Dear syslog-ng users, This is the 5th issue of the syslog-ng Insider, a monthly newsletter that brings you syslog-ng related news. Your feedback and news tips about the next issue is welcome at documentation@balabit.com <mailto:documentation@balabit.com> FEATURED NEWS Please test 3.3 beta2! -------------------- Version 3.3 is a major step in syslog-ng's development, as it is now fully multi-threaded, and is also the first release with considerable amount of community developed features. A new beta was released this weekend! It received many changes and fixes since the beta1 release. According to internal testing, it works nice and stable, but we already received some external problem reports. So your feedback is very valuable, especially if you could test it in real world situations with logs and configurations we could never imagine ourselves. As threading is a major new feature, which is not enabled by default, please try it by adding “threaded(yes)” to your options in syslog-ng.conf Please download sources from http://www.balabit.com/downloads/files?path=/syslog-ng/sources/3.3.0beta2 ! For a list of changes and fixes check the announcment at http://lists.balabit.hu/pipermail/syslog-ng-announce/2011-August/000117.html If you use FreeBSD, ports is already updated to beta2: http://www.freshports.org/sysutils/syslog-ng3-devel/ Documentation is also available: http://www.balabit.com/sites/default/files/documents/syslog-ng-ose-3.3-guide... Windows in focus ---------------- The syslog-ng application is often used in a Windows environment. There is now an ongoing blog series about syslog clients for Windows. BalaBit also released some patterns for Windows. The patterns are available from http://czanik.blogs.balabit.com/2011/07/patterns-for-windows-server-2008/ Blogs about syslog clients: http://czanik.blogs.balabit.com/2011/07/eventlog-to-syslog/ http://czanik.blogs.balabit.com/2011/07/snare/ http://czanik.blogs.balabit.com/2011/07/some-more-applications-to-forward-wi... To be continued... Performance ----------- Both syslog-ng OSE and PE are now multi threaded, which brings performance to extreme. On the test machine HDD and multiple gigabit Ethernet lines were the limiting factor, not syslog-ng. The test were done using PE, but OSE performance should be similar: http://pzolee.blogs.balabit.com/2011/07/do-you-want-to-process-800-000-messa... BalaBit call the features and technologies aimed compliance at a high performance HSRL (High Spead Reliable Logging). POLL Please take a minute to answer three syslog-ng related questions at https://www.surveymonkey.com/s/6ZQDVH6 OTHER SHORT NEWS * A few more words on CVE-2011-1951: http://bazsi.blogs.balabit.com/2011/07/on-cve-2011-1951-bug-or-security-issu... * Logs as a movie: http://algernon.blogs.balabit.com/2011/06/twelve-days-of-log/ * ELSA updated: http://ossectools.blogspot.com/2011/07/elsa-vmware-appliance-available.html NEW RELEASES * syslog-ng OSE 3.3 beta2 was released: http://lists.balabit.hu/pipermail/syslog-ng-announce/2011-August/000117.html ARCHIVE http://insider.blogs.balabit.com/ -- Peter Czanik (CzP) <czanik@balabit.hu> BalaBit IT Security / syslog-ng upstream http://czanik.blogs.balabit.com/