syslog-ng is a syslogd replacement for a wide variety of UNIX systems that supports IPv6 and is capable of transferring log messages reliably using TCP and SSL and filtering the content of messages using regular expressions. Both RFC3164 and RFC5424 style messages are handled, but more esoteric formats like BSD process accounting logs are supported too. Apart from regular text files, it supports storing messages into SQL and MongoDB databases, and forward messages to local processes via pipes or UNIX domain sockets. This makes syslog-ng ideal as an integration platform. syslog-ng supports extracting structured information from the traditionally text based syslog via csv-parser(), db-parser(), and patterndb. Tag based classification, rewriting messages, and outputting messages in JSON is also possible. This makes syslog-ng ideal for preprocessing events for further analysis, be that home-grown scripts or SIEM systems. syslog-ng scales well on today's multi processor and multi-core systems: reaching 1,000,000 messages per second is a reality for the simplest use cases.
|Operating Systems||POSIX AIX BSD FreeBSD NetBSD OpenBSD IRIX Linux Solaris|
Release Notes: This is a bugfix only maintenance release of the 3.3 series, correcting a crash which happened when a rewrite rule using set() or subst() was used in multiple log paths.
Release Notes: This version added junctions and channels for even more flexible configuration, a community contributed AMQP destination, improved JSON support including a parser, and many improvements related to value pairs.
Release Notes: Stability and memory leak fixes.
Release Notes: Integrated support for MongoDB, JSON formatted events, and a multi-threaded architecture that scales syslog-ng up into the 800000 message/second range.
Release Notes: This is the first release in the new major version of syslog-ng, containing the longest list of features ever since the start of the syslog-ng project such as log message correlation and plugin support.