Insider 2017-09: 3.12; survey; geoip2; docker; AWS;

Dear syslog-ng users,

This is the 61th issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news.

NEWS

syslog-ng 3.12 is coming

The latest version of syslog-ng, 3.12 is expected to arrive soon. The most important new feature is the XML parser, which creates name-value pairs from XML-based log messages. You will also be able to configure JVM options for Java destinations, use PKCS-12, and utilize macros in HDFS file names. There are many more smaller features and bug fixes. For a complete list, check the git commits. Test RPM packages from git head.

New syslog-ng website

We will introduce a brand new website for all that is syslog-ng, and with that will come an official syslog-ng OSE repository with binaries for some of the most popular Linux distributions. We expect to launch syslog-ng.com in November, moving content for both OSE and its commercial versions to this new site so that it can serve as a single hub for all syslog-ng users.

Learn more about it and help our work by answering a brief survey.

Collecting logs from containers

There are many software products that log to files or pipes instead of their stdout, the place where Docker expects them. Fortunately by using Docker volumes, you can share data among containers, and syslog-ng can collect these logs as well.

Heat maps using the new geoip2 parser

The new geoip2 parser of syslog-ng 3.11 is not only faster than its predecessor, but can also provide a lot more detailed geographical information about IP addresses. Next to the usual country name and longitude/latitude information, it also provides the continent, time zone, postal code and even county name. Some of these are available in multiple languages. Learn how you can utilize all this information by parsing logs from iptables using syslog-ng, storing them to Elasticsearch, and displaying the results in Kibana!

Learn how you can impress your C-level leader(s) even more by animating these heat maps.

Installing syslog-ng on AWS Linux AMI

You do not have to live without your favorite syslog implementation even in Amazon Web Services (AWS) Linux AMI. This Linux distribution is based on Red Hat Enterprise Linux version 6 and it takes minimal extra work to install syslog-ng on it.

EVENTS

Your feedback and news tips about the next issue is welcome at documentation(at)balabit.com.

Leave a Reply