fedora and openSUSE now feature syslog-ng 3.8.1
-----------------------------------------------

The second half of November brought us two exciting new Linux
distribution releases: openSUSE Leap 42.2 and Fedora 25. Both of them
are based on the RPM packaging format and cover everything from
embedded through desktops to servers. While there are considerable
differences: both feature the latest syslog-ng release, version 3.8.1:
https://www.balabit.com/blog/fedora-opensuse-what-is-common-in-the-latest-releases/

NEW RELEASES

- syslog-ng PE 7.0:
https://www.balabit.com/blog/syslog-ng-premium-edition-7-released/
- SSB 4.6: https://www.balabit.com/blog/syslog-ng-store-box-goes-to-the-cloud/

Your feedback and news, or tips about the next issue are welcome at
documentation at balabit.com. To read this newsletter online, visit:
https://syslog-ng.org/

Peter Czanik (CzP) <peter.czanik at balabit.com>
Balabit / syslog-ng upstream
https://www.balabit.com/blog/author/peterczanik/
https://twitter.com/PCzanik