Insider 2017-02: securing Elasticsearch; Troubleshooting; FOSDEM & SCALE;

Dear syslog-ng users,

This is the 55th issue of the syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news.

NEWS

Securing connections to Elasticsearch

Recently, news have come out that unprotected MongoDB databases are being actively compromised: content is copied and replaced by a message asking for a ransom to get it back. As “The Register” reports: Elasticsearch is next. Read our latest blog post to learn more about how to secure your Elasticsearch cluster and avoid a ransomware.

Troubleshooting syslog-ng to syslog-ng connections

syslog-ng users often face the challenge of not being able to send logs over the network from one syslog-ng instance to another. There can be many reasons for this; some are independent from syslog-ng, while others are related to the syslog-ng configuration. Here are a few troubleshooting tips: https://www.balabit.com/blog/troubleshooting-syslog-ng-syslog-ng-connections/

Load balancing HTTP connections to Elasticsearch

In addition to developing the HTTPS driver for syslog-ng, Fabien Wernli also contributed HTTP load balancing support to the syslog-ng Elasticsearch driver, which is also used by HTTPS support for Elasticsearch: https://github.com/balabit/syslog-ng/pull/1319

FOSDEM 2017

This year Peter Czanik, community manager at Balabit, participated with two syslog-ng presentations at the annual FOSDEM conference in Brussels. Read about his experiences at the event: https://www.balabit.com/blog/syslog-ng-fosdem-2017/

How to send JSON log messages to RabbitMQ from syslog-ng

In this post, you can read about how to configure syslog-ng to send logs in JSON format in the body of an AMQP message: https://sharknet.us/2017/02/04/how-to-send-json-log-messages-to-rabbitmq-from-syslog-ng/

UPCOMING EVENTS

Your feedback and news tips about the next issue is welcome at documentation(at)balabit.com.

Leave a Reply