Dear syslog-ng users,
This is the 55th issue of the syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news.
Securing connections to Elasticsearch
Recently, news have come out that unprotected MongoDB databases are being actively compromised: content is copied and replaced by a message asking for a ransom to get it back. As “The Register” reports: Elasticsearch is next. Read our latest blog post to learn more about how to secure your Elasticsearch cluster and avoid a ransomware.
Troubleshooting syslog-ng to syslog-ng connections
syslog-ng users often face the challenge of not being able to send logs over the network from one syslog-ng instance to another. There can be many reasons for this; some are independent from syslog-ng, while others are related to the syslog-ng configuration. Here are a few troubleshooting tips: https://www.balabit.com/blog/troubleshooting-syslog-ng-syslog-ng-connections/
Load balancing HTTP connections to Elasticsearch
In addition to developing the HTTPS driver for syslog-ng, Fabien Wernli also contributed HTTP load balancing support to the syslog-ng Elasticsearch driver, which is also used by HTTPS support for Elasticsearch: https://github.com/balabit/syslog-ng/pull/1319
This year Peter Czanik, community manager at Balabit, participated with two syslog-ng presentations at the annual FOSDEM conference in Brussels. Read about his experiences at the event: https://www.balabit.com/blog/syslog-ng-fosdem-2017/
How to send JSON log messages to RabbitMQ from syslog-ng
In this post, you can read about how to configure syslog-ng to send logs in JSON format in the body of an AMQP message: https://sharknet.us/2017/02/04/how-to-send-json-log-messages-to-rabbitmq-from-syslog-ng/
Balabit will participate at the Southern California Linux Expo this year again: http://www.socallinuxexpo.org/scale/15x
You can talk to our engineers at the Balabit booth and listen to Peter Czanik present about parsing security logs using syslog-ng in room 106: http://www.socallinuxexpo.org/scale/15x/presentations/get-most-out-your-security-logs-using-syslog-ng
Your feedback and news tips about the next issue is welcome at documentation(at)balabit.com.