Syslog Watcher 6 Announcement

We are happy to announce the new generation of Syslog Watcher.

Thousands of customers use Syslog Watcher 5 to collect billions of syslog messages. We have used the past few years’ feedback and experience to develop an entirely new generation of our flagship product. Some new features are listed below.

Redesigned network subsystem

The redesigned network subsystem covers all protocol variations, whether it’s Syslog over TLS (RFC5425), Syslog over UDP (RFC5426), or Syslog over TCP (RFC6587). It supports syslog messages received from syslog-proxy, syslog forwarders, and dynamic originators. The network security layer adds blocklists, bandwidth throttling, and inbound filters.

All-new syslog storage structure

The all-new syslog storage structure guarantees unlimited storage and consistent performance. The adaptive storage format enables optimal files organization, efficient maintenance, and incremental backups. The backups compression eliminates disk space waste.

Next-level message parsing

A set of high-performance syslog parses will replace the single all-in-one message handler. The optimized parsers can digest standard syslog formats (RFC5424, RFC3164) and equipment manufacturers’ variations. A highly customizable universal parser is available for customer-specific syslog formats.

Complex filter rules

The next generation of syslog filtration does not limit the number of rules. It expands filters with Boolean operations and parentheses.

Revisioned external integrations

Asynchronous integration with forwarders and automatic exporters improves reliability and allows processes to resume after issues are fixed.

New internal architecture

The internal server architecture was designed from scratch to improve reliability and incorporate vital features: automatic configuration backups, error notifications, periodic status dumping, and daily status reports.