Version 4.10.1 is a bugfix release, not needed by most users. It fixes the syslog-ng container and platform support in some less common situations. Before you begin I assume that most people are lazy and/or overbooked, just like me. So, if you already have syslog-ng 4.10.0 up and running, and packaged for your platform, just skip this bugfix release. What is fixed? You can now compile syslog-ng on FreeBSD 15 again.

Version 4.10 of syslog-ng introduced file size-based log rotation. Thanks to this, storage space is no longer filled with logs with the risk that you might not see older logs if the message rate is higher than expected. Read more at https://www.syslog-ng.com/community/b/blog/posts/file-size-based-log-rotation-in-syslog-ng syslog-ng logo

Version 4.10.0 of syslog-ng is now available. Among others it adds: support for file size based logrotation a filter that test if a value is blank updated MongoDB driver support For more details check the syslog-ng release notes at https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.10.0 This release fixes several bugs introduced in syslog-ng version 4.9.0, which is the syslog-ng version available in openSUSE Leap 16.0 and Fedora 43. It’s feature freeze (and thus package version freeze) for both distros, but do not worry: bug fixes are back ported.

I have been providing syslog-ng users with weekly git snapshot RPM packages for almost a decade. From now on, RHEL & Co users can use nightly packages provided by the syslog-ng team, and from a lot less obscure location. As usual, these packages are for testing, not for production. Read more at https://www.syslog-ng.com/community/b/blog/posts/nightly-syslog-ng-rpm-packages-for-rhel-co syslog-ng logo

Whenever I present syslog-ng at a conference or I stand next to a booth, people often ask me why should they use syslog-ng instead of one of its competitors. So let me summarize what the users and developers of syslog-ng typically consider as its most important values. Documentation Yes, I know, this is not syslog-ng itself. However, talking to some of our most active and loyal users, one common feedback was that they had chosen syslog-ng because of the quality of its documentation.

The August syslog-ng newsletter is now on-line: Deprecating Java-based drivers from syslog-ng: Is HDFS next? Your first steps configuring syslog-ng Prometheus exporter in syslog-ng It is available at https://www.syslog-ng.com/community/b/blog/posts/the-syslog-ng-insider-2025-08-hdfs-configuration-prometheus syslog-ng logo

Recently, several people have asked me about the syslog-ng project’s view on Artificial intelligence. In short, there is cautious optimism: we embrace AI, but it does not take over any critical tasks from humans. But what does this mean for syslog-ng? Read more at https://www.syslog-ng.com/community/b/blog/posts/syslog-ng-development-and-ai syslog-ng logo

There are multiple syslog protocols with multiple variants. The new transport(auto) option of the syslog() source in syslog-ng allows you to support all TCP-based variants with a single source driver. When it comes to syslog, there are many transport options. RFC3164 describes the “legacy” or “BSD” syslog protocol, while RFC5424 refers to the “new” syslog protocol (which is also more than a decade old now… :-) ). RFC5424-formatted messages normally come with framing or octet counting (as per RFC6587), where messages are prefixed with the length of the message.

Last year, I wrote a small configuration snippet for syslog-ng: FreeBSD audit source. I published it in a previous blog, and based on feedback, it is already used in production. And soon, it will be available also as part of a syslog-ng release. As an active FreeBSD user and co-maintainer of the sysutils/syslog-ng port for FreeBSD, I am always happy to share FreeBSD-related news. Last year, we improved directory monitoring and file reading on FreeBSD and MacOS.

The June syslog-ng newsletter is now on-line: Installing nightly syslog-ng arm64 packages on a Raspberry Pi Working with One Identity Cloud PAM Linux agent logs in syslog-ng Testing the new syslog-ng wildcard-file() source options on Linux It is available at https://www.syslog-ng.com/community/b/blog/posts/the-syslog-ng-insider-2025-06-arm64-pam-testing syslog-ng logo