Try our new research platform with insights from 80,000+ expert users
syslog-ng Logo

syslog-ng Reviews

Vendor: One Identity
4.4 out of 5
Leave a review

What is syslog-ng?

Optimizing SIEM
syslog-ng is the log management solution that improves the performance of your SIEM solution by reducing the amount and improving the quality of data feeding your SIEM.

Get the Log Management Buyer's Guide and find out what your peers are saying about syslog-ng, Wazuh, Datadog and more!
syslog-ng is the #17 ranked solution in Log Management Software. PeerSpot users give syslog-ng an average rating of 8.8 out of 10. syslog-ng is most commonly compared to Wazuh: syslog-ng vs Wazuh. syslog-ng is popular among the large enterprise segment, accounting for 59% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a government, accounting for 13% of all views.
Buyer's Guide
Log Management
July 2025
Get the category report
Helped 866,218 peers since 2012

Featured syslog-ng reviews

Read more reviews

syslog-ng mindshare

As of August 2025, the mindshare of syslog-ng in the Log Management category stands at 2.5%, down from 2.8% compared to the previous year, according to calculations based on PeerSpot user engagement data.
Log Management Market Share Distribution
ProductMarket Share (%)
syslog-ng2.5%
Wazuh13.2%
Grafana Loki8.4%
Other75.9%
Log Management
 
 
Key learnings from peers

Valuable Features

Syslog-ng offers efficient log extraction and storage, easy log access, and real-time monitoring integration with various systems. Its C-style configuration is user-friendly, aiding in reading and writing. Users highlight its high performance and ease of use for large data volumes. The system's compound search feature aids in specific log searches, and its clear documentation supports feature expansion. Syslog-ng's straightforward architecture includes sources, destinations, and filters, enhancing understanding and utility.
  • "For us, the most valuable feature is the use of compound search for searching logs at a specific time, by a specific user, or specific behavior."
  • "The ability to extract and store the logs is the most valuable feature of syslog-ng."
  • "Syslog-ng provides easy access to all my logs. It helps me show managers and other clients precisely where an incident occurred. I also like it because you can integrate syslog-ng with multiple solutions to allow real-time monitoring."

Room for Improvement

Syslog-ng does not serve as a true SIEM and requires expertise for such uses. Filtering options are limited and need enhancements. There's a need for better integration possibilities, including Kafka, and more knowledgeable professionals. Users encounter configuration issues like misplaced decimals and improperly named agents. Observability can be improved, and while earlier versions lacked features, later implementations met expectations without needing patches.
  • "There is room for improvement in terms of observability."
  • "There is always the potential for additional integration and protocol extensions."
  • "It's hard to find people who know how to use syslog-ng. I often find problems with configurations, and solutions aren't integrated correctly with syslog-ng. For example, there might be data with extra decimals, or the collector agents are incorrectly named. It isn't a problem with the solution; it's a lack of professionals."

Pricing

syslog-ng is open-source and free.

  • "Syslog-ng is open-source."
  • "Syslog-ng is a free open-source solution."

Popular Use Cases

Syslog-ng is primarily used to aggregate and filter logs, automate tasks via batches and scripts, and perform enterprise security audits for compliance with regulations like GDPR in Brazil. Organizations utilize it as a temporary SIEM replacement and for compliance with law enforcement requirements. It enables efficient log processing and helps ensure adherence to data regulations, serving a critical role in security and compliance initiatives.

Service and Support

Syslog-ng is praised for ease of use, eliminating the need for support for many users. Installation is straightforward, and in-house staff can manage it without external help. For those who contacted the support team, feedback is positive, highlighting quick responses, though some desire immediate troubleshooting access. Users rate their experience highly, with one user giving it an eight out of 10 and another a nine and a half. Overall, support is considered responsive and competent.

Deployment

Users found syslog-ng's initial setup easy, giving it a nine out of 10 for its simplicity. Installation is straightforward, resembling syslog installations, but there's a desire for bundled packages with dependencies for easier deployment. Documentation is praised, and familiarity varies among users. On Linux, installation from the repository completes the process, and the default configuration effectively handles local logging. Multiple people are typically involved in management and maintenance.

Stability

Respondents indicate syslog-ng is highly stable without outages or crashes. They report no significant issues related to memory or processing, even when handling large data volumes. Users mention that any concerns, like buffer workflow interruptions, are usually tied to external storage, not syslog-ng itself. Stability is often rated nine out of ten, reflecting strong reliability and consistent performance across various implementations, ensuring users have confidence in its ongoing operation.
These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.
Download our Log Management Buyer's Guide for additional reliable information.

Top industries

By visitors reading reviews
Government
13%
Computer Software Company
12%
Manufacturing Company
8%
Financial Services Firm
7%
Educational Organization
6%
University
6%
Energy/Utilities Company
6%
Comms Service Provider
6%
Healthcare Company
4%
Media Company
3%
Insurance Company
3%
Retailer
3%
Transportation Company
2%
Hospitality Company
2%
Construction Company
2%
Non Profit
2%
Outsourcing Company
2%
Wholesaler/Distributor
1%
Performing Arts
1%
Marketing Services Firm
1%
Real Estate/Law Firm
1%
Recreational Facilities/Services Company
1%
Aerospace/Defense Firm
1%
Pharma/Biotech Company
1%
Consumer Goods Company
1%
Logistics Company
1%
Legal Firm
1%

Compare syslog-ng with alternative products

Go!

Learn more about syslog-ng

Rapid search and troubleshooting
With syslog-ng Store Box, you can find the answer. Search billions of logs in seconds using full text queries with Boolean operators to pinpoint critical logs.

Meeting compliance requirements
syslog-ng Store Box provides secure, tamper-proof storage and custom reporting to demonstrate compliance.

Big data ingestion
syslog-ng can deliver data from a wide variety of sources to Hadoop, Elasticsearch, MongoDB, and Kafka as well as many others.

Universal log collection and routing
syslog-ng flexibly routes log data from X sources to Y destinations. Instead of deploying multiple agents on hosts, organizations can unify their log data collection and management.

Secure data archive
syslog-ng Store Box provides automated archiving, tamper-proof encrypted storage, granular access controls to protect log data. The largest appliance can store up to 10TB of raw logs.

syslog-ng customers

Tecnocom, University of Victoria, University of Exeter, Datapath

Related questions

  • 27
When evaluating Log Management tools and software, what aspect do you think is the most important to look for?
  • 1,436
Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
  • 40
Which Windows event log monitoring tool do you recommend?
  • 55
What is the difference between log management and SIEM?
  • 43
Splunk vs. Elastic Stack
  • 12
How can Cloudtrail logs be used effectively to improve log monitoring?
  • 201
Why hot data and cold data differences in SIEM solutions are not discussed sufficiently?
  • 128
When evaluating Log Management solutions, what aspect do you think is the most important to look for?
  • 16
When evaluating Log Management solutions, what aspects do you think are the most important to look for?
  • 16
Why are Log Management tools important for companies?

Product Categories

Product Categories
Log Management

Popular Comparisons

Popular Comparisons
Wazuh vs syslog-ng Logo
Wazuh vs syslog-ng
Datadog vs syslog-ng Logo
Datadog vs syslog-ng
Splunk Enterprise Security vs syslog-ng Logo
Splunk Enterprise Security vs syslog-ng
IBM Security QRadar vs syslog-ng Logo
IBM Security QRadar vs syslog-ng
Elastic Security vs syslog-ng Logo
Elastic Security vs syslog-ng
Grafana Loki vs syslog-ng Logo
Grafana Loki vs syslog-ng
Graylog vs syslog-ng Logo
Graylog vs syslog-ng
LogRhythm SIEM vs syslog-ng Logo
LogRhythm SIEM vs syslog-ng
Elastic Stack vs syslog-ng Logo
Elastic Stack vs syslog-ng
Cribl vs syslog-ng Logo
Cribl vs syslog-ng
Amazon CloudWatch vs syslog-ng Logo
Amazon CloudWatch vs syslog-ng
Fortinet FortiAnalyzer vs syslog-ng Logo
Fortinet FortiAnalyzer vs syslog-ng
SolarWinds Kiwi Syslog Server vs syslog-ng Logo
SolarWinds Kiwi Syslog Server vs syslog-ng
ManageEngine Log360 vs syslog-ng Logo
ManageEngine Log360 vs syslog-ng
VMware Aria Operations for Logs vs syslog-ng Logo
VMware Aria Operations for Logs vs syslog-ng
See all alternatives
 
syslog-ng Reviews Summary
Author infoRatingReview Summary
Senior Software Engineer at Five95.0I've used syslog-ng for over 10 years due to its clear C-style configuration, excellent performance, and stability. It's easy to set up and highly effective for complex log processing without needing support. I highly recommend it.
Solution Architect(Splunk- Log Management) at Tata Consultancy4.0The primary purpose of syslog-ng is to aggregate and filter logs for ingestion into Splunk. I value its separate configuration file feature, though I feel the filtering options could be improved to better fit varied logging needs.
Senior Director and Senior Systems Engineer (Dual Role), IT Infrastructure and Security at a financial services firm with 51-200 employees3.5I use syslog-ng to aggregate logs as a temporary replacement for a SIEM solution. It has useful built-in features for creating alerts, although it's not a true SIEM solution and requires expertise for effective use in SIEM scenarios.
Data center analyst at Atvos5.0We use syslog-ng primarily for compliance with Brazilian law enforcement, valuing its compound search capability for examining logs by time, user, or behavior. However, we see opportunities for improvement in observability and potential Kafka integration.
Consultant at CITS - Centro Internacional de Tecnologia de Software4.0I use syslog-ng to automate task batches and scripts without a user interface. Its most valuable feature is log extraction and storage. However, there’s room for improvement, particularly in enhancing integration and protocol extensions.
CISO at LGPDNOW5.0I use syslog-ng for enterprise security audits to comply with data regulations like GDPR in Brazil. It simplifies log access and integrates for real-time monitoring, though finding knowledgeable users can be challenging due to configuration issues.