syslog-ng
Related pages
The Premium Edition (PE) of syslog-ng builds on the core of the popular open source version, offering advanced features like encrypted and timestamped log files, disk-based buffering, direct database access, native TLS support, and agents for the Microsoft Windows and IBM System i platforms. The key features of syslog-ng Premium Edition are the following:
Secure logging using SSL/TLS
Log messages may contain sensitive information that should not be accessed by third parties. Therefore, syslog-ng Premium Edition uses the Transport Layer Security (TLS) protocol to encrypt the communication. TLS also allows the mutual authentication of the host and the server using X.509 certificates.
Trusted, timestamped log storage
The Premium Edition of syslog-ng can store log messages securely in encrypted, compressed, digitally signed, indexed, and timestamped binary files, so any sensitive data is available only for authorized personnel who have the appropriate encryption key. Timestamps can be requested from external Timestamping Authorities.
syslog-ng Agent for Windows
The syslog-ng Agent for Windows is a log collector and forwarder application for Microsoft Windows, capable of forwarding eventlog messages to the central syslog-ng server. Windows Vista and 2008 Server are supported as well. Read more about syslog-ng Agent for Windows.
Disk-based message buffering
The Premium Edition of syslog-ng automatically stores messages on the local hard disk if the central log server or the network connection becomes unavailable. The syslog-ng application automatically sends the stored messages to the server when the connection is reestablished.
Direct database access
Storing your log messages in a database allows you to easily search and query the messages and interoperate with log analyzing applications. The Premium Edition of syslog-ng supports the following databases: MySQL, Microsoft SQL (MSSQL), Oracle, PostgreSQL, and SQLite.
Filter, parse and rewrite
The syslog-ng application can sort the incoming log messages based on their content and various parameters like the source host, application, and priority. It can also separate parts of log messages to named fields or columns, and modify the values of these fields, for example to remove sensitive data. Directories, files, and database tables can be created dynamically using macros - it is even possible to create custom templates and reformat the messages. Complex filtering using regular expressions and boolean operators offers almost unlimited flexibility to forward only the important log messages to the selected destinations.
Support for standard syslog protocols
The syslog-ng application supports the well-known BSD-syslog standard and also the latest syslog protocol standard developed by IETF.
Handle extreme load
The syslog-ng application is optimized for performance, and can handle enormous amount of messages. Depending on its exact configuration, it has been known to process over 75,000 messages per second real-time, and over 24 GB raw logs per hour on entry-level server hardware.
Supported platforms
The syslog-ng PE license allows you to download and use syslog-ng PE binaries for the following platforms:
| x86 | x86_64 | SUN SPARC | ppc32 | ppc64 | PA-RISC | |
| AIX 5.2 & 5.3 | X | X | X | ✔ | upon request | X |
| Debian etch | ✔ | ✔ | ✔ | X | X | X |
| Debian sarge * | upon request | upon request | upon request | X | X | X |
| FreeBSD 6.1 * | ✔ | upon request | upon request | X | X | X |
| HP-UX 11i | X | X | X | X | X | ✔ |
| IBM System i ** | X | X | X | ✔ | upon request | X |
| OpenBSD 4.x * | upon request | upon request | upon request | X | X | X |
| Red Hat ES 4 / CentOS 4 | ✔ | ✔ | X | X | X | X |
| Red Hat ES 5 / CentOS 5 | ✔ | ✔ | X | X | X | X |
| SLES 10 / openSUSE 10.0 | ✔ | upon request | X | X | X | X |
| SLES 10 SP1 / openSUSE 10.1 | ✔ | ✔ | X | X | X | X |
| Solaris 8 | X | X | ✔ | X | X | X |
| Solaris 9 | upon request | X | ✔ | X | X | X |
| Solaris 10 | upon request | ✔ | ✔ | X | X | X |
| Windows | ✔ | ✔ | X | X | X | X |
*Development of direct database access is in progress
**The syslog-ng Premium Edition application can run on IBM System i, but syslog-ng Agent for IBM System i is licensed independently from syslog-ng Premium Edition.
The central syslog-ng server cannot be installed on Microsoft Windows platforms. The syslog-ng Agent for Windows capable of forwarding eventlog messages to the central server is available on the x86 and x86_64 architecture for Microsoft Windows XP, Microsoft Windows 2003 Server, Microsoft Windows Vista, and Microsoft Windows 2008 Server. The syslog-ng Agent is available only in syslog-ng Premium Edition.
