GSoC/GCI Archive
Google Summer of Code 2014

The syslog-ng project

License: GNU Library or "Lesser" General Public License version 2.0 (LGPLv2)

Web Page: https://github.com/balabit/syslog-ng/wiki/GSoC2014-idea-&-project-list

Mailing List: https://lists.balabit.hu/mailman/listinfo/syslog-ng

syslog-ng is a popular open-source logging solution. The syslog-ng project is the umbrella over syslog-ng and related projects, like the syslog-ng incubator, the patterndb collection and libmongo-client.

Projects

  • AMQP Source Currently, syslog-ng supports the Advanced Message Queuing Protocol (hereinafter referred to as "AMQP") only as destination driver. The working group of AMQP project contains big names of the IT industry (for example: Cisco Systems, Microsoft Corporation, Red Hat) and the AMQP is used widespreadly. These factors encourage us to implement the source driver, which can receive and interpret any message which conforms to the defined data format by the AMQP standard.
  • Integration with configuration management systems Taking care of a lot of instances of the same configuration is boring and can be automated. With plugins for the best known CMS systems, syslog-ng could gain a lot of popularity in the cloud. The goal of this project to write syslog-ng plugins for Salt, Chef and Puppet applications. With these plugins system administrators wil have new tools to configure their syslog-ng instances. They can create new configurations on thousands of machines in a few seconds by typing a command in the CLI.
  • TLS support for the MongoDB destination Syslog-ng is a flexible, reliable, high speed event log management system based on a centralized, client-server approach implementing the Syslog Protocol standard. It can transmit, collect, store, search and filter log messages which may be persisted into different destinations, including a MongoDB database. The goal of this project is to secure log message transmission over the network between MongoDB peers by adding TLS support to the existing MongoDB client library used in syslog-ng.
  • ZMQ transport, source and destination 0MQ is a high-performance messaging library, which can provide an easy interface to in-process, inter-process and inter-node communication. It can transport any type of payload in a fast and reliable way, without the need of a message broker. Using 0MQ as a transport layer in syslog-ng can provide us a flexible way to use several messaging models (publish-subscribe, push-pull, and so on) for distributing logs and events.