Free Whitepaper
Visit Balabit site
Posts Tagged ‘GUI’
syslog-ng Insider – February 2012
Dear syslog-ng users,
This is the 11th issue of the syslog-ng Insider, a monthly newsletter that brings you syslog-ng related news.
Your feedback and news tips about the next issue is welcome at
documentation(at)balabit.com
FEATURED NEWS
Brno: Fedora, CEE, journal and syslog-ng
Last week the Brno Red Hat office hosted two conferences, one small about logging and the Fedora Developer conference. The logging miniconf covered some very hot topics: CEE, journal, auditd and some lesser known projects, like ELAPI. After the formal program, we had some very good discussions about the future of logging.
You can check the diagram drawn up as conclusion here:
http://czanik.blogs.balabit.com/2012/02/brno-fedora-cee-journal-and-syslog-ng/
And read more about how syslog-ng supports CEE: http://algernon.blogs.balabit.com/2012/02/cee-handling-with-syslog-ng/
BalaBit has just released the latest version of its leading log management tool, syslog-ng 4 F2
Adding to the existing, rich feature set which includes high-performance multi-thread processing, encrypted and timestamped log files, disk-based buffering, direct database access, native TLS support, the syslog-ng 4 F2 now supports Application-level Acknowledgement via Reliable Log Transport Protocol (RLTP)™ , a new transport protocol that prevents message loss during connection breaks. In addition, the latest version of syslog-ng can now natively collect and process log messages from SQL databases enabling users to easily manage log messages from a wide variety of enterprise software and custom applications.
syslog-ng 3.3.4 is released
It is a bugfix release, which fixes all previously known problems in the 3.3 series. There is only one change in 3.3 sources since the last release: manual pages were put under the GPL, and XML sources are now also available, so that the entire source code of syslog-ng is free from this point onwards.
Sources are available at http://www.balabit.com/network-security/syslog-ng/opensource-logging-system/downloads/download.
Packages for some distributions are available from http://www.balabit.com/network-security/syslog-ng/opensource-logging-system/downloads/3rd_party
Detailed changelog is available at http://www.balabit.com/files/syslog-ng/open-source-edition/3.3.4/changelog-en.txt
Documentation was also updated: http://www.balabit.com/support/documentation/documents/syslog-ng-ose-3.3-guides/syslog-ng-ose-v3.3-guide-admin-en.html/bk01-toc.html
EU Data Protection Directive – How a single regulation could boost the transparency in IT security?
Personal opinion from Balázs Scheidler, CEO of BalaBit
Overall, the EU Data Protection Directive can be a milestone in boosting the transparency of IT security at organizations – similarly to the regulatory compliance regulations after the Enron case. If adopted, the new directive could bring about a change in the implementation of IT security policies so that the current focus on audits could shift to the deeper integration of IT security processes into business processes.
As logging and log management are the base of every monitoring method, technologies with high-speed and zero message loss capabilities, like syslog-ng, will come to the front. Encrypting log files, in which companies store user names, passwords and other sensitive company data is also key to prevent data loss. http://bscheidler.blogs.balabit.com/2012/02/eu-data-protection-directive-how-a-single-regulation-could-boost-the-transparency-in-it-security/
OTHER SHORT NEWS
- syslog-ng web GUI blog updated
- What makes the upcoming v3.4 even more flexible? It’s summarized by Bazsi, lead developer of syslog-ng. Watch out for an upcoming Alpha version!
- There are still many syslog-ng v2.0 users. For those, here is a teaser, what changed since that release
- A syslog-ng presentation for FOSDEM
- ELSA, the high performance web GUI for syslog-ng, received a very useful new feature, post processing of search results
NEW RELEASES
- syslog-ng OSE 3.3.4
- syslog-ng PE 4F2
ARCHIVE
syslog-ng Insider – June 2011
Dear syslog-ng users,
This is the 4th issue of the syslog-ng Insider, a monthly newsletter that brings you syslog-ng related news.
Your feedback and news tips about the next issue is welcome at
documentation(at)balabit.com
FEATURED NEWS
syslog-ng FAQ moved and updated
The syslog-ng FAQ was maintained by Nate Campi for many years. Questions and answers for old releases are still available at the old URL. FAQ for recent releases is now maintained in-house and available at http://www.balabit.com/wiki/syslog-ng-faq
To place a question of yours into the syslog-ng FAQ, please don’t hesitate to contact us on the mailing list, which is available at http://lists.balabit.hu/mailman/listinfo/syslog-ng
syslog-ng OSE 3.3 beta1 released
The first beta version of syslog-ng 3.3 was released. This is a major step in syslog-ng’s development, as it is now fully multi-threaded, and is also the first release with considerable amount of community developed features.
For a full list of features, changes and fixes check the announcment at http://lists.balabit.hu/pipermail/syslog-ng/2011-May/016624.html
Development of syslog-ng OSE 3.4 started
As syslog-ng 3.3 is in feature freeze, new development goes on in the 3.4 repo. Looking at http://git.balabit.hu/?p=bazsi/syslog-ng-3.4.git shows some very interesting commit logs:
- $(sanitize): add new template function useful to sanitize filenames
- basicfuncs: Implement a $(substr STR START [LEN]) template function.
- basicfuncs: Implement a few numeric template functions
While not yet merged, the following blog has a preview of a planned extension to the recently merged value-pairs() functionality
Blog series on web GUIs for syslog-ng
Web based GUIs for syslog-ng is a hot topic recently, so a new blog series was started a few month ago. This month I covered LogStash. If you have any suggestions what else to cover, please let us know!
CVE-2011-1951: problems, when syslog-ng is compiled with PCRE 8.12+
Under certain circumstances Versions 3.0, 3.1 and 3.2 of syslog-ng Open Source Edition (OSE) are vulnerable to a Denial of Service attack if the PCRE engine is enabled in syslog-ng and libpcre version 8.12 is installed.
The syslog-ng Premium Edition (PE) application is not affected, as it uses a different version of the libpcre package.
In libpcre version 8.12 a return value has been changed. This change causes an infinite loop in syslog-ng if a pcre filter is used and the global flag is enabled for the expression. If such a filter expression is used in the configuration of syslog-ng and a log message does not match the regular expression (which most probably happens within seconds of starting an affected version of syslog-ng), syslog-ng consumes the processor resources and denial of service occurs.
All 3.X branches are affected before 3.2.4
syslog-ng Open Source Edition (OSE):
Branch
3.0.X < 3.0.11
3.1.X < 3.1.5
3.2.X < 3.2.4
OTHER SHORT NEWS
- Fedora maintainers were very active recently. The latest syslog-ng is now available in FC15 and packages for EPEL are also available: http://czanik.blogs.balabit.com/2011/05/fedora-15-syslog-ng-3-3-beta1-quick-news/ and http://czanik.blogs.balabit.com/2011/05/epel6-brings-syslog-ng-to-the-latest-rhel-centos-and-sl/
- Amazon Kindle is powered by syslog-ng
- Algernon started a new repo for not yet merged syslog-ng code
NEW RELEASES
RECENT WHITEPAPERS
- There is a new WP in preparation about syslog-ng GUIs. I published the basis of it as a blog already. Your comments are very welcome!
syslog-ng Insider – May 2011
Dear syslog-ng users,
This is the 3rd issue of the syslog-ng Insider, a monthly newsletter that brings you syslog-ng related news.
Your feedback and news tips about the next issue is welcome at
documentation(at)balabit.com
FEATURED NEWS
syslog-ng OSE 3.3 development
The previous month did not see a new syslog-ng 3.3 alpha or beta release, but development still went on. There were many important bugfixes and performance improvements. Also, most of the patches from the community were merged, including value-pairs(), mongo-db updates and JSON support. There is now a feature freeze in effect, so new features go now into the freshly opened syslog-ng 3.4 repository.
The current version can be checked out out from git, which has regular updates at http://git.balabit.hu/?p=bazsi/syslog-ng-3.3.git;a=summary
syslog-ng called open source project of the year
IDG hold its first Open Source conference on the 24th of February in Hungary. A new award was established for open source projects, and it was first given to syslog-ng OSE.
Blog series on web GUIs for syslog-ng
Web based GUIs for syslog-ng is a hot topic recently, so a new blog series was started. This month I’ll cover a new challenger: ELSA, which has patterndb at its heart.If you have any suggestions what else to cover, please let us know!
Support the syslog-ng project with your testimonial!
We send syslog-ng T-Shirts for the best use-cases and testimonials. We are especially interested in how you use syslog-ng: your environment, performance metrics, the UNIX platforms that you use and anything that you deem interesting about your setup. This is your possibility to influence the syslog-ng development process and to help the syslog-ng project.
OTHER SHORT NEWS
NEW RELEASES
RECENT WHITEPAPERS
syslog-ng Insider – April 2011
Dear syslog-ng users,
This is the second issue of the syslog-ng Insider, a monthly newsletter that brings you syslog-ng related news.
Your feedback and news tips about the next issue is welcome at
documentation(at)balabit.com
FEATURED NEWS
syslog-ng OSE 3.3 development
The next syslog-ng release is developed at rocket speed. The second alpha release brought in support for MongoDB as destination, and threading for increased performance and scalability. Community involvement in the development process is increasing, with many patches and detailed bug reports, which helped to fix correlation problems. Direct SMTP support is also available as a not yet merged patch. There were also long discussions about JSON and name value pairs with value-pairs() and tfjson() available as patches.
One can download the alpha2 release, or if impatient also check it out from git, which has regular updates at http://git.balabit.hu/?p=bazsi/syslog-ng-3.3.git;a=summary
syslog-ng called open source project of the year
IDG hold its first Open Source conference on the 24th of February in Hungary. A new award was established for open source projects, and it was first given to syslog-ng OSE.
Blog series on web GUIs for syslog-ng
Web based GUIs for syslog-ng is a hot topic recently, so a new blog series was started. Loganalyzer, Loggly and Logzilla are already covered and a few more reviews (ELSA, Octopussy) are already under way. If you have any suggestions what else to cover, please let us know!
Support the syslog-ng project with your testimonial!
We send syslog-ng T-Shirts for the best use-cases and testimonials. We are especially interested in how you use syslog-ng: your environment, performance metrics, the UNIX platforms that you use and anything that you deem interesting about your setup. This is your possibility to influence the syslog-ng development process and to help the syslog-ng project.
OTHER SHORT NEWS
- openSUSE 11.4 comes with syslog-ng 3.2
- FreeBSD 8.2 comes with syslog-ng 3.2
- Intrusion prevention based on syslog-ng and patterndb
- ELSA (Enterprise Log Search and Archive Project) had its first public release
RECENT WHITEPAPERS
The Six Cornerstones of Logging
This document aims at briefly demonstrating the technological and business processes that led to the revaluation of log information to such an extent that its collection and procession has become one of the most essential tasks of contemporary corporate IT. Furthermore, we attempt to identify those critical points of a central logging management project that determine its success the most. We hope that taking our six pieces of advice relating to these six points will substantially contribute to the successful professional activities of our readers.