syslog-ng is an enhanced log daemon, supporting a wide range of input and output methods: syslog, unstructured text, queueing, SQL & NoSQL.
Switch branches/tags
Clone or download
Pull request Compare This branch is 4525 commits behind balabit:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
Mk
contrib
debian
doc
lib
libtest
m4
modules
scl
scripts
syslog-ng-ctl
syslog-ng
tests
tgz2build
.gitignore
.gitmodules
.travis.yml
AUTHORS
CONTRIBUTING.md
COPYING
GPL.txt
INSTALL
LGPL.txt
Makefile.am
NEWS.md
README.md
VERSION
autogen.sh
configure.ac
dist.conf.in
syslog-ng.pc.in
syslog-ng.spec.in

README.md

syslog-ng

syslog-ng is an enhanced log daemon, supporting a wide range of input and output methods: syslog, unstructured text, message queues, databases (SQL and NoSQL alike) and more.

Key features:

  • receive and send RFC3164 and RFC5424 style syslog messages
  • work with any kind of unstructured data
  • receive and send JSON formatted messages
  • classify and structure logs with builtin parsers (csv-parser(), db-parser(), ...)
  • normalize, crunch and process logs as they flow through the system
  • hand on messages for further processing using message queues (like AMQP), files or databases (like PostgreSQL or MongoDB).

Performance:

  • syslog-ng provides performance levels comparable to a large cluster while running on a single node.
  • In the simplest use-case it scales up 600-800k messages per second.
  • But classification, parsing and filtering still produces several tens of thousands messages per second.

Installation from Source

Releases are tagged in the github repository and tarballs ready to compile are made available at BalaBit's syslog-ng tarball repository.

To compile from source, the usual drill applies (assuming you have the required dependencies):

$ ./configure && make && make install

Some of the functionality is compiled only in case the required development libraries are present. The configure script displays a summary of enabled features at the end of its run.

Installation from Binaries

Binaries are available in various Linux distributions and contributors maintain packages of the latest and greatest syslog-ng version for various OSes.

Debian/Ubuntu

Simply invoke the following command as root:

# apt-get install syslog-ng

Latest versions of syslog-ng are available for a wide range of Debian and Ubuntu releases and architectures from an unofficial repository.

Fedora

syslog-ng is available as a Fedora package that you can install using yum:

# yum install syslog-ng

Others

Binaries for other platforms might be available, please check out the official third party page for more information.