Syslog server on TrueNAS Scale?

Is there a reasonable way to run Syslog server on TrueNAS Scale 23.10.2 pls? I am surprised it is not available in official Apps. Trying to migrate from old Qnap, this is one of the show stoppers.

Truecharts, a third party app catalogue, has a syslog-ng app in their stable train. I’ve never used it and therefore have no idea how it should be setup…
You could also try to run it as a custom app, because you can deploy any docker image from docker hub.

I run the TrueCharts syslog-ng app on my TrueNas Scale Cobia 23.10.2 server.

I have the syslog app set-up and can provide screen shots, however IMO it isn’t much use by itself unless you can:

  • Browse and filter the syslog
  • Get alerts for specific messages received - and have a decent admin panel to manage this.

Perhaps we can explore this together…

Something like Graylog really seems like what’s called for here. I’m kind of surprised there isn’t an app for it already.

I am planning to use Kiwi Log Viewer for Windows Free Edition which would do the very basic job. I would look for something more sophisticated (New Relic?) later, once having this up and running.
Still having a trouble with persistence - app config storage redirected to the host path stays empty and I did not find the way how to redirect the path for the messages storage. Any hint pls?

Graylog Open has a Docker image and Compose downloads, so it could likely be installed on Truenas Scale.

Ok - here is how I do my storage for apps.

  1. I created an apps-pool on an SSD (performance and power usage reasons).
  2. I created an apps-config dataset in the apps pool, a syslog-ng subdirectory, and a syslog-ng.conf file in there.
  3. I created a syslog-data dataset in the apps pool
  4. I created two host data definitions in the syslog-ng kubernetes app settings to map these into the syslog-ng container:


I hope that this helps.

1 Like

My syslog-ng.conf file looks like this:

@version: 4.5
@include "scl.conf"

options {

source s_local {

source s_network {
                # NOTE: TLS support
                # the default-network-drivers() source driver opens the TLS
                # enabled ports as well, however without an actual key/cert
                # pair they will not operate and syslog-ng would display a
                # warning at startup.
                #tls(key-file("/path/to/ssl-private-key") cert-file("/path/to/ssl-cert"))

destination d_local {

destination d_network {

                template("$ISODATE $HOST $(format-welf --scope all-nv-pairs)\n") 

log {
        source(s_local); destination(d_local);

log {
        source(s_network); destination(d_network);
1 Like

Or Nagios-XI