Syslog-ng

The syslog-ng Premium Edition is an enterprise-class log management software offered by One Identity LLC. According to the vendor, it is designed to provide secure and reliable transfer and storage of log messages for large organizations. This software is utilized by IT Operations, IT Security, Corporate Risk and Governance, Network Administrators, and System Administrators across various industries.

Key Features

Secure transfer and storage: According to the vendor, the software ensures zero message loss with local disk buffering, client-side failover, and application layer acknowledgment. It also offers encrypted transfer and storage, preserving the digital chain of custody.

Reliable log transfer: The vendor claims that syslog-ng Premium Edition can send and receive log messages reliably over the TCP transport layer using the Advanced Log Transfer Protocol™ (ALTP™). It is designed to prevent message loss during connection breaks.

Secure Transfer using TLS: The software utilizes the Transport Layer Security (TLS) protocol for encrypted communication, ensuring that log messages containing sensitive information are not accessed by unauthorized parties. According to the vendor, TLS allows mutual authentication of the host and the server using X.509 certificates.

Secure, Encrypted Log Storage: According to the vendor, syslog-ng Premium Edition can securely store log messages in encrypted, compressed, indexed, and timestamped binary files. This feature ensures that sensitive data is available only to authorized personnel. The software also allows users to request timestamps from external timestamping authorities.

Scalable architecture: According to the vendor, syslog-ng can handle over half a million log messages per second from thousands of log sources with a single server. It can collect logs from more than 5,000 log source hosts and tens of thousands of log sources when deployed in a client relay configuration.

Extreme message rate collection: The vendor claims that syslog-ng is optimized for performance and can handle an enormous amount of messages, processing over half a million messages per second in real-time. It can collect log messages from thousands of sources, providing full-stack visibility of the IT environment.

Easy monitoring: syslog-ng allows users to select and monitor statistics with granular control. According to the vendor, statistics can be easily converted and sent to enterprise monitoring solutions like IBM Tivoli Netcool, Riemann, Redis, or Graphite.

Flexible log routing: According to the vendor, syslog-ng can be deployed as an agent on various hosts and route logs to multiple analytic tools or databases. This eliminates the need for multiple agents on servers and reduces installation and maintenance time. The software provides tested binary files for over 50 server platforms.

Collect from a wide variety of sources, including Windows: The vendor states that syslog-ng Premium Edition can natively collect and process log messages from SQL databases, enabling easy management of log messages from various enterprise software and custom applications. It also offers the syslog-ng Agent for Windows, which is an event log collector and forwarder application for Microsoft Windows platforms.

Read log messages from any text file: According to the vendor, syslog-ng can read log files with wildcards in filenames and paths, automatically scanning entire subfolder trees for specified files. It can also process multi-line log messages, such as Apache Tomcat messages.