------------------------------------------------------------------------------ PACKAGE : syslog-ng VERSION : 3.5.0beta1 SUMMARY : new beta release DATE : Sep 19, 2013 ------------------------------------------------------------------------------ DESCRIPTION: A new beta version of syslog-ng Open Source Edition (3.5.0beta1) has been released. Being a beta release, testing is most appreciated, but running it in production is not advised. CHANGES: 3.5.0beta1 Thu, 19 Sep 2013 11:03:15 +0200 This is a BETA release of the syslog-ng 3.5 development branch, with a lot of internal rework and even more new features included. Being a beta release, testing is most appreciated, but running it in production is not advised. The release contains all the fixes from the 3.4 branch, the changes below are relative to the 3.4.3 release. Major Features ============== Multi-line support ------------------ A major feature in the 3.5 release is the inclusion of support for multi-line messages, a feature that has been available in syslog-ng PE for a good while. With this, both indented and regexp-based multi-line support becomes available. For further information and examples, see the following blog post: http://asylum.madhouse-project.org/blog/2013/09/05/what-is-cooking-in-syslog... STOMP destination ----------------- Joining the message-queue club, this new destination makes syslog-ng able to send events to any STOMP-capable message queuing server, such as Apache ActiveMQ. For further information about the destination, see this commit message: https://github.com/balabit/syslog-ng-3.5/commit/82d19a4d4ad3f91e8214006f6ea7... Template type hinting --------------------- While syslog-ng supported sending events to various datastores and queues for a while now (SQL first, MongoDB, JSON, and AMQP later), even if those supported other types of data, syslog-ng only ever sent strings. With template type hinting, it became possible to tell syslog-ng what type a certain template should be, so that the drivers can use that information in whatever way they see fit. This is currently implemented for the MongoDB driver only. For more information about type hinting and for examples, see the following post: http://asylum.madhouse-project.org/blog/2013/09/05/what-is-cooking-in-syslog... Other features ============== * in-list() filter: this new filter function allows one to easily implement file-based white- and blacklists with a simple syntax: filter f_white { in-list("/path/to/file", value("HOST")); }; * You no longer need to remember how many zeros to put after a big number in the syslog-ng configuration file, you can use unit suffixes, such as: log-fifo-size(2GiB) See the following post for more details: http://asylum.madhouse-project.org/blog/2013/09/05/what-is-cooking-in-syslog... * A set of new string-related template functions are available: $(uppercase STRINGS...), $(lowercase STRINGS...) and $(replace-delimiter DELIMITERS NEW-DELIMITER TEXT). The first two do exactly what their names suggest, while the last one replaces all occurrences of any DELIMITERS within TEXT with the NEW-DELIMITER. * There is also a new $(env VARIABLE...) template function, which looks up the given variables in the environment. This is similar to using backticks in the configuration file, however the name of the environment variable with $(env) may contain macros too. * Support for Linux 3.5+'s /dev/kmsg was added, and the system() source will automatically detect whether to use it over /proc/kmsg. * For every correlated message in patterndb, the ${.classifier.context_id} property is automatically set to the context-id attribute of the matching rule. Incompatible changes ==================== * The replace() transformation function of value-pairs() was renamed to replace-prefix() to better reflect what it actually does. The old name remains as an obsolete alias, however. * The username() and password() options of the MongoDB destination were removed, they never did anything before, either. Miscellaneous changes ===================== * The build system was completely redone, it is much faster, more reliable, and less verbose by default now. * Several systemd-related enhancements were made, including support for notification-based startup. This also means that when systemd support is compiled in, libsystemd-daemon becomes a new dependency. Credits: ======== syslog-ng is developed as a community project, and as such it relies on volunteers to do the work necessarily to produce syslog-ng. Reporting bugs, testing changes, writing code or simply providing feedback are all important contributions, so please if you are a user of syslog-ng, contribute. These people have helped in this release: Andras Tim <tia@balabit.hu> Anton Koldaev <koldaevav@gmail.com> Attila M. Magyar <athos@balabit.hu> Attila Nagy <bra@fsn.hu> Attila Szalay <sasa@balabit.hu> Balazs Scheidler <bazsi@balabit.hu> Balint Kovacs <blint@balabit.hu> Chris Johnson <chris.johnson3@hp.com> Evan Rempel <erempel@uvic.ca> Fabien Wernli <cpan@faxm0dem.org> Gergely Nagy <algernon@balabit.hu> Juhasz Viktor <jviktor@balabit.hu> Laszlo Budai <lbudai@balabit.hu> Martin <bmartin@lavabit.com> Michael Sterrett <mr_bones_@gentoo.org> Michal Privoznik <miso.privoznik@gmail.com> Paul Dann <pdgiddie+balabit@gmail.com> Peter Czanik <czanik@balabit.hu> Peter Gyongyosi <gyp@balabit.hu> Robert Fekete <frobert@balabit.hu> Tamas Pal <folti@balabit.hu> Tibor Benke <btibi@balabit.hu> Valentijn Sessink <valentijn@sessink.nl> Viktor Tusa <tusa@balabit.hu> Vincent Brillault <spam@lerya.net> DOWNLOAD: You can download the source or binary packages from: http://www.balabit.com/network-security/syslog-ng/opensource-logging-system/... The documentation of the syslog-ng Open Source Edition is available in The syslog-ng Open Source Edition Administrator's Guide at http://www.balabit.com/support/documentation/