Actu
Balabit announces syslog-ng Premium Edition 5F5
December 2015 by Emmanuelle Lamandé
Balabit, Inc., announces the availability of syslog-ng Premium Edition 5F5, a log management tool that provides context enriched data ingestion for Balabit’s recently announced Contextual Security IntelligenceTM (CSI) Suite, which also includes Privileged User Monitoring and User Behavior Analytics. The Contextual Security Intelligence is a user-centric approach to preventing security breaches without constraining business. This syslog-ng release includes support for Puppet, the popular, open-source configuration management tool, which allows users to manage syslog-ng Premium Edition actions on remote hosts.
Many large enterprises rely on syslog-ng Premium Edition to deliver data from a wide variety of sources to Security Information and Event Management (SIEM) systems, Databases, and Big Data stores like Hadoop, Kafka, Elasticsearch and MongoDB. In these large environments, enterprises must install and manage syslog-ng on tens of thousands of servers. Using Puppet in Version 5F5, users can easily manage the syslog-ng configuration centrally to save valuable time and prevent errors through an automated approach.
The syslog-ng Premium Edition Puppet module functionality includes:
– Installation of syslog-ng PE from a package repository to RHEL and Debian platforms.
– Upgrade syslog-ng PE to a newer version.
– Delete syslog-ng PE from a host.
– Update the syslog-ng PE configuration file of hosts from a central repository.
– Create backup of syslog-ng PE configuration files, and perform a rollback if needed.
The new release features significant improvements for sending logs to big data tools like Elasticsearch, Hadoop and Kafka. The configuration syntax of the Elasticsearch, HDFS, and Apache Kafka destination drivers has been greatly simplified and sending messages from syslog-ng to Elasticsearch is now 100 percent faster.
With the release of version 5F5, installation packages are available for two new server platforms, Debian 8 Jessie on x86 64 bit hardware and SUSE Linux Enterprise Server (SLES) 12 on x86 64 bit hardware. We have also added support for SELinux on Red Hat Enterprise Linux 5, as well as on 6.0-6.4. Vendor-tested installation packages are available for more than 50 server platforms.
