[syslog-ng] The syslog-ng Insider 2024-07: logging trends; multiple platforms; sudo; retired platforms
Peter Czanik (pczanik)
Peter.Czanik at oneidentity.com
Thu Jul 11 11:20:59 UTC 2024
Dear syslog-ng users,
This is the 121st issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news.
NEWS
Trends in open source logging
-----------------------------
Recently I was asked by Chas Clawson of Sumo Logic what I think about open source log management and telemetry. Needless to say, I also talked about syslog_ng, and in the end I showed a couple of simple syslog-ng configurations sending logs to Sumo Logic.
https://www.sumologic.com/blog/securing-open-source-infrastructure-log-all/
Using syslog-ng on multiple platforms
-------------------------------------
Your favorite Linux distribution is X. You test everything there. However, your colleagues use distro Y, and another team distro Z. Nightmares start here: the same commands install a different set of syslog-ng features, configuration defaults and use different object names in the default configuration. I ran into these problems while working with Gábor Samu on his HPC logging blog.
>From this blog you can learn about some of the main differences in packaging and configuration of syslog-ng in various Linux distributions and FreeBSD, and how to recognize these when configuring syslog-ng on a different platform.
https://www.syslog-ng.com/community/b/blog/posts/using-syslog-ng-on-multiple-platforms
Working with sudo’s json_compact logs in syslog-ng
--------------------------------------------------
Version 1.9.16 of sudo will feature a new option for logging: json_compact. Why is this important? This new format can easily be read and parsed by a log management software, like syslog-ng.
Note that in this blog I am showing you a sudo feature which has not yet been released officially. You have to compile sudo yourself. By all means, if you have any other application writing JSON-formatted log messages, you can apply most of what you read here with slight modifications.
https://www.syslog-ng.com/community/b/blog/posts/working-with-sudo-s-json_5f00_compact-logs-in-syslog-ng
syslog-ng OSE 4.7.1 retires some old platforms
----------------------------------------------
Version 4.7.1 of syslog-ng OSE was released recently. It brings many smaller enhancements to metrics, OpenTelemetry and other features, while it also retires support for some older platforms.
https://www.syslog-ng.com/community/b/blog/posts/syslog-ng-4-7-1-retires-some-old-platforms
WEBINARS
* You can browse recordings of past webinars at https://www.syslog-ng.com/events/
Your feedback and news, or tips about the next issue are welcome. To read this newsletter online, visit: https://syslog-ng.com/blog/
Peter Czanik (CzP) <peter.czanik at oneidentity.com>
Balabit (a OneIdentity company) / syslog-ng upstream
https://syslog-ng.com/community/
https://twitter.com/PCzanik
More information about the syslog-ng
mailing list