syslog-ng 3.4.5 has been released
------------------------------------------------------------------------------ PACKAGE : syslog-ng VERSION : 3.4.5 SUMMARY : new stable release DATE : Nov 4, 2013 ------------------------------------------------------------------------------ DESCRIPTION: A new stable version of syslog-ng Open Source Edition (3.4.5) has been released. For latest fixes in the 3.4.x feature branch you are recommended to upgrade to this version. CHANGES: 3.4.5 Mon, 4 Nov 2013 08:54:50 +0100 This is the fourth bug-fix release for the 3.4.x series, with important fixes over the 3.4.4 release. Upgrading to this release is highly recommended. Bugfixes ======== * A race condition in log message reference counting code that sometimes led to crashes was fixed. [#255] * An assertion that happened in certain situations when a subst() rewrite rule was used was fixed. [#256] * A use-after-free error that sometimes happened after a reload, and caused memory corruption was also fixed. [#253] * patterndb was corrected not to create a new instance on reload: this way, the old one is not leaked, and db-parser() does not forget the correlation state, nor its idea of current time on reload. [#257] * The syslog-ng.spec file does not try to install the long-removed ChangeLog file anymore. * A few harmless, but noisy compiler warnings have been eliminated. Features ======== * The JSON parser now understands NULL-typed keys, and ignores them. Credits: ======== syslog-ng is developed as a community project, and as such it relies on volunteers to do the work necessarily to produce syslog-ng. Reporting bugs, testing changes, writing code or simply providing feedback are all important contributions, so please if you are a user of syslog-ng, contribute. These people have helped in this release: Balazs Scheidler <bazsi@balabit.hu> Evan Rempel <erempel@uvic.ca> Gergely Nagy <algernon@balabit.hu> Gonzalo Paniagua <gonzalo.paniagua+slng1@acquia.com> Jose Pedro Oliveira <jpo@di.uminho.pt> Michal Privoznik <miso.privoznik@gmail.com> Nicolas Szalay <nico@rottenbytes.info> DOWNLOAD: You can download the source or binary packages from: http://www.balabit.com/network-security/syslog-ng/opensource-logging-system/... The documentation of the syslog-ng Open Source Edition is available in The syslog-ng Open Source Edition Administrator's Guide at http://www.balabit.com/support/documentation/
I am having an issue with tailing log files in Ms Windows. I have configured the Syslog-ng Agent for windows to tail the latest file in a folder. This works very well. At some point the application decides it is going to "foll over" its log files so it start a new log file. At the point the new log file is created, the modified time of the new file is set, and it does NOT change until the file is closed (that alone seems odd, but I have watched this happen). Since the old/previous log file had some data in flight, by the time it flushes to disk and the file is closed it is after the new file has been created. The old/previous file gets its modified time updated, and now it appears to be the most recent. The result is that the "current" file does not appear as the most recent until such time as it is closed. syslog-ng then dumps the entire file to the central syslog server and then waits until the new file gets closed. This means that the central syslog server receives the log messages in batches every 10-15 minutes, or however long it takes for the next file to reach its maximum size and get rolled over. Has anyone experienced this? More to the point, can anyone offer a solution? Evan.
participants (2)
-
devel@balabit.hu
-
Evan Rempel