ABOUT
Visit BalaBit site
Archive for May, 2011
EPEL6 brings syslog-ng to the latest RHEL, CentOS and SL
The EPEL project (Extra Packages for Enterprise Linux) provides Red Hat Enterprise Linux and derivatives with additional high quality packages. Syslog-ng was available for EPEL5 for a long time and is now also added to EPEL6, which provides packages for RHEL6. CentOS is gaining a strong presence in web serving, as almost one third of web servers are now running on this OS: http://blogs.computerworld.com/16596/the_most_popular_web_server_linux_is CentOS 6 should be released any day now. Scientific Linux ( http://www.scientificlinux.org/ ) is developed at CERN and used world wide by the research and higher education community. Version 6 of SL is already available.
Fedora 15, syslog-ng 3.3 beta1 quick news
Fedora 15 was released yesterday. It comes with the latest stable syslog-ng, version 3.2.4 thanks to the hard work of the new maintainers, JPO and Matthias.
There was also a new syslog-ng release this week, syslog-ng 3.3 beta1. For detailed release notes, please check https://lists.balabit.hu/pipermail/syslog-ng/2011-May/016624.html
I tested beta1 on FreeBSD and prepared an update to the sysutils/syslog-ng3-devel port. It should be available from ports sometimes next week, once the maintainer cleaned it up a bit.
I also prepared 3.3 beta1 packages for openSUSE, which are available for download at http://download.opensuse.org/repositories/home:/czanik:/syslog-ng33/ These packages need an updated eventlog package, also available from this repository. JSON support was added, but available only for openSUSE 11.4 and later versions.
LogStash
Logstash is a tool to collect, filter and display logs. It can collect logs from many sources, including syslog-ng, filter them, store them in a database and search them from a web interface. It can also output logs in various formats.
Amazon Kindle – powered by syslog-ng
One of the most popular e-book reader, the Amazon Kindle, uses syslog-ng to log events on the device. It runs version 1.6, which is many years old. As many million Kindle devices were sold, this is most likely our most widely used syslog-ng version, even if its users don’t actually know about it.
You can find syslog-ng in the Kindle sources published by Amazon at http://www.amazon.com/gp/help/customer/display.html?ie=UTF8&nodeId=200203720 It would be an interesting challenge to update syslog-ng on Kindle to a current version 
ELSA: Web interface for syslog-ng and patterndb
Enterprise log search and archive (ELSA) is a brand new centralized syslog framework with syslog-ng 3.1+ and patterndb at its heart. It is the first larger project outside of BalaBit utilizing the power of patterndb. Data storage and searching is based on mysql and sphinx, and there is a simple but powerful web interface, which gives quick access even to many millions of log messages.
