IT Infrastructure & Cloud Security Manager at Thux
Real User
Top 20
2025-09-10T08:00:35Z
Sep 10, 2025
We currently do not use that feature. We currently have just an open-source release, not a premium release. My boss has indicated that he wants to buy a premium syslog-ng version next month. I think we can use other features of this tool in the future. In syslog-ng, I think a GUI would be beneficial. I am unsure if the premium module has a GUI to administer it.
Something could potentially be improved, though it works effectively for me. In the early stages, over 10 years ago, syslog-ng was lacking some features, so I created a patch for it. I used a patched version rather than the vanilla version. I attempted to submit a patch to the mainstream, but syslog-ng had a different implementation approach, so it wasn't accepted. A few years later, they implemented what I needed in a slightly different way, but now it satisfies my needs, and I no longer require a patched version.
It's hard to find people who know how to use syslog-ng. I often find problems with configurations, and solutions aren't integrated correctly with syslog-ng. For example, there might be data with extra decimals, or the collector agents are incorrectly named. It isn't a problem with the solution; it's a lack of professionals.
Optimizing SIEM
syslog-ng is the log management solution that improves the performance of your SIEM solution by reducing the amount and improving the quality of data feeding your SIEM.
Rapid search and troubleshooting
With syslog-ng Store Box, you can find the answer. Search billions of logs in seconds using full text queries with Boolean operators to pinpoint critical logs.
Meeting compliance requirements
syslog-ng Store Box provides secure, tamper-proof storage and custom reporting to...
We currently do not use that feature. We currently have just an open-source release, not a premium release. My boss has indicated that he wants to buy a premium syslog-ng version next month. I think we can use other features of this tool in the future. In syslog-ng, I think a GUI would be beneficial. I am unsure if the premium module has a GUI to administer it.
Something could potentially be improved, though it works effectively for me. In the early stages, over 10 years ago, syslog-ng was lacking some features, so I created a patch for it. I used a patched version rather than the vanilla version. I attempted to submit a patch to the mainstream, but syslog-ng had a different implementation approach, so it wasn't accepted. A few years later, they implemented what I needed in a slightly different way, but now it satisfies my needs, and I no longer require a patched version.
There is room for improvement in terms of observability. Additionally, a possible new feature could be Kafka integration.
It's hard to find people who know how to use syslog-ng. I often find problems with configurations, and solutions aren't integrated correctly with syslog-ng. For example, there might be data with extra decimals, or the collector agents are incorrectly named. It isn't a problem with the solution; it's a lack of professionals.
Syslog-ng isn't a true SIEM solution, and you need some expertise to get it to work in a SIEM use case.