In complex log management deployments, syslog-ng can perform advanced filtering, parsing, re-writing and classification on the client hosts or relays deployed at local sites. That way you can reduce the complexity and amount of data being transferred to the central logserver. When log sources, like webservers, generate logs containing sensitive data, such as login credentials, syslog-ng can anonymize the data at its source, rather than transferring it to a central logserver. This helps protect sensitive data, and also to comply with the PCI-DSS requirements.
Even in IT environments where Windows servers are exclusively deployed, network devices, security devices, and applications generate a variety of log messages which cannot be easily managed with standard Windows tools, such as the Windows Event Viewer. The syslog-ng Premium Edition can receive log messages coming from a wide variety of sources, including Windows servers, network devices and applications. With syslog-ng you can manage all the logs in your IT environment without having separate “data silos” for different kinds of log data. To protect sensitive log data, syslog-ng Premium Edition can store log messages securely in encrypted, compressed, indexed, and timestamped binary files, so any sensitive data is available only for authorized personnel who have the appropriate encryption key.
For log management deployments requiring a lightweight agent with a Graphical User Interface, the syslog-ng Agent for Windows is still available and includes new features such as RLTP™ support, flow control and wildcards in Event Source names. It can collect log messages from event log groups and log files and forward them to a syslog-ng server using regular or TLS-encrypted TCP connections, integrating your Windows hosts into your general log management infrastructure. The syslog-ng Agent can be managed from a domain controller using group policies, or run as a standalone application.
|Feature||syslog-ng Agent for Windows||syslog-ng Premium Edition|
|Configuration Interface||GUI or XML-based configuration file||Flexible, text-based configuration file|
|Classification||Source based||Source & Content Based|
|Client-side disk buffering||No||Yes|
|On the wire compression||Yes||Yes|
Supported operating systems
Tell us a bit more about you and let us know how we can help.
"Syslog-ng has a solid reputation with their open source product. Our experience with this open source version was outstanding and the premium version gave us the functionality we needed with regards to some security issues."
Øyvind Gielink, IT security officer, Telenor Group