Fosstodon

Peter CzanikWe expect a couple of <a href="https://fosstodon.org/tags/syslog_ng" class="mention hashtag" rel="tag">#syslog_ng</a> releases in the near future. As version 4.8.1 is used in major <a href="https://fosstodon.org/tags/Linux" class="mention hashtag" rel="tag">#Linux</a> distributions and has known bugs, we will release 4.8.2 to address those. However, we are also working on 4.9.0, which will bring many changes. <a href="https://www.syslog-ng.com/community/b/blog/posts/a-call-for-testing-the-upcoming-syslog-ng-releases" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://www.syslog-ng.com/community/b/blog/posts/a-call-for-testing-the-upcoming-syslog-ng-releases</a>

Peter CzanikInstalling nightly syslog-ng <a href="https://fosstodon.org/tags/arm64" class="mention hashtag" rel="tag">#arm64</a> packages on a Raspberry Pi: <a href="https://www.syslog-ng.com/community/b/blog/posts/installing-nightly-syslog-ng-arm64-packages-on-a-raspberry-pi" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://www.syslog-ng.com/community/b/blog/posts/installing-nightly-syslog-ng-arm64-packages-on-a-raspberry-pi</a><a href="https://fosstodon.org/tags/LogManagement" class="mention hashtag" rel="tag">#LogManagement</a> <a href="https://fosstodon.org/tags/syslog_ng" class="mention hashtag" rel="tag">#syslog_ng</a> <a href="https://fosstodon.org/tags/RaspberryPi" class="mention hashtag" rel="tag">#RaspberryPi</a>

Peter CzanikLearn how to work with <a href="https://fosstodon.org/tags/OneIdentity" class="mention hashtag" rel="tag">#OneIdentity</a> Active Roles <a href="https://fosstodon.org/tags/debug" class="mention hashtag" rel="tag">#debug</a> logs, that is reading them using <a href="https://fosstodon.org/tags/syslog_ng" class="mention hashtag" rel="tag">#syslog_ng</a> Agent for <a href="https://fosstodon.org/tags/Windows" class="mention hashtag" rel="tag">#Windows</a> and forwarding them to a central syslog-ng server for long(er) term storage.<a href="https://www.syslog-ng.com/community/b/blog/posts/working-with-active-roles-debug-logs-in-syslog-ng" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://www.syslog-ng.com/community/b/blog/posts/working-with-active-roles-debug-logs-in-syslog-ng</a><a href="https://fosstodon.org/tags/LogManagement" class="mention hashtag" rel="tag">#LogManagement</a>

Peter CzanikThe <a href="https://mastodon.social/@FreeBSDFoundation" class="u-url mention">@FreeBSDFoundation</a> 15 release schedule was just announced, but I already see people saying that "looks good, I already use it in production" :-) So, I installed the latest snapshot in a VM, and tested <a href="https://fosstodon.org/tags/syslog_ng" class="mention hashtag" rel="tag">#syslog_ng</a> on it.As expected: syslog-ng works fine on it :-)<a href="https://fosstodon.org/tags/FreeBSD" class="mention hashtag" rel="tag">#FreeBSD</a> <a href="https://fosstodon.org/tags/syslog" class="mention hashtag" rel="tag">#syslog</a>

Peter CzanikThe April syslog-ng newsletter is now available on-line: - Testing <a href="https://fosstodon.org/tags/Elasticsearch" class="mention hashtag" rel="tag">#Elasticsearch</a> 9.0.0 beta1 with <a href="https://fosstodon.org/tags/syslog_ng" class="mention hashtag" rel="tag">#syslog_ng</a> - Working with parsed <a href="https://fosstodon.org/tags/OneIdentity" class="mention hashtag" rel="tag">#OneIdentity</a> Active Roles logs in syslog-ng - Running syslog-ng PE in <a href="https://fosstodon.org/tags/RHEL" class="mention hashtag" rel="tag">#RHEL</a> UBI You can read it at: <a href="https://www.syslog-ng.com/community/b/blog/posts/the-syslog-ng-insider-2025-04-elasticsearch-beta-active-roles-rhel-ubi" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://www.syslog-ng.com/community/b/blog/posts/the-syslog-ng-insider-2025-04-elasticsearch-beta-active-roles-rhel-ubi</a> <a href="https://fosstodon.org/tags/LogManagement" class="mention hashtag" rel="tag">#LogManagement</a>

Peter Czanik<a href="https://fosstodon.org/tags/Elasticsearch" class="mention hashtag" rel="tag">#Elasticsearch</a> is one of the most popular syslog-ng destinations. So, when the first beta of the upcoming version 9 was released, I gave it a try using the very latest <a href="https://fosstodon.org/tags/syslog_ng" class="mention hashtag" rel="tag">#syslog_ng</a> snapshot:<a href="https://www.syslog-ng.com/community/b/blog/posts/testing-elasticsearch-9-0-0-beta1-with-syslog-ng" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://www.syslog-ng.com/community/b/blog/posts/testing-elasticsearch-9-0-0-beta1-with-syslog-ng</a>TL;DR: there are some rough edges, but it works!

Peter CzanikLast week, I posted about running nightly <a href="https://fosstodon.org/tags/syslog_ng" class="mention hashtag" rel="tag">#syslog_ng</a> <a href="https://fosstodon.org/tags/container" class="mention hashtag" rel="tag">#container</a> images on <a href="https://fosstodon.org/tags/arm64" class="mention hashtag" rel="tag">#arm64</a>. However, you can also install syslog-ng directly on the host (in my case, a Raspberry Pi 3), running the latest <a href="https://fosstodon.org/tags/Raspberry" class="mention hashtag" rel="tag">#Raspberry</a> OS.<a href="https://www.syslog-ng.com/community/b/blog/posts/installing-nightly-syslog-ng-arm64-packages-on-a-raspberry-pi" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://www.syslog-ng.com/community/b/blog/posts/installing-nightly-syslog-ng-arm64-packages-on-a-raspberry-pi</a>

Peter CzanikRecently we enabled nightly <a href="https://fosstodon.org/tags/syslog_ng" class="mention hashtag" rel="tag">#syslog_ng</a> builds and <a href="https://fosstodon.org/tags/container" class="mention hashtag" rel="tag">#container</a> builds for <a href="https://fosstodon.org/tags/arm64" class="mention hashtag" rel="tag">#arm64</a>. It means that from now on, you can run the latest syslog-ng on 64bit <a href="https://fosstodon.org/tags/ARM" class="mention hashtag" rel="tag">#ARM</a> platforms.<a href="https://www.syslog-ng.com/community/b/blog/posts/nightly-arm64-syslog-ng-container-builds-are-now-available" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://www.syslog-ng.com/community/b/blog/posts/nightly-arm64-syslog-ng-container-builds-are-now-available</a><a href="https://fosstodon.org/tags/LogManagement" class="mention hashtag" rel="tag">#LogManagement</a>

Peter CzanikFor many years, the development of <a href="https://fosstodon.org/tags/syslog_ng" class="mention hashtag" rel="tag">#syslog_ng</a> happened on the <a href="https://fosstodon.org/tags/master" class="mention hashtag" rel="tag">#master</a> branch in <a href="https://fosstodon.org/tags/Git" class="mention hashtag" rel="tag">#Git</a>. However, if you follow that branch, you might have noticed that there has not been much activity on it lately. That is because we introduced a new <a href="https://fosstodon.org/tags/branch" class="mention hashtag" rel="tag">#branch</a> in git called <a href="https://fosstodon.org/tags/develop" class="mention hashtag" rel="tag">#develop</a>.<a href="https://www.syslog-ng.com/community/b/blog/posts/introducing-the-develop-branch-of-the-syslog-ng-git-repo" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://www.syslog-ng.com/community/b/blog/posts/introducing-the-develop-branch-of-the-syslog-ng-git-repo</a>

Peter CzanikEach time a new major <a href="https://fosstodon.org/tags/Elasticsearch" class="mention hashtag" rel="tag">#Elasticsearch</a> version is released, someone asks if it works with <a href="https://fosstodon.org/tags/syslog_ng" class="mention hashtag" rel="tag">#syslog_ng</a>. So I gave it a quick test and based on that, Elasticsearch 9.0.0 beta1 works fine with syslog-ng. But of course, some terms and conditions apply… :-) <a href="https://www.syslog-ng.com/community/b/blog/posts/testing-elasticsearch-9-0-0-beta1-with-syslog-ng" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://www.syslog-ng.com/community/b/blog/posts/testing-elasticsearch-9-0-0-beta1-with-syslog-ng</a>

Peter CzanikThe March <a href="https://fosstodon.org/tags/syslog_ng" class="mention hashtag" rel="tag">#syslog_ng</a> <a href="https://fosstodon.org/tags/newsletter" class="mention hashtag" rel="tag">#newsletter</a> is now available on-line:* Test syslog-ng on <a href="https://fosstodon.org/tags/EPEL" class="mention hashtag" rel="tag">#EPEL</a> 10!* Collecting <a href="https://fosstodon.org/tags/OneIdentity" class="mention hashtag" rel="tag">#OneIdentity</a> <a href="https://fosstodon.org/tags/ActiveRoles" class="mention hashtag" rel="tag">#ActiveRoles</a> logs centrally using the syslog-ng <a href="https://fosstodon.org/tags/Windows" class="mention hashtag" rel="tag">#Windows</a> Agent* syslog-ng OSE 4.8.1 is now in EPEL 10, quick fix for <a href="https://fosstodon.org/tags/Elasticsearch" class="mention hashtag" rel="tag">#Elasticsearch</a><a href="https://www.syslog-ng.com/community/b/blog/posts/the-syslog-ng-insider-2025-03-epel-10-elasticsearch-active-roles" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://www.syslog-ng.com/community/b/blog/posts/the-syslog-ng-insider-2025-03-epel-10-elasticsearch-active-roles</a>

Peter CzanikIn my previous <a href="https://fosstodon.org/tags/OneIdentity" class="mention hashtag" rel="tag">#OneIdentity</a> Active Roles blog, you learned how to forward <a href="https://fosstodon.org/tags/Active" class="mention hashtag" rel="tag">#Active</a> <a href="https://fosstodon.org/tags/Roles" class="mention hashtag" rel="tag">#Roles</a> logs to a central <a href="https://fosstodon.org/tags/syslog_ng" class="mention hashtag" rel="tag">#syslog_ng</a> server to parse and store the logs. In this blog, I’ll show you how to:- Work with parsed Active Roles logs. - Store <a href="https://fosstodon.org/tags/logs" class="mention hashtag" rel="tag">#logs</a> to various document stores. - Prepare long-term storage. - Send <a href="https://fosstodon.org/tags/alerts" class="mention hashtag" rel="tag">#alerts</a> for some critical events.<a href="https://www.syslog-ng.com/community/b/blog/posts/working-with-parsed-active-roles-logs-in-syslog-ng" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://www.syslog-ng.com/community/b/blog/posts/working-with-parsed-active-roles-logs-in-syslog-ng</a>Even if this blog about commercial software, the name-value pairs concept is the same in the <a href="https://fosstodon.org/tags/opensource" class="mention hashtag" rel="tag">#opensource</a> syslog-ng.<a href="https://fosstodon.org/tags/LogManagement" class="mention hashtag" rel="tag">#LogManagement</a>

Peter Czanik<a href="https://fosstodon.org/tags/OneIdentity" class="mention hashtag" rel="tag">#OneIdentity</a> Active Roles allows you to easily and securely manage <a href="https://fosstodon.org/tags/AD" class="mention hashtag" rel="tag">#AD</a> objects. The <a href="https://fosstodon.org/tags/syslog_ng" class="mention hashtag" rel="tag">#syslog_ng</a> Windows Agent can collect and forward Active Roles logs from Windows Event Log, while the syslog-ng server can collect, process, store and forward these logs. <a href="https://www.syslog-ng.com/community/b/blog/posts/collecting-active-roles-logs-centrally-using-the-syslog-ng-windows-agent" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://www.syslog-ng.com/community/b/blog/posts/collecting-active-roles-logs-centrally-using-the-syslog-ng-windows-agent</a>

Peter CzanikThe syslog-ng February <a href="https://fosstodon.org/tags/newsletter" class="mention hashtag" rel="tag">#newsletter</a> is now available:- Syslog-ng <a href="https://chaos.social/@Prometheus" class="u-url mention">@Prometheus</a> exporter added to RPM syslog-ng container image- Running <a href="https://fosstodon.org/tags/syslog_ng" class="mention hashtag" rel="tag">#syslog_ng</a> PE in <a href="https://fosstodon.org/tags/RHEL" class="mention hashtag" rel="tag">#RHEL</a> <a href="https://fosstodon.org/tags/UBI" class="mention hashtag" rel="tag">#UBI</a>- Running a syslog-ng server in <a href="https://fosstodon.org/tags/WSL" class="mention hashtag" rel="tag">#WSL</a>Read it at: <a href="https://www.syslog-ng.com/community/b/blog/posts/the-syslog-ng-insider-2025-02-prometheus-rhel-ubi-wsl" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://www.syslog-ng.com/community/b/blog/posts/the-syslog-ng-insider-2025-02-prometheus-rhel-ubi-wsl</a>

Peter CzanikSoon, I'll leave towards the airport. I'm flying to Brussels: - to learn about the latest <a href="https://fosstodon.org/@centos" class="u-url mention">@centos</a> news at Connect - to speak about <a href="https://fosstodon.org/tags/syslog_ng" class="mention hashtag" rel="tag">#syslog_ng</a> at <a href="https://fosstodon.org/tags/FOSDEM" class="mention hashtag" rel="tag">#FOSDEM</a> at the <a href="https://mastodon.bsd.cafe/@fosdembsd" class="u-url mention">@fosdembsd</a> devroom - few days in the area to recharge after the conferences :-) Let me know, if you are there!

Peter CzanikRecently I have posted a <a href="https://fosstodon.org/tags/Dockerfile" class="mention hashtag" rel="tag">#Dockerfile</a> to run <a href="https://fosstodon.org/tags/syslog_ng" class="mention hashtag" rel="tag">#syslog_ng</a> in an <a href="https://fosstodon.org/@almalinux" class="u-url mention">@almalinux</a> container. I got some encouraging feedback, so this week I experimented with syslog-ng <a href="https://fosstodon.org/tags/Premium" class="mention hashtag" rel="tag">#Premium</a> Edition (PE) in a <a href="https://fosstodon.org/tags/RHEL" class="mention hashtag" rel="tag">#RHEL</a> <a href="https://fosstodon.org/tags/UBI" class="mention hashtag" rel="tag">#UBI</a> (Universal Base Image) container. <a href="https://fosstodon.org/tags/Feedback" class="mention hashtag" rel="tag">#Feedback</a> is welcome! <a href="https://www.syslog-ng.com/community/b/blog/posts/running-syslog-ng-pe-in-rhel-ubi" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://www.syslog-ng.com/community/b/blog/posts/running-syslog-ng-pe-in-rhel-ubi</a>

Peter Czanik<a href="https://fosstodon.org/tags/syslog_ng" class="mention hashtag" rel="tag">#syslog_ng</a> 4.8.1 is now available in <a href="https://fosstodon.org/tags/EPEL" class="mention hashtag" rel="tag">#EPEL</a> 10, so you do not have to use the testing repository anymore. Thanks everyone for the feedback! However, support for <a href="https://fosstodon.org/tags/Elasticsearch" class="mention hashtag" rel="tag">#Elasticsearch</a> 7+ is broken in this release. Learn how to fix this problem! <a href="https://www.syslog-ng.com/community/b/blog/posts/syslog-ng-ose-4-8-1-is-now-in-epel-10-quick-fix-for-elasticsearch" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://www.syslog-ng.com/community/b/blog/posts/syslog-ng-ose-4-8-1-is-now-in-epel-10-quick-fix-for-elasticsearch</a> <a href="https://fosstodon.org/tags/LogManagement" class="mention hashtag" rel="tag">#LogManagement</a>

Peter CzanikWill you be at <a href="https://fosstodon.org/tags/FOSDEM" class="mention hashtag" rel="tag">#FOSDEM</a>? I'll be there giving a talk about syslog-ng in the <a href="https://fosstodon.org/tags/BSD" class="mention hashtag" rel="tag">#BSD</a> devroom:<a href="https://fosstodon.org/tags/FreeBSD" class="mention hashtag" rel="tag">#FreeBSD</a> <a href="https://fosstodon.org/tags/audit" class="mention hashtag" rel="tag">#audit</a> source and other <a href="https://fosstodon.org/tags/syslog_ng" class="mention hashtag" rel="tag">#syslog_ng</a> news<a href="https://fosdem.org/2025/schedule/event/fosdem-2025-4553-freebsd-audit-source-and-other-syslog-ng-news/" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://fosdem.org/2025/schedule/event/fosdem-2025-4553-freebsd-audit-source-and-other-syslog-ng-news/</a>I'll also visit <a href="https://fosstodon.org/tags/CentOS" class="mention hashtag" rel="tag">#CentOS</a> Connect to learn about CentOS 10 & EPEL 10.

Peter CzanikLast December, I added support for <a href="https://fosstodon.org/tags/EPEL" class="mention hashtag" rel="tag">#EPEL</a> 10 in my unofficial <a href="https://fosstodon.org/tags/syslog_ng" class="mention hashtag" rel="tag">#syslog_ng</a> Git snapshot repository. This week, I call for <a href="https://fosstodon.org/tags/testing" class="mention hashtag" rel="tag">#testing</a> the official syslog-ng EPEL 10 package.<a href="https://www.syslog-ng.com/community/b/blog/posts/syslog-ng-is-coming-to-epel-10" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://www.syslog-ng.com/community/b/blog/posts/syslog-ng-is-coming-to-epel-10</a><a href="https://fosstodon.org/tags/RHEL" class="mention hashtag" rel="tag">#RHEL</a> <a href="https://fosstodon.org/tags/CentOS" class="mention hashtag" rel="tag">#CentOS</a> <a href="https://fosstodon.org/tags/AlmaLinux" class="mention hashtag" rel="tag">#AlmaLinux</a> <a href="https://fosstodon.org/tags/LogManagement" class="mention hashtag" rel="tag">#LogManagement</a>

Peter Czanik<a href="https://fosstodon.org/tags/CentOS" class="mention hashtag" rel="tag">#CentOS</a> Stream 10 and <a href="https://fosstodon.org/tags/EPEL" class="mention hashtag" rel="tag">#EPEL</a> 10 just became available, and as usual, I tried to build <a href="https://fosstodon.org/tags/syslog_ng" class="mention hashtag" rel="tag">#syslog_ng</a> as soon as possible. For now it is available in my syslog-ng git snapshot repository, but I am also planning to make it available in EPEL 10 soon.<a href="https://www.syslog-ng.com/community/b/blog/posts/test-syslog-ng-on-epel-10" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://www.syslog-ng.com/community/b/blog/posts/test-syslog-ng-on-epel-10</a><a href="https://fosstodon.org/tags/LogManagement" class="mention hashtag" rel="tag">#LogManagement</a>

Recent searches

Search options

Administered by:

Server stats:

#syslog_ng