Insider 2016-11: Enrichment; Elasticsearch; LISA; FreeBSD; All Things Open;

Dear syslog-ng users,

This is the 52nd issue of the syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news.


Enriching log messages

Log messages already contain a wealth of information about what is happening in your systems. Still, logs can be enriched with additional information – like the geolocation belonging to an IP address – which can improve the usability of logs considerably. Read how you can enrich log messages in real-time using syslog-ng.

What is new in syslog-ng PE and SSB

Join us at our next webinar on November 15, where you can learn about new syslog-ng PE and SSB features like content-based alerting, multiple log spaces, key=value parser and Big Data destinations.

You can register at

Logging to Elasticsearch simplified

Elasticsearch is gaining the momentum as the ultimate destination for log messages. A great part of it is Kibana, but also that it is a scalable storage of arbitrary name-value pairs. Read, how the use of syslog-ng can greatly simplify how logs reach Elasticsearch.

Coming up: LISA

You can learn about syslog-ng at the Balabit booth #145 at LISA (Large Installation System Administration) conference in Boston. Expo days are on December 7 and 8:

syslog-ng with Java support on FreeBSD

Java destinations on FreeBSD are not supported by the syslog-ng team and for technical reasons (it downloads JAR files from the Internet) it is also marked broken in FreeBSD ports. Luckily it does not prevent it from working: some people even use it it production. Learn, how to get started.

All Things Open

Last week I visited All Things Open, one of the largest open source conferences of the US East Coast. I was presenting syslog-ng in the Operations track of the conference, but luckily I had a chance to stay for the full two days of the event. Read my experiences at

Your feedback and news tips about the next issue is welcome at documentation(at)

Leave a Reply