Questions tagged [syslog-ng]

The syslog-ng application is a flexible and highly scalable system logging application that is ideal for creating centralized and trusted logging solutions.

The syslog-ng application is a flexible and highly scalable system logging application that is ideal for creating centralized and trusted logging solutions. The main features of syslog-ng are summarized below.

Reliable log transfer: The syslog-ng application enables you to send the log messages of your hosts to remote servers using the latest protocol standards. The logs of different servers can be collected and stored centrally on dedicated log servers. Transferring log messages using the TCP protocol ensures that no messages are lost.
Secure logging using TLS: Log messages may contain sensitive information that should not be accessed by third parties. Therefore, syslog-ng supports the Transport Layer Security (TLS) protocol to encrypt the communication. TLS also allows the mutual authentication of the host and the server using X.509 certificates.
Direct database access: Storing your log messages in a database allows you to easily search and query the messages and interoperate with log analyzing applications. The syslog-ng application supports the following databases: MSSQL, MySQL, Oracle, PostgreSQL, and SQLite.
Heterogeneous environments: The syslog-ng application is the ideal choice to collect logs in massively heterogeneous environments using several different operating systems and hardware platforms, including Linux, Unix, BSD, Sun Solaris, HP-UX, Tru64, and AIX.
Filter and classify: The syslog-ng application can sort the incoming log messages based on their content and various parameters like the source host, application, and priority. Directories, files, and database tables can be created dynamically using macros. Complex filtering using regular expressions and boolean operators offers almost unlimited flexibility to forward only the important log messages to the selected destinations.
Parse and rewrite: The syslog-ng application can segment log messages to named fields or columns, and also modify the values of these fields.
IPv4 and IPv6 support: The syslog-ng application can operate in both IPv4 and IPv6 network environments; it can receive and send messages to both types of networks.

195 questions

votes

1 answer

syslog-ng not flushing the pipe to external program

I have written a python script that takes log entries from syslog-ng and writes them to MongoDB (I couldn't do it with afmongodb driver because I need to do some special processing). This is how it looks like in syslog-ng.conf: destination…

asked Apr 24 '12 at 12:48

johndodo

votes

2 answers

log forwarding performance and OS bottleneck

How many logs/second can usually be handled by syslog servers? By syslog servers, I am referring to rsyslog, syslog-ng, splunk etc. The intent of the question is to find out at what logs/second rate the OS (Linux kernel >=3.0) becomes bottle-neck. …

performance logging syslog rsyslog syslog-ng

asked Jan 15 '12 at 01:12

user837208

votes

1 answer

Syslog-ng fulls disk with recursive logs

i have some problem with syslog-ng, i've configured a server wich recive logs from different remotes devices. My syslog-ng demon is configured for swap logs in a file based pipe, a different process will flush this pipe (inserting data in a mysql…

syslog-ng

asked Dec 05 '11 at 08:53

user1081157

votes

1 answer

Syslog-ng not sending to fifo when template directive is used

Ok, so i need syslog to log to a fifo with a specific template for the log in mind. So I set my destination as follows... destination d_pipe { pipe("/var/run/some_pipe.fifo"); }; This works fine and all of the logs come through nicely. However when…

syslog-ng template

asked Sep 22 '11 at 18:07

btown

votes

1 answer

Set alternate log file for iptables with syslog-ng

Does anyone know how to set an alternate logging file for iptables with syslog-ng on Ubuntu Server?

ubuntu iptables logging syslog-ng

asked Jul 02 '11 at 07:55

Flint

votes

1 answer

Filter out a facility in syslog-ng

Following are the some contents of my /etc/syslog-ng/syslog-ng.confrelated to logging in to the file debug.log source s_sys { file ("/proc/kmsg" log_prefix("kernel: ")); unix-stream ("/dev/log"); internal(); #…

linux unix logging syslog-ng

asked Apr 19 '11 at 10:12

LinuxPenseur

votes

1 answer

Time jump in syslog-ng log files

I am running my proprietary application (the name of which I would prefer not to disclose) in Linux 2.6 kernel, running on PowerPC (P2020) in an embedded environment. I am using syslog-ng to collect the logs from my application. When the system is…

linux logging syslog-ng timestamp

asked Mar 30 '11 at 05:57

LinuxPenseur

votes

1 answer

Open Source syslog-ng RPM for SLES

Can anyone point me to an Open source syslog-ng RPM package for SLES 11 (x86, 64-bit)?

syslog-ng

asked Feb 24 '11 at 12:42

Hidayath

votes

1 answer

Remote logging for multiple Apache virtual hosts using syslog-ng

I'm running a couple Apache web servers that each have 4-8 separate virtual hosts on each of them. I'm trying to setup a dedicated log server that stores each virtual host access and errors logs in a separate directory for that virtual host. For…

apache-2.2 virtualhost syslog-ng

asked Nov 19 '10 at 17:33

James

votes

1 answer

Syslog-ng log format

I am using a centralised syslog-ng loghost to collect logs and syslog-ng on some of the clients. On one particular client, running syslog-ng on Devil Linux, syslog entries are sent ( confirmed with tcpdump ) with the following format DATE…

syslog-ng

asked Sep 02 '10 at 13:05

Dean Smith

1,270
2
11
13

votes

1 answer

how do you convert this syslog-ng cfg to rsyslog?

How do I convert the following to rsyslog syntax? filter local2 { facility(local2); }; filter not_local2 { not facility(local2); }; destination server2 { tcp("server2" port(1111)); }; destination localhost { file ("/var/log/local2.log");…

syslog syslog-ng rsyslog

asked Jul 28 '10 at 02:03

user30199

votes

1 answer

Syslog-ng enable TCP framing

I'm trying to send file entries as messages via TCP, where syslog-ng is in a container and it is sending to another container. I've had two different attempts both with problematic behavior. The first configuration: @version: 3.31 source s_file { …

syslog syslog-ng

asked Mar 06 '23 at 10:28

Omri. B

votes

0 answers

How can i send the logs with syslog-ng from my pfSense to a Ubuntu Server?

I wanted to send the logs from my pfSense to a Ubuntu Server with syslog-ng. I have searched how to do this but have not found a good solution. I have tried it several times, but so far it has not worked. I hope someone can help me

pfsense syslog-ng

asked Nov 27 '22 at 19:59

MaxLP16

votes

0 answers

Promtail - syslog configuration only logs localhost for hostname and IP

I have a number of boxes that run docker containers. To keep a record of all the logs, we have 1 instance of logspout on every box that grabs all container logs on that box, and routes it to a syslog-ng instance (docker container) on a central host …

docker syslog syslog-ng grafana loki

asked Oct 11 '22 at 14:09

WorkAppropriateUsername

votes

1 answer

Traefik don't keep real ip

I have a problem with Traefik, I want to log from a server with syslog-ng (docker). I have logs but I have reverse_proxy name and I want source IP not the name of traefik. I wish to keep source IP from the host. traefik.yml : global: …

docker reverse-proxy syslog-ng traefik

asked Apr 28 '22 at 15:09

warste

Prev 1 2 3

…

13 Next