[syslog-ng-announce] syslog-ng 3.5.1 has been released

devel at balabit.hu devel at balabit.hu
Mon Nov 4 15:56:46 CET 2013

PACKAGE             : syslog-ng
VERSION             : 3.5.1
SUMMARY             : new stable release
DATE                : Nov 4, 2013


  The first stable version of syslog-ng Open Source Edition (3.5.1) has been
  released. For the latest features in syslog-ng, you are encouraged to
  upgrade to this version.


        Mon,  4 Nov 2013 14:49:00 +0100

        This is the first stable release in the 3.5 series, adding a
        number of features compared to 3.4, a result of about eight
        months of development. This release includes all the fixes of
        the recent 3.4.5 release, and a host of new features.

        Bugfixes since 3.5.0rc1

        * A race condition in log message reference counting code that
          sometimes led to crashes was fixed. [#255]

        * A use-after-free error that sometimes happened after a
          reload, and caused memory corruption was also fixed. [#253]

        * patterndb was corrected not to create a new instance on
          reload: this way, the old one is not leaked, and db-parser()
          does not forget the correlation state, nor its idea of
          current time on reload. [#257]

        * The syslog-ng.spec file does not try to install the
          long-removed ChangeLog file anymore.

        Incompatible changes

        * Template escaping was changed in an incompatible way:
          previously, both the lexer and the template compiler used
          the '\' character for escaping, which was confusing. The
          template compiler uses '$$' to escape the '$' char, and '@@'
          to escape '@'.

          If a non-numeric value follows '@', a warning will be

        * The replace() transformation function of value-pairs() was
          renamed to replace-prefix() to better reflect what it
          actually does. The old name remains as an obsolete alias,

        * The username() and password() options of the MongoDB
          destination were removed, they never did anything before,

        Major features since 3.4

        Multi-line support

        A major feature in the 3.5 release is the inclusion of support
        for multi-line messages, a feature that has been available in
        syslog-ng PE for a good while.

        With this, both indented and regexp-based multi-line support
        becomes available. For further information and examples, see
        the following blog post:

        STOMP destination

        Joining the message-queue club, this new destination makes
        syslog-ng able to send events to any STOMP-capable message
        queuing server, such as Apache ActiveMQ.

        For further information about the destination, see this commit

        Redis destination

        Developed during the Google Summer of Code 2013 program, this
        destination driver makes it possible to easily send commands
        to a Redis server.

        For further information and examples, please see the following
        blog post:

        Template type hinting

        While syslog-ng supported sending events to various datastores
        and queues for a while now (SQL first, MongoDB, JSON, and AMQP
        later), even if those supported other types of data, syslog-ng
        only ever sent strings.

        With template type hinting, it became possible to tell
        syslog-ng what type a certain template should be, so that the
        drivers can use that information in whatever way they see fit.

        This is currently implemented for the MongoDB driver and the
        $(format-json) template function only.

        For more information about type hinting and for examples, see
        the following post:

        Template options honored everywhere

        Until this release, there were situations where template
        options were ignored, such as filter expressions that use the
        comparsion operators, regexp based substitutions, incoming
        templates for parsers, the new value rewrite rules, SMTP
        values, some of the new drivers (stomp, amqp), and patterndb

        These all honor the global template options now, and
        per-driver options such as frac-digits and local-time-zone are
        available for drivers which did not have them before, like

        Support for unit suffixes in the configuration

        You no longer need to remember how many zeros to put after a
        big number in the syslog-ng configuration file, you can use
        unit suffixes, such as:


        See the following post for more details:

        The Incubator project

        Alongside the 3.5.1 release, we are pleased to announce the
        existence of the syslog-ng incubator project, which hosts
        additional modules and tools not merged into syslog-ng proper.
        These serve both as examples and as a staging area, but also
        makes it easier to try out new modules without patching or
        upgrading your syslog-ng version.

        The project's homepage is:

        Other features

        * in-list() filter: this new filter function allows one to
          easily implement file-based white- and blacklists with a
          simple syntax:

           filter f_white { in-list("/path/to/file", value("HOST")); };

        * A set of new string-related template functions are
          available: $(uppercase STRINGS...), $(lowercase STRINGS...)
          and $(replace-delimiter DELIMITERS NEW-DELIMITER TEXT).

          The first two do exactly what their names suggest, while the
          last one replaces all occurrences of any DELIMITERS within
          TEXT with the NEW-DELIMITER.

        * There is also a new $(env VARIABLE...) template function,
          which looks up the given variables in the environment. This
          is similar to using backticks in the configuration file,
          however the name of the environment variable with $(env) may
          contain macros too.

        * Support for Linux 3.5+'s /dev/kmsg was added, and the
          system() source will automatically detect whether to use it
          over /proc/kmsg.

        * For every correlated message in patterndb, the
          ${.classifier.context_id} property is automatically set to
          the context-id attribute of the matching rule.

        * The build system was completely redone, it is much faster,
          more reliable, and less verbose by default now.

        * Several systemd-related enhancements were made, including
          support for notification-based startup. This also means that
          when systemd support is compiled in, libsystemd-daemon
          becomes a new dependency.

        Known Bugs

        * The afstreams module is broken, does not compile, and does
          not work. This will be corrected in a later maintenance


        syslog-ng is developed as a community project, and as such it relies
        on volunteers to do the work necessarily to produce syslog-ng.

        Reporting bugs, testing changes, writing code or simply providing
        feedback are all important contributions, so please if you are a
        user of syslog-ng, contribute.

        These people have helped in this release:

        Alexandre Biancalana <biancalana at gmail.com>
        Andras Tim <tia at balabit.hu>
        Anton Koldaev <koldaevav at gmail.com>
        Attila M. Magyar <athos at balabit.hu>
        Attila Nagy <bra at fsn.hu>
        Attila Szalay <sasa at balabit.hu>
        Balazs Scheidler <bazsi at balabit.hu>
        Balint Kovacs <blint at balabit.hu>
        Chris Johnson <chris.johnson3 at hp.com>
        Cy Schubert <Cy.Schubert at komquats.com>
        Evan Rempel <erempel at uvic.ca>
        Fabien Wernli <cpan at faxm0dem.org>
        Gergely Nagy <algernon at balabit.hu>
        Gonzalo Paniagua <gonzalo.paniagua+slng1 at acquia.com>
        Jose Pedro Oliveira <jpo at di.uminho.pt>
        Laszlo Budai <lbudai at balabit.hu>
        Lucas McLane <lucas at clicksecurity.com>
        Marc Falzon <marc.falzon at cloudwatt.com>
        Martin <bmartin at lavabit.com>
        Michal Privoznik <miso.privoznik at gmail.com>
        Michael Sterrett <mr_bones_ at gentoo.org>
        Nicolas Szalay <nico at rottenbytes.info>
        Oscar Muñoz
        Paul Dann <pdgiddie+balabit at gmail.com>
        Peter Czanik <czanik at balabit.hu>
        Peter Gyongyosi <gyp at balabit.hu>
        Robert Fekete <frobert at balabit.hu>
        Ryan Frederick
        Sergey Shuman
        Tamas Pal <folti at balabit.hu>
        Tibor Benke <btibi at balabit.hu>
        Tihamer Petrovics <tihameri at gmail.com>
        Valentijn Sessink <valentijn at sessink.nl>
        Viktor Juhasz <jviktor at balabit.hu>
        Viktor Tusa <tusa at balabit.hu>
        Vincent Brillault <spam at lerya.net>


  You can download the source or binary packages from:


  The documentation of the syslog-ng Open Source Edition is available in
  The syslog-ng Open Source Edition Administrator's Guide at


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 199 bytes
Desc: not available
Url : http://lists.balabit.hu/pipermail/syslog-ng-announce/attachments/20131104/eb540402/attachment.pgp 

More information about the syslog-ng-announce mailing list