Bazsi's blog

Guarding Your Business

ABOUT



Name:
Balázs Scheidler

Login

Archive for December, 2012

syslog-ng 3.4beta1 released

Friday, December 28, 2012 @ 04:12 PM Author: Balázs Scheidler

Just before christmas I’ve released syslog-ng 3.4.0beta1, hopefully the last before the final release of syslog-ng 3.4. You can find the list of changes since 3.4.0alpha3 here.

Here’s the teaser for those wondering what 3.4 can do for them in addition to 3.3:

  • Junctions, channels and the improved configuration format allows specifying log processing rules at even more flexibility.
  • Full json support by the introduction of json-parser() and enhancements to $(format-json) template function.
  • Support for the amqp() destination that implements support for the AMQP queueing protocol was added.
  • MongoDB improvements to support replicasets, UNIX domain sockets. The performance was also improved by using insert operations instead of upserts.
  • Added support for sending emails via the smtp() destination.
  • Allow huge messages, instead of the old limits of 256k per message and 64k per value limits, the limits are 4GB for both.
  • Added support for parsing the syslog message format after the initial reception. This can be used to “fix” messages before it actually reaches the syslog parser stuff.
  • Native support for systemd.
  • Demand loadable plugins to avoid having to explicitly write “@module” statements. This makes writing syslog-ng.conf files easier.
  • A number of new template functions, like $(uuid), $(hash) and so on.
  • A number of new macros $LOGHOST, $C_DATE and friends.
  • A number of new parsers in db-parser, @PCRE@, @EMAIL@, @SET@, …
  • Added rewrite operations to change message tags.
  • Improved value-pairs expression support that allows specifying

More details can be found in the individual release announcements:

  • 3.4.0alpha1: http://bazsi.blogs.balabit.com/2012/03/first-alpha-release-of-syslog-ng-3-4-published/
  • 3.4.0alpha2: http://lists.balabit.hu/pipermail/syslog-ng/2012-May/018746.html
  • 3.4.0alpha3: http://lists.balabit.hu/pipermail/syslog-ng-announce/2012-June/000144.html

As with all versions of syslog-ng, this wouldn’t have been possible without the help of the syslog-ng community. The role of the community is increasing with release-to-release, larger and larger features are contributed outside BalaBit and the number of contributors is increasing steadily too. I’d like to grab this opportunity to say thanks for everyone involved. Help is welcome and appreciated, be that code, documentation, a description of a use-case or simply just feedback. Thank you.

Stay tuned for the final version!

 

Tags: , , , ,
2 Comments
Bazsi's blog
Posts (RSS) and comments (RSS)