[syslog-ng] Insider 2020-09: Prometheus; proxy; ESK;

Peter Czanik (pczanik) Peter.Czanik at oneidentity.com
Wed Sep 9 10:03:28 UTC 2020


Dear syslog-ng users,

This is the 84th issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news.

NEWS

Using a proxy with the http() destination
-----------------------------------------
The http() destination is quickly becoming one of the most often used destinations within syslog-ng. You might already be using it even if you are not aware of it. Quite a few syslog-ng destination drivers are actually just configuration snippets in the syslog-ng configuration library (SCL), utilizing the http() destination in the background. Just think about elasticsearch-http(), different Logging as a Service (LasS) providers, or slack(). Starting with syslog-ng version 3.28.1 you can also reach these services when there is a proxy server between syslog-ng and your destination.
https://www.syslog-ng.com/community/b/blog/posts/using-a-proxy-with-the-http-destination-of-syslog-ng

Prometheus: syslog-ng exporter
------------------------------
Recently Prometheus became one of the most used open source monitoring solutions. Quite a few people asked if a syslog-ng exporter is available. It is not part of syslog-ng, but there are numerous implementations available on GitHub. Now that Prometheus is part of the openSUSE Leap 15.2 release, which is the Linux distribution running on my laptop, I gave it a try. From this blog, you can learn how to compile the syslog-ng exporter for Prometheus yourself and get it working with Prometheus.
https://www.syslog-ng.com/community/b/blog/posts/prometheus-syslog-ng-exporter

Jump-starting ESK: Elasticsearch, syslog-ng and Kibana
------------------------------------------------------
If you want to test drive syslog-ng or just want to learn something new, I recommend you checking out the BLACK ESK project. By running a single script, you can set up a containerized test environment, complete with Elasticsearch, Kibana and a syslog-ng server. All network connections among them are encrypted and the syslog-ng configuration showcases many interesting syslog-ng features, including PatternDB and JSON parsing, GeoIP, in-list filtering and the new Elasticsearch destination. Once it is installed, all you need are some logs directed at this server and a browser to reach Kibana. You can learn a lot from reading through the setup scripts and the different configuration files.
https://www.syslog-ng.com/community/b/blog/posts/jump-starting-esk-elasticsearch-syslog-ng-and-kibana

NEW RELEASES

* Version 3.29.1 released: https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-3.29.1

WEBINARS

* You can browse recordings of past webinars at https://www.syslog-ng.com/events/

Your feedback and news, or tips about the next issue are welcome. To read this newsletter online, visit: https://syslog-ng.com/blog/



Peter Czanik (CzP) <peter.czanik at oneidentity.com>
Balabit (a OneIdentity company) / syslog-ng upstream
https://syslog-ng.com/community/
https://twitter.com/PCzanik


More information about the syslog-ng mailing list