{"id":26160574,"url":"https://github.com/balabit/syslog-ng","last_synced_at":"2025-03-11T12:01:56.390Z","repository":{"id":11642280,"uuid":"14146757","full_name":"syslog-ng/syslog-ng","owner":"syslog-ng","description":"syslog-ng is an enhanced log daemon, supporting a wide range of input and output methods: syslog, unstructured text, queueing, SQL \u0026 NoSQL.","archived":false,"fork":false,"pushed_at":"2025-03-10T14:56:45.000Z","size":39633,"stargazers_count":2194,"open_issues_count":198,"forks_count":482,"subscribers_count":90,"default_branch":"develop","last_synced_at":"2025-03-10T15:43:59.123Z","etag":null,"topics":["c","elastic","kafka","log-management","logging","python","syslog","syslog-ng"],"latest_commit_sha":null,"homepage":"https://www.syslog-ng.com","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/syslog-ng.png","metadata":{"files":{"readme":"README.md","changelog":"NEWS.md","contributing":"CONTRIBUTING.md","funding":null,"license":"COPYING","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":"AUTHORS","dei":null,"publiccode":null,"codemeta":null}},"created_at":"2013-11-05T16:22:02.000Z","updated_at":"2025-03-10T14:56:50.000Z","dependencies_parsed_at":"2024-03-20T16:51:54.619Z","dependency_job_id":"d3f3c5da-b5b7-46e9-bc93-fda5d7a9f8ac","html_url":"https://github.com/syslog-ng/syslog-ng","commit_stats":{"total_commits":14502,"total_committers":199,"mean_commits":72.87437185929649,"dds":0.6067438973934629,"last_synced_commit":"47e7d8ea7378e70e18313df3e22122293ed3a3d6"},"previous_names":["balabit/syslog-ng"],"tags_count":135,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/syslog-ng%2Fsyslog-ng","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/syslog-ng%2Fsyslog-ng/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/syslog-ng%2Fsyslog-ng/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/syslog-ng%2Fsyslog-ng/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/syslog-ng","download_url":"https://codeload.github.com/syslog-ng/syslog-ng/tar.gz/refs/heads/develop","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243030784,"owners_count":20224665,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["c","elastic","kafka","log-management","logging","python","syslog","syslog-ng"],"created_at":"2025-03-11T12:01:54.804Z","updated_at":"2025-03-11T12:01:56.245Z","avatar_url":"https://github.com/syslog-ng.png","language":"C","readme":"[![Build Status](https://github.com/syslog-ng/syslog-ng/actions/workflows/devshell.yml/badge.svg)](https://github.com/syslog-ng/syslog-ng/actions/workflows/devshell.yml)\n[![Nightly](https://github.com/syslog-ng/syslog-ng/actions/workflows/nightly-release.yml/badge.svg)](https://github.com/syslog-ng/syslog-ng/actions/workflows/nightly-release.yml)\n[![Binary packages](https://github.com/syslog-ng/syslog-ng/actions/workflows/packages.yml/badge.svg)](https://github.com/syslog-ng/syslog-ng/actions/workflows/packages.yml)\n[![Compile dbld-images](https://github.com/syslog-ng/syslog-ng/actions/workflows/dbld-images.yml/badge.svg)](https://github.com/syslog-ng/syslog-ng/actions/workflows/dbld-images.yml)\n\nsyslog-ng\n=========\n\nsyslog-ng is an enhanced log daemon, supporting a wide range of input\nand output methods: syslog, unstructured text, message queues,\ndatabases (SQL and NoSQL alike), and more.\n\n## Quickstart\n\nThe simplest configuration accepts system logs from /dev/log (from\napplications or forwarded by systemd) and writes everything to a single\nfile:\n\n``` config\n@version: 4.8\n@include \"scl.conf\"\n\nlog {\n\tsource { system(); };\n\tdestination { file(\"/var/log/syslog\"); };\n};\n```\n\nThis one additionally processes logs from the network (TCP/514 by default):\n\n``` config\n@version: 4.8\n@include \"scl.conf\"\n\nlog {\n\tsource {\n\t\tsystem();\n\t\tnetwork();\n\t};\n\tdestination { file(\"/var/log/syslog\"); };\n};\n```\nThis config is designed for structured/application logging, using local submission via JSON, and outputting in key=value format:\n\n``` config\n@version: 4.8\n@include \"scl.conf\"\n\nlog {\n\tsource { system(); };\n\tdestination { file(\"/var/log/app.log\" template(\"$(format-welf --subkeys .cim.)\\n\")); };\n};\n```\n\nTo submit a structured log using `logger`, you might run:\n\n```shell\n$ logger '@cim: {\"name1\":\"value1\", \"name2\":\"value2\"}'\n```\n\nIn which case the resulting message will be:\n\n``` text\nname1=value1 name2=value2\n```\n\nFor a brief introduction to configuring the syslog-ng application, see the [quickstart guide](https://syslog-ng.github.io/admin-guide/040_Quick-start_guide/README).\n\n## Features\n\n* Receive and send [RFC3164](https://tools.ietf.org/html/rfc3164)\n  and [RFC5424](https://tools.ietf.org/html/rfc5424) style syslog\n  messages\n* Receive and send [JSON](http://json.org/) formatted messages\n* Work with any kind of unstructured data\n* Classify and structure logs using built-in parsers (csv-parser(),\n  db-parser(), kv-parser(), etc.)\n* Normalize, crunch, and process logs as they flow through the system\n* Hand over logs for further processing using files, message queues (like\n  [AMQP](http://www.amqp.org/)), or databases (like\n  [PostgreSQL](http://www.postgresql.org/) or\n  [MongoDB](http://www.mongodb.org/))\n* Forward logs to big data tools (like [Elasticsearch](https://www.elastic.co/),\n  [Apache Kafka](http://kafka.apache.org/), or\n  [Apache Hadoop](http://hadoop.apache.org/))\n\n### Performance\n\n* syslog-ng provides performance levels comparable to a large\n  cluster when running on a single node\n* In the simplest use case, it scales up to 600-800k messages per\n  second\n* But classification, parsing, and filtering still produce several\n  tens of thousands of messages per second\n\n### Community\n\n* syslog-ng is developed by a community of volunteers, the best way to\n  contact us is via our [github project page](http://github.com/syslog-ng/syslog-ng)\n  project, our [gitter channel](https://gitter.im/syslog-ng/syslog-ng) or\n  our [mailing list](https://lists.balabit.hu/mailman/listinfo/syslog-ng).\n* syslog-ng is integrated into almost all Linux distributions and BSDs, it\n  is also incorporated into a number of products, see our [powered by\n  syslog-ng](https://syslog-ng.com/powered-by-syslog-ng) page for more details.\n\n### Sponsors\n\n- [Balabit](http://www.balabit.com/) is the original commercial sponsor of the syslog-ng project, and was acquired by One Identity in 2018. One Identity offers a commercial edition for syslog-ng, called the syslog-ng Premium Edition.\n- Axoflow is the company of Balazs Scheidler, the original creator and main developer of syslog-ng.\n\n## Feedback\n\nWe are really interested to see who uses our software, so if you do use it and you like\nwhat you see, please tell us about it. A star on github or an email\nsaying thanks means a lot already, but telling us about your use case,\nyour experience, and things to improve would be much appreciated.\n\nJust send an email to feedback (at) syslog-ng.org.\n\n *Feedback Powers Open Source.*\n\n## Installation from source\n\nReleases and precompiled tarballs are available on [GitHub][github-repo].\n\n [github-repo]: https://github.com/syslog-ng/syslog-ng/releases\n\nTo compile from source, the easiest is to use `dbld`, a docker based,\nself-hosted compile/build/release infrastructure within the source tree. See\n`dbld/README.md` for more information.\n\nFor the brave souls who want to compile syslog-ng from scratch, the usual\ndrill applies:\n\n    $ ./configure \u0026\u0026 make \u0026\u0026 make install\n\nThe extra effort in contrast with the dbld based build is the need to fetch\nand install all build dependencies of syslog-ng (of which there are a few).\n\nIf you don't have a configure script (because of cloning from git, for example),\nrun\n\n    ./autogen.sh\n\nto generate it.\n\nSome of the functionality of syslog-ng is compiled only if the required\ndevelopment libraries are present. The configure script displays a\nsummary of enabled features at the end of its run.\nFor details, see the [syslog-ng compiling instructions](https://syslog-ng.github.io/admin-guide/030_Installing_syslog-ng/000_Compiling_syslog-ng_from_source).\n\n## Installation from binaries\n\nBinaries are available in various Linux distributions and contributors\nmaintain packages of the latest and greatest syslog-ng version for\nvarious OSes.\n\n### Debian/Ubuntu\n\nSimply invoke the following command as root:\n\n    # apt install syslog-ng\n\nThe latest versions of syslog-ng are available for a wide range of Debian\nand Ubuntu releases from our APT repository.\n\nThe packages and the APT repository are provided \"as is\" without warranty of any kind, on a best-effort level.\n\n#### Supported distributions\n\nsyslog-ng packages are released for the following distribution versions:\n\n| Distro version | sources.list component name | Arch |\n|---|---|---|\n| Ubuntu 24.04 | ubuntu-noble | x86-64 |\n| Ubuntu 24.04 | ubuntu-noble-arm64 | arm64 |\n| Ubuntu 22.04 | ubuntu-jammy | x86-64 |\n| Ubuntu 20.04 | ubuntu-focal | x86-64 |\n| Debian 12 | debian-bookworm | x86-64 |\n| Debian 12 | debian-bookworm-arm64 | arm64 |\n| Debian 11 | debian-bullseye | x86-64 |\n| Debian Unstable | debian-sid | x86-64 |\n| Debian Testing | debian-testing | x86-64 |\n\n#### Adding the APT repository\n\n1. Download and install the release signing key:\n\n    ``` shell\n    wget -qO - https://ose-repo.syslog-ng.com/apt/syslog-ng-ose-pub.asc | sudo apt-key add -\n    ```\n\n2. Add the repository containing the latest build of syslog-ng to your APT sources.  \n   For example if you are running Ubuntu 24.04, you would use `ubuntu-noble`, see chart above:\n\n    ``` shell\n    echo \"deb https://ose-repo.syslog-ng.com/apt/ stable ubuntu-noble\" | sudo tee -a /etc/apt/sources.list.d/syslog-ng-ose.list\n    ```\n3. Update your repositories with\n   ```` shell\n   sudo apt update\n   ````\n\n4. Now install syslog-ng:\n   ```` shell\n   sudo apt install syslog-ng\n   ````\n\n#### Nightly builds\n\nNightly packages are built and released from the git `master` branch everyday.\n\nUse `nightly` instead of `stable` in step 2 to use the nightly APT repository. E.g.:\n\n``` shell\necho \"deb https://ose-repo.syslog-ng.com/apt/ nightly ubuntu-noble\" | sudo tee -a /etc/apt/sources.list.d/syslog-ng-ose.list\n```\n\nNightly builds can be used for testing purposes (obtaining new features and bugfixes) at the risk of breakage.\n\n### Arch Linux\n\n``` shell\n# pacman -S syslog-ng\n```\n\n### Fedora\n\nsyslog-ng is available as a Fedora package that you can install using\ndnf:\n\n#### dnf install syslog-ng\n\nYou can download packages for the latest versions from [here](https://copr.fedoraproject.org/coprs/czanik/).\n\nFor instructions on how to install syslog-ng on RPM distributions, see the blog post [Installing latest syslog-ng on RHEL and other RPM distributions](https://syslog-ng.com/blog/installing-latest-syslog-ng-on-rhel-and-other-rpm-distributions/).\n\nIf you wish to install the latest RPM package that comes from a recent commit in Git for testing purposes, read the blog post, [RPM packages from syslog-ng Git HEAD](https://syslog-ng.com/blog/rpm-packages-from-syslog-ng-git-head/).\n\n### macOS\n\n``` shell\n# brew install syslog-ng\n```\n\n### Others\n\nBinaries for other platforms are listed on the\nofficial [third party page][3rd-party].\n\n [3rd-party]: https://syslog-ng.com/3rd-party-binaries\n\n## Installation from Docker image\n\nBinaries are also available as a Docker image. To find out more, check out the blog post, [Your central log server in Docker](https://syslog-ng.com/blog/central-log-server-docker/).\n\n## Documentation\n\nFor the latest, markdown based version, see the [syslog-ng documentation](https://syslog-ng.github.io) center. \\\nThe official documentation of the earlier versions (3.X) of syslog-ng Open Source Edition provided by One Identity is available\n[here](https://support.oneidentity.com/syslog-ng-open-source-edition/).\n\n## Contributing\n\nIf you would like to contribute to syslog-ng, to fix a bug or create a new module, the [syslog-ng pages](https://syslog-ng.github.io/dev-guide/README) helps you take the first steps to working with the code base.\n","funding_links":[],"categories":["C"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbalabit%2Fsyslog-ng","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbalabit%2Fsyslog-ng","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbalabit%2Fsyslog-ng/lists"}