Author: Rainer Gerhards

Posted on

CyberSicherheitsForum Baden-Württemberg 2025: Notes from an rsyslog Perspective

Yesterday I attended the CyberSicherheitsForum Baden-Württemberg in Stuttgart. Program link: https://cybersicherheitsforum-bw.de/

For non-German readers: Baden-Württemberg is one of Germany’s federal states (Bundesländer), and an important IT region in its own right. Companies like SAP SE and Schwarz Digits are based here, and the Open Source ecosystem is active as well. When the state talks about digital sovereignty or security strategies, it is usually backed by real capabilities in industry and administration.

Conference hall with many attendees seated, large screens on stage showing the opening session of the CyberSicherheitsForum Baden-Württemberg.
Photo taken during the opening session of the CyberSicherheitsForum Baden-Württemberg 2025 in Stuttgart. (Rainer Gerhards)
Continue reading “CyberSicherheitsForum Baden-Württemberg 2025: Notes from an rsyslog Perspective”
Posted on

The Real Scope Behind the rsyslog Documentation Overhaul

For a concise Computer Science summary of this effort, see the section at the end of this article.

When I began the current documentation overhaul, the objective was never limited to cleaning up a few pages. From the beginning, the plan was to prepare rsyslog for the AI era. And the truth is simple: without modern AI tooling, this work would not have been feasible at this depth or speed.

Symbolic illustration showing documentation, an AI head, and a graph structure representing RAG.
Continue reading “The Real Scope Behind the rsyslog Documentation Overhaul”
Posted on

YAML for rsyslog — a new option, not a revolution

rsyslog’s configuration language has grown into a very capable scripting environment — RainerScript — that can express almost anything a log pipeline might need. For complex systems, that won’t change.
But many modern environments — especially containerized and cloud-native ones — expect configuration in YAML. So the idea is simple: rsyslog should understand that world directly.

Symbol image for “Engineering Rational” type of postings. (Image: Rainer Gerhards via AI)
Continue reading “YAML for rsyslog — a new option, not a revolution”
Posted on

Looking for an Alternative to Kiwi Syslog? Try WinSyslog.

I’ve been getting a steady stream of questions from admins searching for a dependable Windows syslog server. Many of them mention frustration with recent Kiwi Syslog versions — unclear message parsing, configuration quirks, or just a feeling that things have become harder than they should be. There seems to be especially a lot of frustration with the “Kiwi Syslog Server NG” version, based on the emails I receive.

Since the topic keeps coming up, let me share the same recommendation I give privately. If you’re currently evaluating syslog solutions, this detailed comparison between WinSyslog and Kiwi Syslog Server covers the technical differences and can help inform your decision.

Continue reading “Looking for an Alternative to Kiwi Syslog? Try WinSyslog.”
Posted on

From Stream to Lake: Thinking About rsyslog as the River System Behind Your Data

I recently had a discussion about data lakes. It made me realize that people often picture them as the starting point of data collection — as if all information somehow appears in the lake. In reality, no lake exists without rivers. And in the world of IT systems, rsyslog is part of that river system.

rsyslog is the river system that feeds your data lake. (Image: Rainer Gerhards via AI)
Continue reading “From Stream to Lake: Thinking About rsyslog as the River System Behind Your Data”