syslog-ng Store Box
Enterprise log management appliance for collecting, indexing, and searching logs
syslog-ng Store Box
Enterprise log management appliance for collecting, indexing, and searching logs
Data verified May 2026
ADYour product here. Reach security decision-makers.Launch a campaignsyslog-ng Store Box Description
syslog-ng Store Box (SSB) is a log management appliance built on syslog-ng Premium Edition. The appliance collects and indexes log messages from multiple sources, with capacity to process up to 100,000 messages per second and over 70 GB of raw logs per hour. The product provides full-text search capabilities through a web-based interface, allowing users to search through billions of logs using wildcards and boolean operators. Log data is organized into virtual containers called logspaces that enable segmentation and access control based on user profiles. Federated search functionality allows searching across multiple logspaces on the same or different appliances. SSB stores log data in encrypted, compressed, and timestamped binary files. The largest appliance configuration can store up to 10 terabytes of uncompressed data. Automated backup capabilities archive data to remote servers via NFS or SMB/CIFS protocols while maintaining searchability. The appliance includes content-based alerting that performs continuous search on incoming log data and sends alerts when predefined events are detected. Message rate alerting monitors log infrastructure by setting minimum and maximum thresholds for specified time periods. Authentication, authorization, and accounting settings provide access control based on usergroup privileges. The system integrates with LDAP and Radius databases for user management. TLS encryption secures communication between agents and the appliance, with support for X.509 certificate-based authentication. SSB includes PatternDB for message normalization, parsing capabilities for key-value pairs and sudo logs, real-time event correlation, and REST API for data forwarding to third-party analysis tools. The appliance is available as physical hardware or virtual instances for AWS and Azure.
syslog-ng Store Box FAQ
Common questions about syslog-ng Store Box including features, pricing, alternatives, and user reviews.
syslog-ng Store Box is Enterprise log management appliance for collecting, indexing, and searching logs, developed by syslog-ng. It is a Security Operations solution designed to help security teams with Alerting, Log Management, REST API.
syslog-ng Store Box offers the following core capabilities:
1.Log collection and indexing up to 100,000 messages per second
2.Full-text search with web-based interface
3.Federated search across multiple logspaces and appliances
4.Encrypted and compressed log storage up to 10 terabytes
5.Content-based alerting with continuous search
6.Automated backup to remote servers via NFS or SMB/CIFS
7.REST API for log forwarding and data retrieval
8.Granular access control with LDAP and Radius integration
9.Real-time event correlation
10.PatternDB message normalization
syslog-ng Store Box integrates natively with LDAP, Radius, Elasticsearch, Splunk, Amazon Web Services, Microsoft Azure. Integration support lets security teams connect syslog-ng Store Box to existing SIEM, ticketing, identity, and notification systems without custom development.
syslog-ng Store Box is deployed as a hybrid solution, suited to mid-market, enterprise organizations looking to operationalize security operations. The commercial offering is positioned for production security operations with vendor support and SLAs.
syslog-ng Store Box is built for security teams handling Alerting, Log Management, REST API. It supports workflows including log collection and indexing up to 100,000 messages per second, full-text search with web-based interface, federated search across multiple logspaces and appliances. Teams typically adopt syslog-ng Store Box when they need to security operations capabilities integrated into their existing stack. Explore similar tools at https://cybersectools.com/alternatives/syslog-ng-syslog-ng-store-box
syslog-ng Store Box is a commercial Security Operations solution. For detailed pricing information, visit https://www.syslog-ng.com/products/log-management-appliance/ or contact syslog-ng directly.
Popular alternatives to syslog-ng Store Box include:
1.Graylog AI-Powered Security - AI-powered SIEM, API security, and log management platform (Commercial)
2.Graylog AI-Powered Security & IT Operations - AI-powered SIEM, API security, and log management platform (Commercial)
3.Graylog Graylog - AI-powered SIEM, API security, and log management platform (Commercial)
4.Graylog SIEM - AI-powered SIEM platform for log management, threat detection, and IT ops (Commercial)
5.Databricks Lakewatch - Open agentic SIEM on Databricks lakehouse for petabyte-scale SOC ops. (Commercial)
Compare all syslog-ng Store Box alternatives at https://cybersectools.com/alternatives/syslog-ng-syslog-ng-store-box
syslog-ng Store Box is for security teams and organizations that need Alerting, Log Management, REST API. It's particularly suitable for enterprises requiring robust, commercial-grade security capabilities. Other Security Operations tools can be found at https://cybersectools.com/categories/security-operations
Have more questions? Browse our categories or search for specific tools.
