While testing the latest Elasticsearch release with syslog-ng, I realized that there was already a not fully documented elasticsearch-datastream() driver. Instead of fixing the docs, I reworked the elasticsearch-http() destination to support data streams. So, what was the problem? The driver follows a different logic in multiple places than the base elasticsearch-http() destination driver. Some of the descriptions were too general, others were missing completely. You had to read the configuration file in the syslog-ng configuration library (SCL) to configure the destination properly.

Recently, one of our power users contributed OpenSearch data streams support to syslog-ng, which reminded me to also do some minimal testing on the latest OpenSearch release with syslog-ng. TL;DR: both worked just fine. Read more at https://www.syslog-ng.com/community/b/blog/posts/using-opensearch-data-streams-in-syslog-ng syslog-ng logo

The December syslog-ng newsletter is now on-line: File size-based log rotation in syslog-ng Syslog-ng release packages for RHEL & Co. Nightly syslog-ng RPM packages for RHEL & Co. It is available at https://www.syslog-ng.com/community/b/blog/posts/the-syslog-ng-insider-2025-12-logrotation-release-rpm-nightly-rpm syslog-ng logo

A long-waited feature for syslog-ng, the Kafka source, is getting ready soon. The development is still in progress, but you can already try it, and it is worth the effort. How? Using the very same tool the syslog-ng testing and release process relies on. From this blog you can learn how to download and patch syslog-ng git sources and build packages for popular RPM and DEB Linux distributions. Once you have installable packages, comes the fun part: getting the Kafka source working.

The October syslog-ng newsletter is now on-line: The core values of syslog-ng Running syslog-ng in BastilleBSD Debian and Ubuntu blogs updated It is available at https://www.syslog-ng.com/community/b/blog/posts/the-syslog-ng-insider-2025-10-values-bastillebsd-debian syslog-ng logo

Last year’s Budapest Audio Expo was the first hifi event I had truly enjoyed in years. Needless to say, I spent a day this weekend at the Audio Expo again :-) Building on last year’s experience, I chose to visit the expo on Sunday. There were fewer people and better-sounding systems. TL;DR: If I had to sum up the expo in a one statement: Made in Hungary audio rivals the rest of the world in quality, while often being available at a much more affordable price.

Version 4.10.1 is a bugfix release, not needed by most users. It fixes the syslog-ng container and platform support in some less common situations. Before you begin I assume that most people are lazy and/or overbooked, just like me. So, if you already have syslog-ng 4.10.0 up and running, and packaged for your platform, just skip this bugfix release. What is fixed? You can now compile syslog-ng on FreeBSD 15 again.

Version 4.10 of syslog-ng introduced file size-based log rotation. Thanks to this, storage space is no longer filled with logs with the risk that you might not see older logs if the message rate is higher than expected. Read more at https://www.syslog-ng.com/community/b/blog/posts/file-size-based-log-rotation-in-syslog-ng syslog-ng logo

The Hungarian band Asztropapucs has a special place in my heart. I have known these musicians for a long time, some of them even before they formed the band. Like almost everyone else, they started out playing cover songs years ago. Recently, however, they started writing their own songs. I have seen them perform at various concerts. They practiced regularly, and their hard work has led to continuous improvement. This weekend, they published their first song on several streaming services: “Maja” I’ve listened to it many times, and I recommend you do the same.

Version 4.10.0 of syslog-ng is now available. Among others it adds: support for file size based logrotation a filter that test if a value is blank updated MongoDB driver support For more details check the syslog-ng release notes at https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.10.0 This release fixes several bugs introduced in syslog-ng version 4.9.0, which is the syslog-ng version available in openSUSE Leap 16.0 and Fedora 43. It’s feature freeze (and thus package version freeze) for both distros, but do not worry: bug fixes are back ported.