From syslogd to syslog-ng: How Open Source Logging Became More Secure
Syslog-ng is an open-source logging system developed in the late ’90s by our CEO, Balázs Scheidler. The project started as a replacement of the original syslogd, a standard Unix component to implement centralized logging. Scheidler created a more flexible, reliable, and secure logging solution.
The first version of syslog-ng was released in 1998 and quickly gained popularity among system administrators and IT professionals. The software was designed to work on a wide range of operating systems, including Linux, Unix, and Windows, and it offered several advanced features that were not available in the original syslogd.
One of the key benefits of syslog-ng was its ability to filter and sort log messages, which allowed administrators to identify and respond to security threats and other issues easily. The software also supported encrypted log transfer and storage, which helped to ensure that sensitive data was protected from unauthorized access.
Over the years, syslog-ng has continued to evolve and improve, with new features and functionality added with each release. Today, it is still widely used in enterprise environments, and it is considered one of the most reliable and secure logging solutions available.
In addition to its open-source codebase, syslog-ng has gained a reputation for its active and supportive community of developers and users. This community has helped drive the software’s ongoing development and has played a key role in ensuring that syslog-ng remains a secure and reliable tool for logging and monitoring.
Understanding the importance of Open Source to the logging space
The Axoflow team strongly believes in the benefit of open-source technologies, particularly regarding security and interoperability in the data supply chain. On one hand, security is significantly enhanced as open-source projects allow for a thorough examination of the source code and implementation, leading to higher trust and safety. In addition, open-source tools tend to be more interoperable with others, as features are added when they make sense, without regard for lock-in goals of a specific vendor.
There are already a lot of open-source technologies that are regularly used to implement data collection, such as syslog-ng, rsyslog, journald, OpenTelemetry, Beats,… Furthermore, with a community of passionate and skilled individuals contributing to their development and maintenance, open-source technologies offer unparalleled flexibility and customization. This, coupled with the fact that they are widely adopted and tested, leads to their proven reliability and security.
These principles do not only apply to the collector tier but to the management layer as well. Cloud-native methodology has introduced new challenges to traditional log management. The always-changing nature of such environments forces administrators toward more flexible solutions. That was the driving force behind the Kubernetes Logging Operator, a management automation tool designed by Sandor Guba, our CTO. The transition from traditional operating models to Cloud-native systems like Kubernetes accelerates the need for such solutions.
Open Source at Axoflow
In the Observability Supply Chain, open-source technologies provide a way to manage and move data across systems and platforms effectively. However to combine and build an enterprise level solution from these components to provide orchestration and a single plane of control throughout the whole stack is rather cumbersome. This field is where Axoflow excels. By leveraging the collective knowledge and expertise of the open-source community, we are able to deliver innovative and impactful solutions that meet the unique needs of our clients. Open-source tools enable transparent, efficient and secure data processing, allowing for smooth communication and interoperability between systems. Axoflow rounds these up by providing an orchestration layer to provide a unified, enterprise level system.
By adopting open-source technologies, we can create solutions that integrate seamlessly into our client’s existing infrastructure, allowing for the efficient movement of data and optimized processes. Furthermore, we actively maintain many of the industry-leading open-source logging and observability projects like syslog-ng, Kubernetes Logging Operator, and several other log-related tools – for example, we are providing cloud-ready images for syslog-ng. This ultimately leads to better business outcomes and more satisfied users and clients.
Our primary objective is to tackle these current and future challenges of the Observability Supply Chain, and address them in an open-source manner, just as we have done in the past few decades.