Dear syslog-ng users,
This is the 30th issue of the syslog-ng Insider, a monthly newsletter that brings you syslog-ng related news.
syslog-ng at conferences
This year, we plan to present syslog-ng in many conferences, or just participate conferences where many syslog-ng users are expected to show up. If you want to meet someone from the syslog-ng team, come to one of our presentations or drop an e-mail so we can find each other. We are also very interested to hear suggestions, where syslog-ng should be presented!
Here is a list of confirmed events, which will be updated regularly in later newsletters:
- FOSDEM, 1-2 February, Brussels, Belgium: https://fosdem.org/2014/, giving a talk titled: “Babelfish for DevOps: syslog-ng”
- Fedora, JBoss and RedHat developers conference, 7-9 February, Brno, Czech Republic: http://devconf.cz/, Participating only
- Open Source Data Center Conference, 8-10 April, Berlin, Germany: http://www.netways.de/osdc/, Giving a talk titled “Monitoring with syslog-ng, Riemann and Kibana”
Check out syslog-ng 3.6 pre-alpha!
While syslog-ng 3.6 still did not even reach an alpha release, it received already a lot of development. So, while it might still eat your logs for lunch, those who are interested in where syslog-ng is heading should check out syslog-ng 3.6 from git. Unlike previous syslog-ng versions, it is developed in a unified git repository without a version string attached.
While most changes are under the hood, there are also some user visible features like pseudofile destination.
Nodejs support was also added to syslog-ng: use the widespread winston logging API, and syslog-ng will process its JSON formatted messages.
And if you look at the stats you can see a healthy growth of the code base and in the number of contributors. Thank you for your support!
The syslog-ng incubator is a collection of tools and modules which are not (yet) part of the official repository. It has some very interesting code in it, like a riemann or an RSS destination, but until now it was completely undocumented. Not any more: http://asylum.madhouse-project.org/blog/2013/12/29/the-incubator/.
The Incubator also includes a Lua destination, which makes it possible to write simple destination drivers without a line of C. It is still a work in progress, but is an important step into writing modules in other languages.
And to make your life easier packages are available in Debian testing, Ubuntu Trusty and for openS– USE in the 3rd party repositories.
PCI DSS 3.0 Continues to Emphasize the Importance of Log Management
The Payment Card Industry Security Standards Council recently released the Data Security Standard 3.0, three years after the prior version. As one of the most important international data security standards, the latest release was eagerly awaited by IT security practitioners. Clarifications make up the bulk of the changes but the standards council changed most of the 12 major requirements to include modified or additional sub-requirements. With PCI DSS 3.0 the standards council has reiterated that log management is a critical part of security best practices. You can read more about it.
- Testing syslog-ng PE on Windows was never so easy: Windows Quick Start Guide for syslog-ng Premium Edition
- TLS vulnerabilities in log traffic: syslog-ng vs. BEAST, CRIME and BREACH
- Top 6 SANS Essential Categories of Log Reports 2013
Your feedback and news tips about the next issue is welcome at documentation(at)balabit.com.