There are multiple #syslog protocols with multiple variants. The new transport(auto) option of the syslog() source in #syslog_ng allows you to support all TCP-based variants with a single source driver.

There are multiple #syslog protocols with multiple variants. The new transport(auto) option of the syslog() source in #syslog_ng allows you to support all TCP-based variants with a single source driver.
Version 4.9.0 of #syslog_ng is now available. Among others it adds:
- #Prometheus exporter
- more efficient file/directory monitoring on #Linux
- #FreeBSD audit source
Read more at https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.9.0
Packages for #Debian / #Ubuntu / #openSUSE / #Fedora & #EPEL are available.
Last year, I wrote a small configuration snippet for syslog-ng: #FreeBSD #audit source. I published it in a previous blog, and based on feedback, it is already used in #production. And soon, it will be available also as part of a #syslog_ng release.
https://www.syslog-ng.com/community/b/blog/posts/freebsd-audit-source-is-coming-to-syslog-ng
@hadret @selea The #syslog_ng point of view when it comes to #AI: https://fosstodon.org/@PCzanik/114856221034797034
@selea ffs, I wish I didn’t ask welp, #syslog_ng it is…
anyway, thx, completely missed it
Last year, we published a #Prometheus #exporter for #syslog_ng, implemented in #Python. However, syslog-ng 4.9.0 will include one that runs as part of syslog-ng. Needless to say, #testing and #feedback are very welcome!
https://www.syslog-ng.com/community/b/blog/posts/prometheus-exporter-in-syslog-ng
#LogManagement
Some of our most active users chose syslog-ng because of its detailed and #accurate #documentation ( https://syslog-ng.github.io/ ). Later I received complaints that it is too detailed, and we need a #tutorial: https://peter.czanik.hu/posts/syslog-ng-tutorial-toc/ . This time, I was asked for something even shorter. Here you are: https://www.syslog-ng.com/community/b/blog/posts/your-first-steps-configuring-syslog-ng :-)
#syslog_ng #LogManagement
#Languages are fun. I'm native #Hungarian. Giving a syslog-ng talk (or any other IT topic) is a major #PITA. Lots of practice finding a balance between English words and their Hungarian translations. Giving a #syslog_ng talk in #English is a much smaller effort
I'm in Nürnberg for the annual @opensuse conference. Wearing my favorite #syslog_ng t-shirt I collected a nice badge and some swag. My #LogManagement talk is in the afternoon, but as usual, I'm also here to listen and network :-) I'm ready to answer your #logging questions!
The June #syslog_ng newsletter is now on-line:
- Installing nightly #arm64 packages on a #RaspberryPi
- Working with #OneIdentity Cloud PAM Linux agent logs in syslog-ng
- Testing the new wildcard-file() source options on #Linux
It is available at https://www.syslog-ng.com/community/b/blog/posts/the-syslog-ng-insider-2025-06-arm64-pam-testing
No response yet to my #syslog_ng #HDFS destination question:
Most likely it means that we can drop #Hadoop support from syslog-ng without any complaints. But I rather repeat my question a few more times on my #socialmedia accounts...
You can now install our nightly syslog-ng builds on the Raspberry Pi:
Actually installing #syslog_ng on #ARM is not limited to the #RaspberryPi, but to #Debian BookWorm #ARM64 :-)
Someone just asked me about Kafka support in #syslog_ng. We already have a #Kafka destination, but no native source driver yet.
There is a workaround: https://www.syslog-ng.com/community/b/blog/posts/consuming-logs-from-a-kafka-topic-using-syslog-ng
Question: is this good enough? Or do you need more performance and reliability?
Most #Java-based drivers have been deprecated in #syslog_ng years ago, and removed while preparing for 4.9.0. The only Java-based driver remaining is #HDFS, so we want to ask the syslog-ng community if the HDFS destination is still needed for them.
https://www.syslog-ng.com/community/b/blog/posts/deprecating-java-based-drivers-from-syslog-ng-is-hdfs-next
#syslog_ng 4.8.0 improved the wildcard-file() source on #FreeBSD and #MacOS. Version 4.9.0 will do the same for #Linux by using #inotify for file and directory monitoring, resulting in faster performance while using significantly less resources. https://www.syslog-ng.com/community/b/blog/posts/testing-the-new-syslog-ng-wildcard-file-source-options-on-linux
Bug fix releases for syslog-ng 4.8 are already out. However, 4.9.0 is still ahead of us. My call for testing #syslog_ng is still live for that:
https://www.syslog-ng.com/community/b/blog/posts/a-call-for-testing-the-upcoming-syslog-ng-releases
File and directory monitoring became a lot more efficient on #Linux, and there are many more changes.
The May #syslog_ng newsletter is now available on-line:
- Introducing the #develop branch of the syslog-ng #git repo
- Working with #OneIdentity Active Roles debug logs in syslog-ng
- Nightly #arm64 syslog-ng #container builds are now available
Last week, we released #syslog_ng 4.8.2, containing a #CVE fix along with improvements to the #Elasticsearch and #S3 destinations. As such, an upgrade is highly recommended. Version 4.8.3 of syslog-ng fixes the release process.
https://www.syslog-ng.com/community/b/blog/posts/syslog-ng-4-8-3-is-now-available
#syslog_ng version 4.8.3 is now available. It is a re-release of 4.8.2. For details check the syslog-ng release notes at:
https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.8.3
Version 4.8.2 of syslog-ng is now available. It is a buf fix release. It resolves a reliability issue in the #S3 destination, fixes the #Elasticsearch destination, and a low impact #CVE problem.
https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.8.2