syslog-ng

syslog-ng is an open-source implementation of the syslog protocol for Unix and Unix-like systems. It offers some key features that build upon the syslog daemon, not least of which is the ability to send log messages to other systems using encryption and authentication.

It usually consists of a configuration file (usually /etc/syslog-ng/syslog-ng.conf) and a directory (usually /etc/syslog-ng/conf.d/) to store the filters and templates for processing syslog-ng rules in a structured form and separated by files.

• Simple sending using syslog-ng
• Secure sending using syslog-ng
• Monitoring files using syslog-ng

Known issues

SELinux is enabled in enforcing mode by default

On some systems, SELinux is enabled in enforcing mode by default. If it is in enforcing mode, you will have to edit the SELinux policy to allow syslog to send events to a Devo endpoint. For instructions, see the SELinux configuration article.