Questions tagged [syslog-ng]

The syslog-ng application is a flexible and highly scalable system logging application that is ideal for creating centralized and trusted logging solutions.

The syslog-ng application is a flexible and highly scalable system logging application that is ideal for creating centralized and trusted logging solutions. The main features of syslog-ng are summarized below.

Reliable log transfer: The syslog-ng application enables you to send the log messages of your hosts to remote servers using the latest protocol standards. The logs of different servers can be collected and stored centrally on dedicated log servers. Transferring log messages using the TCP protocol ensures that no messages are lost.
Secure logging using TLS: Log messages may contain sensitive information that should not be accessed by third parties. Therefore, syslog-ng supports the Transport Layer Security (TLS) protocol to encrypt the communication. TLS also allows the mutual authentication of the host and the server using X.509 certificates.
Direct database access: Storing your log messages in a database allows you to easily search and query the messages and interoperate with log analyzing applications. The syslog-ng application supports the following databases: MSSQL, MySQL, Oracle, PostgreSQL, and SQLite.
Heterogeneous environments: The syslog-ng application is the ideal choice to collect logs in massively heterogeneous environments using several different operating systems and hardware platforms, including Linux, Unix, BSD, Sun Solaris, HP-UX, Tru64, and AIX.
Filter and classify: The syslog-ng application can sort the incoming log messages based on their content and various parameters like the source host, application, and priority. Directories, files, and database tables can be created dynamically using macros. Complex filtering using regular expressions and boolean operators offers almost unlimited flexibility to forward only the important log messages to the selected destinations.
Parse and rewrite: The syslog-ng application can segment log messages to named fields or columns, and also modify the values of these fields.
IPv4 and IPv6 support: The syslog-ng application can operate in both IPv4 and IPv6 network environments; it can receive and send messages to both types of networks.

275 questions

votes

1 answer

Unable to get Rsyslog structured data in syslog messages

I am trying to log messages with structured data . But it is showing null value for structured data. I am working with rsyslog 8.9.0.Can someone tell me either i need to load some module or modify source to get structure data SD-IDs in logged…

asked Mar 05 '15 at 13:00

StackUser

votes

2 answers

Syslog-ng forward raw log only

I have been trying to forward logs from a firewall to a SIEM using syslog-ng but the problem is that I want to forward only the original raw log without the added headers added by syslog-ng. I have the following syslog-ng conf file. @version:…

logging syslog-ng

asked Mar 03 '15 at 14:03

Chameleon

votes

1 answer

Forwarding log via syslog-ng

I'm trying to forward my logs using syslog-ng to my central syslog server. But it is not working. This is the lines I added in syslog-ng.conf source s_access { file("/var/log/httpd/access_log" follow_freq(10) flags(no-parse)); }; destination…

linux syslog splunk syslog-ng graylog2

asked Mar 05 '14 at 03:26

Randeep

votes

1 answer

Rails logger.error not showing up in SysLog

I have a question on how to configure correctly to get rails logger.error message showing up in SysLog. We used SyslogLogger gem. In our Syslog config, we have filter like this: if $programname == 'rails' and ($syslogseverity-text == 'emerg') then…

ruby-on-rails syslog syslog-ng

asked Jan 31 '13 at 22:21

DrChanimal

vote

1 answer

Regular expression to not match the logs with unreadable characters in syslog-ng

I am getting these kind of lines with other relevant log lines in the logs /M��P�� M�bM�� ?�@�� S��T�� bM�� E��F�� 22��O�� 9�� _�� These lines are non-readable so I want to…

regex syslog-ng

asked Aug 18 '23 at 09:12

doofyHi

vote

1 answer

How to disable syslogger when running tests in GitLab pipeline?

I have defined tests running in GitLab cicd pipeline. I also have syslog-ng set up for logging. The whole app is runnning with docker-compose. I have defined my syslogger like this: import logging from logging.handlers import SysLogHandler def…

python gitlab-ci syslog-ng

asked Feb 07 '23 at 06:08

lr_optim

vote

1 answer

Syslog-ng logs not processing certain logs possibly due to journal cursor issue

I'm using syslog-ng 3.37.1 on a VMware Photon 3.0 virtual appliance (preconfigured VM). The appliance is configured to write logs into certain files under /var/log folder as well as to remote syslog servers (optional). Logs from facility 'auth' and…

syslog-ng

asked Dec 11 '22 at 18:04

ramtech

vote

0 answers

cmocka: wrapping a Glib library function g_string_append_c() not working

I am running UT test case for syslog-ng in cmocka, upgraded Glib library to 2.71. I am not able to call wrapper function. I tried linking option --Wl, wrap=g_string_append_c, wrap=g_string_append in make file. Here are my wrapper functions: String*…

glib syslog-ng cmock

asked Jun 20 '22 at 12:02

Jagadeesh

vote

1 answer

syslog-ng return original value when mapping does not exists

i'm using syslog-ng for collecting json messages and send alarms to slack there is parameter in json message which contains IP address of router from which I'm receiving the json message and I want to convert IP address to router hostname i'm using…

syslog syslog-ng

asked Dec 09 '21 at 22:26

patooo

vote

2 answers

Unable to install syslog-ng on amazon linux 2

I have started EC2 instance from L=amazon linux 2 AMI. I am trying to install syslog-ng with yum but I am getting error. Commands used : $ sudo amazon-linux-extras install epel -y $ sudo yum install syslog-ng AND $ sudo yum-config-manager…

amazon-web-services amazon-ec2 syslog-ng amazon-linux-2

asked Dec 09 '21 at 10:13

Gaurav

3,615
2
27
50

vote

1 answer

Using rsyslog/syslog-ng in non-privileged Kubernetes pod

I am trying to use rsyslog or syslog-ng inside a non-privileged container in Kubernetes. Now I have managed to make most of the part work but the only place I am stuck with with /dev/log socket. The rsyslog/syslog-ng fails to create this socket…

kubernetes rsyslog syslog-ng

asked Nov 29 '21 at 09:34

user55342

vote

0 answers

Unable to forward logs from syslog ng server to kafka topic

I have setup the syslog-ng server on ubuntu and collecting logs from firewall on syslog-ng server and I want to forward that logs into the kafka topic. Syslog-ng installation command sudo apt-get install syslog-ng-core sudo apt-get install -y…

ubuntu syslog syslog-ng

asked Jul 26 '21 at 12:58

ShyamBabu Sharma

vote

1 answer

How to exactly-once delivery in kafka When there are multiple producers

I am using syslog-ng(latest version 3.30) and kafka(2.2) syslog-ng and kafka is running in 3 nodes Client send logs to multiple syslog-ng nodes syslog-ng nodes send these logs to kafka broker For kafka syslog-ng is producer The problem i am facing…

apache-kafka syslog-ng

asked Jun 02 '21 at 02:33

aniketpant

vote

1 answer

Syslog-ng service error on restart - syslog forward to Qradar

Hopefully my qeustion is in the right place. I am currently trying to forward syslogs from an Ubuntu machine to a Qradar machine. They're on the same network and i already managed to get Rsyslog to work, but it isn't supported by Qradar. Therefore,…

ubuntu debian forwarding syslog-ng qradar

asked May 23 '21 at 19:43

Tommaso Pellegrini

vote

1 answer

log4j2 SyslogAppender not writing to logs

I know this type of question has been asked before but I could not find any suitable answer for it. I am using a syslog appender to send my java application logs to Syslog but it does not work. My log4j2.xml file is: ?xml version="1.0"…

java log4j2 syslog syslog-ng

asked Mar 27 '21 at 11:21

user3723326

Prev 1 2

…

18 19 Next