Open Source log management solution with over a million users worldwide

With syslog-ng, you can collect logs from any source, process them in near real-time and deliver them to a wide variety of destinations.

syslog-ng allows you to flexibly collect, parse, classify, and correlate logs from across your infrastructure and store or route them to log analysis tools.

Getting started is easy.

Most GNU/Linux distributions ship with binary packages. For other distributions and operating systems, check out this list of third-party packages. Once installed, a simple configuration (to be placed in /etc/syslog-ng/syslog-ng.conf), that puts all system logs down into a single file, is presented below.

@version: 3.7
@include "scl.conf"
source      s_system { system(); internal();                 };
destination d_all    { file("/var/log/all.log");             };
log                  { source(s_system); destination(d_all); };

Visit us at GitHub

Documentation Download Incubator Supported versions

contact us : [email protected]
(to be able to send e-mails to this address, you must register.)

Highlights

Open Source

Released under a combination of the GNU General Public License (GPL) and Lesser General Public License (LGPL) - contributor agreement not required. Developed in the open: code, issues, mailing list all available!

Scalable

syslog-ng provides reliable log management for environments ranging from a few hosts to thousands.

Extendable

syslog-ng can be extended with plugins to suit any use case. Tools and modules can be written in C, Python, Java, Lua, or Perl. Visit the syslog-ng incubator to learn more.

Why syslog-ng?

Support for common inputs
syslog-ng not only supports legacy BSD syslog (RFC3164) and the enhanced RFC5424 protocols but also JavaScript Object Notation (JSON) and journald message formats.

Flexible data extraction
Working with unstructured data? That's not a problem: syslog-ng comes with a set of built-in parsers, which you can combine to build very complex things.

Simplify complex log data
Even if you need to collect logs from a diverse range of sources, syslog-ng's patterndb allows you to correlate events together and transform them into a unified format. Learn more

Databases destinations
If you need to store your log messages in a database, you don't need to look any further! We have SQL (MySQL, PostgreSQL, even Oracle!), MongoDB. We also support inserting messages into Redis, if that's what you are after.

Message queue support
syslog-ng supports the Advanced Message Queuing Protocol (AMQP) and the Simple Text Oriented Messaging Protocol (STOMP) too, with more in the pipeline.

Professional Support
BalaBit offers vendor tested installation packages for more than 50 server platforms, professional support and services.

News

Official repositories are coming

2017-09-20

If you would be interested in binary packages for various popular distributions and would use official syslog-ng OSE repositories, let us know!

syslog-ng at SCALE 15x

2017-03-03

If you are attending the Southern California Linux Expo this week at the Pasadena Convention Center, visit the Balabit booth, or attend the talk about security logs using syslog-ng!

syslog-ng talks at FOSDEM

2017-01-11

If you are going to attend FOSDEM in Brussels on February 4 or 5, you can hear about using syslog-ng from Peter Czanik in his two talks: Scaling your logging infrastructure using syslog-ng and Get the most out of your security logs using syslog-ng.