Peter is a system engineer working as evangelist at One Identity, the company behind the syslog-ng logging daemon. He helps distributions to maintain the syslog-ng package, follows bug trackers, helps syslog-ng users, and talks regularly about sudo and syslog-ng at conferences (SCALE, FOSDEM, Libre Software Meeting, LOADays, etc.). In his limited free time he is interested in non-x86 architectures, and works on one of his PPC or ARM machines.

Presentations

18x

What's new in Sudo 1.9

Sudo is used by millions of Linux/Unix users to run commands as root or another privileged user, but most people are not familiar with all Sudo can do. Come listen to Sudo Project Maintainer Todd Miller and Open Source Evangelist Peter Czanick talk about changes in the next major release of Sudo, version 1.9. We will highlight changes to the Sudo Plugin interface, showcase the new centralized session recording functionality, and provide a short tutorial on writing Sudo plugins in Python. Finally, we will discuss some of the lesser-known features of Sudo.

See Presentation
16x

Logging Docker using syslog-ng

Event logging is a central source of information for IT operations and security. Logs are even more important in a Docker environment where you start and stop containers around the clock and the container might not even exist any more by the time you investigate an event. The syslog-ng application collects logs from the host and other containers, and can act as a central logging server, or can relay logs from the host to a central server. This session focuses on the benefits of using syslog-ng in a Docker environment and how to configure it for different use cases.

See Presentation
15x

Get the most out of your security logs using syslog-ng

Event logging is a central source of information for IT security. The syslog-ng application collects logs from many different sources, performs real-time log analysis by processing and filtering them, and finally it stores the logs or routes them for further analysis. This session focuses on how syslog-ng parses important information from incoming log messages, enriches them with additional contextual information, and concludes with demonstrating how all of this can be used for alerting or for dashboards.

See Presentation
14x

syslog-ng: From Raw Data to Big Data

 

syslog-ng is an enhanced logging daemon, with a focus on central log collection. It collects logs from many different sources, processes and filters them and forwards them to a destination. This session focuses on how syslog-ng parses important information from incoming messages and how to send this information to “big data” destinations, like HDFS, Kafka, ElasticSearch or MongoDB.

 

See Presentation
13x

syslog-ng: from log collecting to log processing and information extraction

  • Introduction to logging
  • Free text logs vs. structured name value pairs
  • Message parsing: creating value pairs from log messages
  • Editing a pattern database by hand and by GUI
  • Extending syslog-ng: writing plugins in Lua, Python, and Java
  • Practical examples
See Presentation