[prev in list] [next in list] [prev in thread] [next in thread] 

List:       syslog-ng
Subject:    [syslog-ng] Insider 2023-11: Splunk; configuration; journald;
From:       "Peter Czanik (pczanik)" <Peter.Czanik () oneidentity ! com>
Date:       2023-11-14 10:04:54
Message-ID: DM6PR19MB29862044A4CA1D8A71379D008BB2A () DM6PR19MB2986 ! namprd19 ! prod ! outlook ! com
[Download RAW message or body]

Dear syslog-ng users,

This is the 114th issue of syslog-ng Insider, a monthly newsletter that brings you \
syslog-ng-related news.

NEWS

Sending logs to Splunk using syslog-ng
--------------------------------------
There are many ways you can collect log messages using syslog-ng and forward them to \
Splunk. In this blog I collect the history of Splunk support in syslog-ng, and the \
advantages and disadvantages of various solutions, both open source and commercial. \
https://www.syslog-ng.com/community/b/blog/posts/sending-logs-to-splunk-using-syslog-ng \


Developing a syslog-ng configuration
------------------------------------
This year I started publishing a syslog-ng tutorial series both on my blog and on \
YouTube: https://peter.czanik.hu/posts/syslog-ng-tutorial-toc/ And while the series \
was praised as the best possible introduction to syslog-ng, viewers also mentioned \
that one interesting element is missing from it: namely, it does not tell users how \
to develop a syslog-ng configuration. So, in this blog, learn how to develop a \
syslog-ng configuration from the ground up! I will explain not just the end result, \
but also the process and the steps to take to develop a configuration. It starts with \
a single source and destination, then concludes with a conditional log path and \
sending parsed and enriched logs to Elasticsearch (or a compatible document store). \
https://www.syslog-ng.com/community/b/blog/posts/developing-a-syslog-ng-configuration \


Systemd-journald vs. syslog-ng
------------------------------
Even if most people ask me to compare systemd-journald vs. syslog-ng, I would say \
that they complement each other. Systemd-journald excels at collecting local log \
messages, including those of various system services. The focus of syslog-ng is on \
central log collection and forwarding the logs to a wide variety of destinations \
after processing and filtering. Combining the two gives you the most flexibility. \
https://www.syslog-ng.com/community/b/blog/posts/systemd-journald-vs-syslog-ng 

WEBINARS

* You can browse recordings of past webinars at https://www.syslog-ng.com/events/

Your feedback and news, or tips about the next issue are welcome. To read this \
newsletter online, visit: https://syslog-ng.com/blog/

Peter Czanik (CzP) <peter.czanik@oneidentity.com>
Balabit (a OneIdentity company) / syslog-ng upstream
https://syslog-ng.com/community/
https://twitter.com/PCzanik
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic