HomeProducts › syslog-ng Premium Edition ›
syslog-ng Premium Edition

Client side

Take the Next Step

See the cost benefits of syslog-ng PE usage over syslog-ng OSE

Secure logging using SSL/TLS

Log messages may contain sensitive information that should not be accessed by third parties. Therefore, syslog-ng Premium Edition uses the Transport Layer Security (TLS) protocol to encrypt the communication. TLS also allows the mutual authentication of the host and the server using X.509 certificates.

Reliable log transfer

The syslog-ng application enables you to send the log messages of your hosts to remote servers. The logs of different servers can be collected and stored centrally on dedicated log servers. Transferring log messages using the TCP protocol ensures that no messages are lost.

Disk-based message buffering

The Premium Edition of syslog-ng stores messages on the local hard disk if the central log server or the network connection becomes unavailable. The syslog-ng application automatically sends the stored messages to the server when the connection is reestablished, in the same order the messages were received. The disk buffer is persistent - no messages are lost even if syslog-ng is restarted.

Flow-control

Flow-control uses a control window to determine if there is free space in the output buffer of syslog-ng for new messages. If the output buffer is full, then the destination cannot accept new messages for some reason: for example, it is overloaded, or the network connection became unavailable. In such cases, syslog-ng stops reading messages from the source until some messages have been successfully sent to the destination.

Read logs from any text file

Some applications use many different logfiles, and sometimes these files are not even located in the same folder. Automatically generated file and foldernames are also often a problem. To solve these issues, the filenames and paths specifying the logfiles read by syslog-ng can include wildcards, and syslog-ng can automatically scan entire subfolder-trees for the specified files.

The syslog-ng Premium Edition application is also able to process multi-line log messages, for example, Apache Tomcat messages.

Sending SNMP traps

The syslog-ng PE application can send SNMP traps using the Simple Network Management Protocol version 2c or version 3. Incoming log messages can be converted to SNMP traps, and the fields (such as the trap OID) of the SNMP messages can be customized using syslog-ng PE macros. Converting the syslog messages sent by Cisco devices to Cisco-specific SNMP traps defined by the CISCO-SYSLOG-MIB (enterprises.cisco.ciscoMgmt.ciscoCiscoMIB) is also supported (such traps are also referred to as clogMessageGenerated notifications). That way, the incoming log messages can be forwarded to devices used to process and analyze Cisco-specific SNMP traps.

Learn more about the product feature areas as below

Back to top Or Back to the features