syslog-ng

Business > IT development
2013-03-20 17:56:58
syslog
syslog-ng
Last update2013-03-20 17:56:58
Websitehttp://www.balabit.com/network-security/syslog-ng/
licenseLGPL
Input Sources
UNIX domain socketYes
UDPYes
TCPYes
RELP
RFC 3195/BEEPYes
kernel logYes
fileYes
mark message generator as an optional input
Standard output (stdout) of an applicationYes
Named pipeYes
Handle multi-line messages like Apache Tomcat or Oracle log messagesNo
Windows Event Log- via separate agent only available at Personal Edition
Network (Protocol) Support
support for (plain) tcp based syslogYes
support for GSS-API
ability to limit the allowed network senders (syslog ACLs)
support for syslog-transport-tls based framing on syslog/tcp connections
udp syslogYes
syslog over RELP
truly reliable message delivery (Why is plain tcp syslog not reliable?)
on the wire (zlib) message compression- only when using TLS
support for receiving messages via reliable RFC 3195 delivery
support for TLS/SSL-protected syslogYes
support for IETF's new syslog-protocol draftYes
support for IETF's new syslog-transport-tls draftYes
support for IPv6Yes
native ability to send SNMP traps- only in syslogng box appliance
ability to preserve the original hostname in NAT environments and relay chainsYes
Message Filtering
Filtering for syslog facility and priorityYes
Filtering for hostnameYes
Filtering for applicationYes
Filtering for message contentsYes
Filtering for sending IP addressYes
ability to filter on any other message field not mentioned above (including substrings and the like)Yes
support for complex filters, using full boolean algebra with and/or/not operators and parenthesisYes
Support for reusable filters: specify a filter once and use it in multiple selector lines noYes
support for arbritrary complex arithmetic and string expressions inside filtersYes
ability to use regular expressions in filtersYes PRCE and POSIX
support for discarding messages based on filtersYes
ability to filter out messages based on sequence of appearing
powerful BSD-style hostname and program name blocks for easy multi-host support
Supported Database Outputs
MySQLYes
PostgreSQLYes
OracleYes
SQLiteYes
Microsoft SQL (Open TDS)Yes
Sybase (Open TDS)
Firebird/Interbase
Ingres
mSQL
Enterprise Features
support for on-demand on-disk spooling of messages
ability to limit disk space used by spool files
each action can use its own, independant set of spool files
different sets of spool files can be placed on different disk
ability to process spooled messages only during a configured timeframe (e.g. only during off-peak hours, during peak hours they are enqueued only)
ability to configure backup syslog/database servers
Professional Support
Config File
config file format
ability to include config file from within other config filesYes
ability to include all config files existing in a specific directory
Extensibility
Functionality split in separately loadable modules
Support for third-party input plugins
Support for third-party output plugins
Other Features
ability to generate file names and directories (log targets) dynamicallyYes
control of log output format, including ability to present channel and priority as visible log dataYes
native ability to send mail messages
good timestamp format control; at a minimum, ISO 8601/RFC 3339 second-resolution UTC zoneYes microsecond time resolution, extended RFC3339, timezone information
ability to reformat message contents and work with substringsYes
support for log files larger than 2gbYes
support for log file size limitation and automatic rollover command executionYes
support for running multiple syslogd instances on a single machine
ability to execute shell scripts on received messages
ability to pipe messages to a continously running program
massively multi-threaded for tomorrow's multi-core machinesYes
ability to control repeated line reduction ("last message repeated n times") on a per selector-line basis
supports multiple actions per selector/filter condition
web interface
using text files as input sourceYes
rate-limiting output actionsYes
discard low-priority messages under system stress
flow control (slow down message reception when system is busy)Yes
rewriting messagesYes
output data into various formatsYes
ability to control "message repeated n times" generation
supported platforms Linux, BSD, anecdotical seen on Solaris; compilation and basic testing done on HP UXYes
DNS cacheYes
Windows Event Log containers / log files (via separate agent application)
Latest versionOpen Source Edition (OSE) 3.4 (Feb 2013)
  • 2013-03-19 19:13:35
    2013-03-20 17:56:58
  • IT development
    English
  • Public
    Public
  • Creative Commons License CC-BY-SA 3.0 / GNU FDL

Build comparison tables or lists about everything !

It's free and fast to publish data into original tables

Create a table