Recent Posts
FreeBSD audit source for syslog-ng
Two weeks ago, I was at EuroBSDcon and received a feature request for syslog-ng. The user wanted to collect FreeBSD audit logs together with other logs using syslog-ng. Writing a native driver in C is time consuming. However, creating an integration based on the program() source of syslog-ng is not that difficult.
This blog shows you the current state of the FreeBSD audit source, how it works, and its limitations. It is also a request for feedback.
read more
POWER for open source enthusiasts: what is coming?
Recently I was at EuroBSDCon, where several participants recognized that I am a POWER guy. And they were right, I have been an IBM POWER Champion focusing on open source software on POWER for the past three years.
Talos II POWER9 mainboard I got the usual question from people: is there anyone working on an affordable and open source friendly POWER machine? My answer was a definite yes, but also had to admit that I do not know the actual status for any of the projects.
read more
EuroBSDCon 2024
EuroBSDCon was fantastic, as always :-) I talked to many interesting people during the four days about sudo and syslog-ng, and of course also about many other topics. I gave a sudo tutorial, and it went well, with some “students” already planning which features to implement at home. There were many good talks, including one from Dr. Marshall Kirk McKusick, who was with the FreeBSD project right from the beginning, and worked on BSD even earlier.
read more
Huge improvements for syslog-ng in MacPorts
Last week I wrote about a campaign that we started to resolve issues on GitHub. Some of the fixes are coming from our enthusiastic community. Thanks to this, there is a new syslog-ng-devel port in MacPorts, where you can enable almost all syslog-ng features even for older MacOS versions and PowerPC hardware. Some of the freshly enabled modules include support for Kafka, GeoIP or OpenTelemetry. From this blog entry, you can learn how to install a legacy or an up-to-date syslog-ng version from MacPorts.
read more
Why sudo 1.9.16 enables secure_path by default?
Sudo 1.9.16 is now out, containing mostly bug fixes. However, there are also some new features, like the json_compact option I wrote about a while ago. The other major change is, secure_path is now enabled by default in the sudoers file, and there is a new option to fine-tune its content.
Read more at https://www.sudo.ws/posts/2024/09/why-sudo-1.9.16-enables-secure_path-by-default/
Sudo logo
read more
The syslog-ng Insider 2024-09: documentation; TRANSPORT macro; rolling RPMs
The September syslog-ng newsletter is now on-line:
You can also contribute to the syslog-ng OSE documentation The $TRANSPORT macro of syslog-ng Rolling RPM platforms added to the syslog-ng package build system It is available at https://www.syslog-ng.com/community/b/blog/posts/the-syslog-ng-insider-2024-09-documentation-transport-macro-rolling-rpms
syslog-ng logo
read more
Sending logs to Quickwit using the OpenTelemetry destination of syslog-ng
Last time we looked at how syslog-ng can send logs to Quickwit using its Elasticsearch compatible API. This time we are going to look at how to use the OpenTelemetry protocol to send logs to Quickwit with syslog-ng.
Read more at https://www.syslog-ng.com/community/b/blog/posts/sending-logs-to-quickwit-using-the-opentelemetry-destination-of-syslog-ng
syslog-ng logo
read more
First steps with Quickwit and syslog-ng
We are always looking for new ways to store log messages. Quickwit is a new contender, designed for log storage, and among others, it also provides an Elasticsearch-compatible API. From this blog, you can learn about Quickwit, and how to forward log messages from syslog-ng to it using the Elasticsearch-compatible API.
Read more at https://www.syslog-ng.com/community/b/blog/posts/first-steps-with-quickwit-and-syslog-ng
syslog-ng logo
read more
We are switching syslog-ng containers from Debian Testing to Stable
For many years, the official syslog-ng container and development containers were based on Debian Testing. We are switching to Debian Stable now. Learn about the history and the reasons for the change now.
Read more at https://www.syslog-ng.com/community/b/blog/posts/we-are-switching-syslog-ng-containers-from-debian-testing-to-stable
syslog-ng logo
read more
he syslog-ng Insider 2024-08: 4.8.0 release; Prometheus; Amazon Linux
The August syslog-ng newsletter is now on-line:
Version 4.8.0 of syslog-ng improves FreeBSD and MacOS support syslog-ng Prometheus exporter Experimental syslog-ng packages for Amazon Linux 2023 It is available at https://www.syslog-ng.com/community/b/blog/posts/the-syslog-ng-insider-2024-08-4-8-0-release-prometheus-amazon-linux
syslog-ng logo
read more