[syslog-ng] Insider 2023-04: FreeBSD; Splunk; Deduplication;

Peter Czanik (pczanik) Peter.Czanik at oneidentity.com
Thu Apr 20 09:56:05 UTC 2023

Dear syslog-ng users,

This is the 109th issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news.


Installing a syslog-ng 4 development snapshot on FreeBSD
Unless there is a serious problem, FreeBSD ports usually contains the latest stable syslog-ng release. However, sometimes people want to compile a git snapshot to test a new feature or bugfix. To do that, one way is to generate a syslog-ng release tgz on FreeBSD and edit the syslog-ng port files yourself. However, this needs some practice. As such, an easier solution is to use my weekly development snapshots.

Getting data to Splunk
Getting data to Splunk can be challenging. Syslog is still the most important data source, and it can provide you with hard-to-solve problems (for example, like high volume, non-compliant messages, unreliable network protocol (UDP), and more). The syslog-ng Premium Edition (PE) and syslog-ng Store Box (SSB) by One Identity can make these challenges manageable.

Streaming deduplication in syslog-ng
Log volumes are growing 25% year over year, which means they are doubling every three years. Considering that SIEMs and other log processing tools are licensed based on volume, tools and mechanisms to make log storage and processing more efficient are very much sought for. Lean, how syslog-ng can help you.


* You can browse recordings of past webinars at https://www.syslog-ng.com/events/

Your feedback and news, or tips about the next issue are welcome. To read this newsletter online, visit: https://syslog-ng.com/blog/

Peter Czanik (CzP) <peter.czanik at oneidentity.com>
Balabit (a OneIdentity company) / syslog-ng upstream

More information about the syslog-ng mailing list