[syslog-ng] Insider 2017-02: securing Elasticsearch; Troubleshooting; FOSDEM & SCALE;

Czanik, Péter peter.czanik at balabit.com
Thu Feb 9 11:19:57 UTC 2017

Dear syslog-ng users,

This is the 55th issue of syslog-ng Insider, a monthly newsletter that
brings you syslog-ng-related news.


Securing connections to Elasticsearch


Recently, news have come out that unprotected MongoDB databases are
being actively compromised: content is copied and replaced by a
message asking for a ransom to get it back. As “The Register” reports:
Elasticsearch is next. Read our latest blog post to learn more about
how to secure your Elasticsearch cluster and avoid a ransomware:

Troubleshooting syslog-ng to syslog-ng connections


syslog-ng users often face the challenge of not being able to send
logs over the network from one syslog-ng instance to another. There
can be many reasons for this; some are independent from syslog-ng,
while others are related to the syslog-ng configuration. Here are a
few troubleshooting tips:


Load balancing HTTP connections to Elasticsearch


In addition to developing the HTTPS driver for syslog-ng, Fabien
Wernli also contributed HTTP load balancing support to the syslog-ng
Elasticsearch driver, which is also used by HTTPS support for
Elasticsearch: https://github.com/balabit/syslog-ng/pull/1319



This year Peter Czanik, community manager at Balabit, participated
with two syslog-ng presentations at the annual FOSDEM conference in
Brussels. Read about his experiences at the event:

How to send JSON log messages to RabbitMQ from syslog-ng


In this post, you can read about how to configure syslog-ng to send
logs in JSON format in the body of an AMQP message:



Balabit will participate at the Southern California Linux Expo this
year again: http://www.socallinuxexpo.org/scale/15x

You can talk to our engineers at the Balabit booth and listen to Peter
Czanik present about parsing security logs using syslog-ng in room
106: http://www.socallinuxexpo.org/scale/15x/presentations/get-most-out-your-security-logs-using-syslog-ng

Your feedback and news, or tips about the next issue are welcome at
documentation at balabit.com. To read this newsletter online, visit:

Peter Czanik (CzP) <peter.czanik at balabit.com>
Balabit / syslog-ng upstream

More information about the syslog-ng mailing list