Stack Overflow
Stack Overflow

Questions tagged [syslog-ng]

The syslog-ng application is a flexible and highly scalable system logging application that is ideal for creating centralized and trusted logging solutions.

The syslog-ng application is a flexible and highly scalable system logging application that is ideal for creating centralized and trusted logging solutions. The main features of syslog-ng are summarized below.

  • Reliable log transfer: The syslog-ng application enables you to send the log messages of your hosts to remote servers using the latest protocol standards. The logs of different servers can be collected and stored centrally on dedicated log servers. Transferring log messages using the TCP protocol ensures that no messages are lost.
  • Secure logging using TLS: Log messages may contain sensitive information that should not be accessed by third parties. Therefore, syslog-ng supports the Transport Layer Security (TLS) protocol to encrypt the communication. TLS also allows the mutual authentication of the host and the server using X.509 certificates.
  • Direct database access: Storing your log messages in a database allows you to easily search and query the messages and interoperate with log analyzing applications. The syslog-ng application supports the following databases: MSSQL, MySQL, Oracle, PostgreSQL, and SQLite.
  • Heterogeneous environments: The syslog-ng application is the ideal choice to collect logs in massively heterogeneous environments using several different operating systems and hardware platforms, including Linux, Unix, BSD, Sun Solaris, HP-UX, Tru64, and AIX.
  • Filter and classify: The syslog-ng application can sort the incoming log messages based on their content and various parameters like the source host, application, and priority. Directories, files, and database tables can be created dynamically using macros. Complex filtering using regular expressions and boolean operators offers almost unlimited flexibility to forward only the important log messages to the selected destinations.
  • Parse and rewrite: The syslog-ng application can segment log messages to named fields or columns, and also modify the values of these fields.
  • IPv4 and IPv6 support: The syslog-ng application can operate in both IPv4 and IPv6 network environments; it can receive and send messages to both types of networks.
275 questions
0
votes
1 answer

syslog-ng install finished without the needed files

I downloaded syslog-ng OSE from the site (version 3.4.0alpha3) successfully run ./configure make make install but I've got no /etc/syslog-ng.conf nor /etc/init.d/syslog-ng What might be the reason? env is centos 6.3
roi
  • 39
  • 6
0
votes
1 answer

how to revice syslog-ng's log with line stream by tcp?

I have a machine to revice syslog-ng's log; the edit the config file to write the log to a local file /data/logs/access.log destination d_nginx_video { file("/data/logs/access.log" create_dirs(yes) template("$PROGRAM $MESSAGE\n"));}; then I want…
timger
  • 944
  • 2
  • 13
  • 31
0
votes
1 answer

Parsing structured syslog with syslog-ng

I am trying to leverage the parsing of structured data feature in syslog-ng. From my firewall, I am forwarding the following message: <14>1 2012-10-06T11:03:56.493 SRX100 RT_FLOW - RT_FLOW_SESSION_CLOSE [junos@2636.1.1.1.2.36 reason="TCP FIN"…
masterof0
  • 11
  • 3
0
votes
1 answer

Redirecting php logs (custom application) using Log4php to syslog-ng

I have a custom application running on client which uses php, whose log's are controlled by log4php.properties ( say DEBUG or INFO ) however, in addtion existing logging setup, i would like to send these logs to syslog-ng running server. Below is…
cb24
  • 61
  • 2
  • 6
0
votes
1 answer

why syslog-ng cannot startup with SELinux TYPE syslogd_exec_t?

I have syslog-ng installed on CentOS 5.7 system with SELinux enforcing. i cannot startup syslog-ng service by "service syslog-ng start", because of the error: [root@localhost ~]# service syslog-ng start Starting syslog-ng: GThread-ERROR **: file…
Emre He
  • 497
  • 11
  • 23
-1
votes
1 answer

REdisJSON Command JSON.SET is not working in syslog-ng destination

I have tried "LPUSH" command in the following code, it works but redisjson command is not working destination d_redis { redis( host("localhost") port(6379) command("JSON.SET", "test", "${MESSAGE}") ); }; Can someone…
Mahe Krish
  • 141
  • 1
  • 7
-1
votes
1 answer

Syslog-NG: 2 logs from the same source written differently

I have 2 sets of logs. Each is going to their own syslog server. But the source of the logs is the same - a palo alto prisma vpn. For whatever reason, Syslog-Server A (the oldest source) writes the logs like this (in bold): Nov 22 15:08:03 34…
jjfredericks
  • 1
  • 1
-1
votes
1 answer

How to send additional parameters from syslog to logstash like message or some addtional name

I want to send additional parameters like message from syslog in omfwd format and also need to know what filter i can set on logstash to read this additional parameter Syslog configuration: ..... action(type="omfwd" Target="1.1.1.1" Port="1234"…
cojapysp
  • 1
  • 1
-1
votes
1 answer

syslog-ng control the log from printing multiple time with in given time frame

I am new to using syslog-ng, just wondering if syslog-ng provides a way to control the log if the same event is occurred avoid printing the log multiple times.
csavvy
  • 761
  • 4
  • 13
-1
votes
1 answer

How to parserCSV the message obtained from syslog-ng?

Syslog-ng is writing the following log to the layout below: Jun 7 11:54:23 vXXXXX01-node1 RT_XXT: RT_SRC_XXT_PBA_ALLOC: Subscriber 100.64.0.2 But the system that will do the treatment expects to receive the log in the following layout: Jun …
WILLIAM LUIZ
  • 1
  • 1
-1
votes
1 answer

Configure syslog-ng server to truncate messages relayed to only 1 destination out of multiple destinations

My existing syslog-ng PE 5 (yes, old) server uses multiple log statements to both write all logs locally, and also to relay some messages to external log scanning services in our enterprise. The operator of one of these external relay destinations…
anon7
  • 3
  • 1
-1
votes
2 answers

how to send only specific files to remote server using rsyslog

I am new to rsyslog. I have multiple servers(rsyslog servers) sending syslog messages to a remote server(syslog-ng server). Right now, I am sending everything to the remote server. I want to filter out and send logs from specific files to the remote…
Meet101
  • 711
  • 4
  • 18
  • 35
-1
votes
1 answer

Syslog-ng only Logging incoming when running in the forground

I've been testing Syslog-ng in a dev environment for several weeks now. It has since been moved to production but I'm getting weird behavior. I've taken the exact same syslog-ng.conf that was on dev (listens on udp:514 and writes everything to a…
NiftyMist
  • 1
  • 1
-1
votes
2 answers

How to create filter in syslog-ng in order to drop the lines containing "some text pattern" in logs?

I need to drop the below lines containing text "-- MARK --" from the logs. I am using syslog-ng for shipping logs to centralized location. However, my config works fine but i need to apply a filter in order to drop below line to be shipped. Mar 19…
Subi
  • 1
  • 1
  • 3
-1
votes
1 answer

syslog NG not starting up when specifying an ip address but works as a catch all and write to file setup

I am trying to setup a syslog NG server where i could collect all the logs. now ive managed to create the settings where the server will collect all the logs from all the servers and write it to a single file. but i was wondering if its possible to…
ranjit abraham
  • 15
  • 4
1 2 3
18
19