Questions tagged [syslog-ng]

The syslog-ng application is a flexible and highly scalable system logging application that is ideal for creating centralized and trusted logging solutions.

The syslog-ng application is a flexible and highly scalable system logging application that is ideal for creating centralized and trusted logging solutions. The main features of syslog-ng are summarized below.

Reliable log transfer: The syslog-ng application enables you to send the log messages of your hosts to remote servers using the latest protocol standards. The logs of different servers can be collected and stored centrally on dedicated log servers. Transferring log messages using the TCP protocol ensures that no messages are lost.
Secure logging using TLS: Log messages may contain sensitive information that should not be accessed by third parties. Therefore, syslog-ng supports the Transport Layer Security (TLS) protocol to encrypt the communication. TLS also allows the mutual authentication of the host and the server using X.509 certificates.
Direct database access: Storing your log messages in a database allows you to easily search and query the messages and interoperate with log analyzing applications. The syslog-ng application supports the following databases: MSSQL, MySQL, Oracle, PostgreSQL, and SQLite.
Heterogeneous environments: The syslog-ng application is the ideal choice to collect logs in massively heterogeneous environments using several different operating systems and hardware platforms, including Linux, Unix, BSD, Sun Solaris, HP-UX, Tru64, and AIX.
Filter and classify: The syslog-ng application can sort the incoming log messages based on their content and various parameters like the source host, application, and priority. Directories, files, and database tables can be created dynamically using macros. Complex filtering using regular expressions and boolean operators offers almost unlimited flexibility to forward only the important log messages to the selected destinations.
Parse and rewrite: The syslog-ng application can segment log messages to named fields or columns, and also modify the values of these fields.
IPv4 and IPv6 support: The syslog-ng application can operate in both IPv4 and IPv6 network environments; it can receive and send messages to both types of networks.

275 questions

votes

5 answers

How do you know if syslog-ng stops your listening daemon?

I wrote a PHP program that hooks into syslog-ng (via syslog-ng.conf) and it's basically this: while (!feof(STDIN)) { $input = fgets(STDIN); process($input); } cleanup(); where process() and cleanup() are defined by me. The problem I am…

asked Oct 30 '09 at 18:27

Tom

6,991
13
60
78

votes

1 answer

Newlines get stripped in syslog-ng

We have implemented centralised logging using syslog-ng on our load balanced servers. The history of that setup can be seen here: How do I set up PHP Logging to go to a remote server? . It's working fine but the newlines are getting stripped at the…

php logging syslog syslog-ng

asked Dec 04 '12 at 11:14

Mohamed Yasin

votes

0 answers

syslog-ng adds <14> to handler name in log file

After I upgraded syslog-ng from version 3.0 to 3.1 I somehow get <14> and sometimes <12> before the handler name in my syslog files for my django website, like this: Nov 2 17:11:15 servername <14>handler.log [INFO]: Some logging ... Does anyone…

django syslog-ng

asked Nov 02 '11 at 16:13

ddn

1,360
11
8

votes

0 answers

Not Receiving Logs From Splunk Forwarder or Syslog-ng what could be the issue

I have Splunk setup, and it establishes connection with syslog and splunk universal forwarder from a remote server: I have syslog-ng setup as follows: You can see the connections established This is the inputs.conf for the splunk universal…

logging splunk syslog syslog-ng

asked Jan 14 '23 at 13:17

tks.tman

votes

1 answer

Where is syslog output stored on Cygwin?

I am completely new to the UNIX environment. I see that on most Linux implementations syslog logs can be found at /var/log/syslog. On Cygwin I am invoking a syslog() call in my C source file using syslog.h. The file compiles and executes correctly,…

logging cygwin syslog syslog-ng

asked Nov 26 '20 at 08:02

Ollie

votes

0 answers

Change log template based on log-event content or source

I have two sources and one destination. I want the template used in the destination to change depending on which source I receive the log event from. I have been able to create SDATA fields with rewrite rules, but I am unable to find a solution to…

syslog-ng

asked May 14 '19 at 13:22

Eirik

votes

1 answer

syslog-ng json parser does nothing

My syslog-ng config is driving me insane. I have an app, that puts out simple json log messages like: {"level":"error","message":"connection ended without disconnect receipt","timestamp":"2018-10-12T17:49:08.650Z"} All I want to do, is parse these…

json syslog-ng

asked Oct 17 '18 at 13:24

Michael Niemand

1,578
3
23
39

votes

2 answers

syslog-ng read file permission denied

i need to send tomcat Catalina.out log content by Syslog-ng but but after restarting Syslog service ,it gets permission denied error so how can i give a read access to Syslog-ng for read from CATALINA.out ? "tomcat directory belongs to specific…

tomcat selinux syslog-ng

asked Feb 28 '18 at 09:23

Unixer

votes

0 answers

Connect direct with splunk

I've have an issue, I have to use data from connect direct, directly to Splunk Enterprise or Syslog-ng, It's possible? Regards.

splunk syslog rsyslog syslog-ng connect-direct

asked Oct 27 '17 at 16:00

pablo zack

votes

1 answer

Does syslog-ng supports network namespaces?

Does syslog-ng supports log forwarding to remote host in different a network namespaces? Something similar to rsyslog omfwd::NetworkNamespace

syslog syslog-ng

asked Sep 08 '17 at 16:49

VarunPandey

votes

1 answer

How to use patterndb in syslog-ng

syslog-ng.conf https://www.balabit.com/network-security/syslog-ng/opensource-logging-system/features/pattern-db @define logfileName "/apps/syslog-ng/etc/testing.log" @define Pattern1 ".*Exception.*" source s_app1.conf { file("`logfileName`"…

linux unix syslog syslog-ng

asked Mar 21 '17 at 10:36

sdvadsa

votes

2 answers

OpenWRT: Use logread to send remote logging data to syslog-ng client

I try to remote log my OpenWRT system. For that i set /etc/config/system like: config system option hostname 'MySystem' option timezone 'UTC' option log_file '/var/log/messages' option log_type 'file' option…

ubuntu-14.04 openwrt syslog-ng

asked Dec 19 '16 at 15:48

Farley

votes

1 answer

writing a custom template/parser/filter for use in syslog-ng

My application generates logs and sends them to syslog-ng. I want to write a custom template/parser/filter for use in syslog-ng to correctly store the fields in tables of an SQLite database (MyDatabase). This is the legend of my…

parsing sqlite pcre logparser syslog-ng

asked Mar 05 '16 at 16:19

mdk

6,225
1
25
30

votes

1 answer

logging syslog-ng logs Windows logs in multiple lines

I have a problem with logging my Windows server by syslog-ng Agent for Windows v5.0.7 to my Main Syslog server with installed Syslog-ng PE v5.0. Logs from the agent walks in a multiline shape, see below. Has anyone had a similar problem? Is there a…

windows logging syslog-ng

asked Jun 09 '15 at 14:02

Lukas Toman

votes

0 answers

what is structured data SD-ID and SD-PARAMS in rsyslog?

we have structured data SD-ID and SD-PARAMS paramenters in rsyslog.I am not getting how it works from where these parameters takes value.Can someone explain me what these things are?

syslog rsyslog logrotate syslog-ng log-rotation

asked May 13 '15 at 06:48

StackUser

Prev 1

…

18 19 Next