Thursday, July 16, 2009

patterndb updates pushed in syslog-ng OSE 3.1

According to the plan of my recently published syslog-ng OSE roadmap, I've worked on integrating the various patterndb related fixes/enhancements in the syslog-ng OSE 3.1 tree.

This now means that OSE 3.1 is now capable of working with all the version2 style pattern databases that syslog-ng Store Box is using. Here is a link for the SSB patterns: http://www.balabit.com/downloads/files/patterndb/1.0-20081117/patterndb/

I still need to work on integrating the new tags framework and the integration between tags and patterndb. Once that is done, I only have one item left for the 3.1 feature release.

So with some luck, we can have a new shiny syslog-ng OSE release this summer.

Please note that this is not released code yet and is only available via git, however if there's demand, I'm willing to create an alpha release (with binaries) if you want to try it. Just drop me an email, or simply write a comment to this post, and I'm going to create one for you.

Stay tuned.

Wednesday, July 08, 2009

syslog-ng rewrite use case: dpkg logs

One of my collegues (Péter Höltzl, he does all our trainings) has created a nice detailed example on how to use the parser/rewrite framework to pull in yet another application into syslog: dpkg, the Debian package manager.

If you are interested in what rewrite/parser can do for you, but didn't have the time to find out, the blog post is worth a read.