Linux

48664 readers

554 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago

MODERATORS

[email protected]

What is syslog-ng and how do I get experience with it? (lemmy.world)

submitted 2 weeks ago by [email protected] to c/[email protected]

11 comments fedilink hide all child comments

I'm trying to find a higher paying job and I came across one for a "Syslog-ng Admin/Engineer." The pay seems promising and the requirements aren't that long but does ask for experience in syslog-ng. I've never heard of this before today. What is syslog-ng and what can I do to get experience with it?

top 11 comments

sorted by: hot top controversial new old

[–] [email protected] 6 points 2 weeks ago

other people have answered your question about syslog-ng and i thought i should share something that i wish someone had shared with me when i was studying up to on a job as an ELK administrator about a decade+ or so ago.

if you have familiarity with any of the non-journald based logging (eg rsyslog, syslog, etc.) and basic networking (eg tcpdump, traceroute, etc.) your experience will translate into syslog-ng well and there's significant syntactical differences between the versions since it's been around for decades now.

[–] Fred 6 points 2 weeks ago

By "Syslog-ng Engineer" do they mean a C systems programmer who can fix bugs and add features to syslog? that's a rather different role from being an admin; even if, depending on the size of the operation, it make sense to give both roles to the same person

[–] [email protected] 5 points 2 weeks ago (3 children)

It's an old school log aggragating service that used to be how most *nix distros collected logs in years past. As I understand it was generally replaced by systemd's journald service. The only times I encounter it in the wild is on legacy systems that couldn't or refused to adapt and chances are they're paying a lot cuz it'll be a painful support experience. Oh and for some it can be a useful way to sync logs up to monitoring services like Splunk but it's effectiveness is debatable.

[–] Fred 5 points 2 weeks ago

Besides Journal not being available on non-Linux, there are a could of reasons for using syslog: it can log to a remote server for instance. Journal does have a remote logging capability, but at best you have to run two log sinks in parallel, at worse it's a non starter because everything that's not a Linux box (network routers, VMware hosts, IDS appliances) can't speak to it

Another is fine filing and retention. With syslog you can say things like "log NOTICE and above from daemon XYZ to XYZ.log and keep 30 days worth; log everything including DEBUG to XYZ-debug.log, keep no more than 10MB". With Journal you rotate the entire log or nothing, at least last I looked I couldnt find anything finer. There are namespaces, but that doesn't compowe, the application needs to know which log goes into which namespace

[–] [email protected] 4 points 2 weeks ago

If ever getting to administrate non systemd boxes, and in need to deal with the system logging mechanism, then syslog-ng comes close to the most probable mechanism use. And no, non systemd gnu+linux distributions are not legacy, there are quite a few out there, just not the major or mainstream ones, like Artix, Void, Guix, and several others, not to count non gnu+linux OSs like BSDs...

[–] [email protected] 4 points 2 weeks ago (2 children)

generally replaced by systemd’s journald service

Basically this, and quite a long time ago. Anything even remotely modern (and by that I mean like, the last decade or so) is either using systemd, or in the case of debuntu, rsyslog.

Wonder what kind of funky environment is using syslog-ng, and to what scale so that there's literally a 'syslog-ng engineer' job posting.

[–] [email protected] 4 points 2 weeks ago (1 children)

It'll either be military or industrial... neither want to replace “perfectly operational“ tech for ~10 years.

[–] [email protected] 3 points 2 weeks ago

If it's "perfectly operational", they wouldn't need someone to maintain it 🫠

[–] 0x0 1 points 2 weeks ago

and to what scale so that there’s literally a ‘syslog-ng engineer’ job posting

Asking the real questions.

[–] [email protected] 4 points 2 weeks ago

man 8 syslog-ng and man 5 syslog-ng.conf

[–] [email protected] 4 points 2 weeks ago

https://lmddgtfy.net/?q=syslog-ng