Chat now with support
Chat with Support

syslog-ng Store Box 5.0.2 - Administration Guide

Preface Introduction The concepts of SSB The Welcome Wizard and the first login Basic settings User management and access control Managing SSB Configuring message sources Storing messages on SSB Forwarding messages from SSB Log paths: routing and processing messages Configuring syslog-ng options Searching log messages Searching the internal messages of SSB Classifying messages with pattern databases The SSB RPC API Troubleshooting SSB Security checklist for configuring SSB About us Third-party contributions


Welcome to the syslog-ng Store Box 5 LTS Administrator Guide!

This document describes how to configure and manage the syslog-ng Store Box (SSB). Background information for the technology and concepts used by the product is also discussed.

About this document

This guide is a work-in-progress document with new versions appearing periodically.

The latest version of this document can be downloaded from the Safeguard for Privileged Sessions Documentation page.

Summary of changes

Version 4 F9 - 5 LTS
Changes in product:
  • The procedures about rewriting incoming log messages have been updated. See Replace message parts or create new macros with rewrite rules and Find and replace the text of the log message.

  • Password policies set for local SSB users now apply to the admin and root users as well. For details, see Setting password policies for local users.

  • SSB now prevents brute force attacks when logging in. For more information, see Web interface and RPC API and The SSB RPC API.

  • The following default settings have changed:

    • Indexing is now enabled by default. For more information, see Creating logstores.

    • Required trusted is now the default setting for the Peer verification field.

    • Strong is now the default setting for setting the strength of the cipher suites. Also, the Default option has been renamed to Weak. For more information, see Creating syslog message sources in SSB.

    • By default, SSB uses the aes-256-cbc cipher method and the SHA-256 digest method.

    • Password strength is now required to be at least 12 characters including lower case letters, upper case letters, numbers, and special characters.

    • The SNMP source and the SNMP v2c agent are now turned off by default.

    • All of the email and SNMP alerts are now enabled by default.

    • Flow-control is now enabled by default.

    • You can now search in indexed logspaces even if log traffic is disabled.

  • The Backup and Revert configuration items have been removed from the console menu.
Changes in documentation:


Any feedback is greatly appreciated, especially on what else this document should cover. General comments, errors found in the text, and any suggestions about how to improve the documentation is welcome at

Self Service Tools
Knowledge Base
Notifications & Alerts
Product Support
Software Downloads
Technical Documentation
User Forums
Video Tutorials
RSS Feed
Contact Us
Licensing Assistance
Technical Support
View All
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating