[syslog-ng-announce] syslog-ng 3.5.1 has been released
devel at balabit.hu
devel at balabit.hu
Mon Nov 4 15:56:46 CET 2013
------------------------------------------------------------------------------
PACKAGE : syslog-ng
VERSION : 3.5.1
SUMMARY : new stable release
DATE : Nov 4, 2013
------------------------------------------------------------------------------
DESCRIPTION:
The first stable version of syslog-ng Open Source Edition (3.5.1) has been
released. For the latest features in syslog-ng, you are encouraged to
upgrade to this version.
CHANGES:
3.5.1
Mon, 4 Nov 2013 14:49:00 +0100
This is the first stable release in the 3.5 series, adding a
number of features compared to 3.4, a result of about eight
months of development. This release includes all the fixes of
the recent 3.4.5 release, and a host of new features.
Bugfixes since 3.5.0rc1
=======================
* A race condition in log message reference counting code that
sometimes led to crashes was fixed. [#255]
* A use-after-free error that sometimes happened after a
reload, and caused memory corruption was also fixed. [#253]
* patterndb was corrected not to create a new instance on
reload: this way, the old one is not leaked, and db-parser()
does not forget the correlation state, nor its idea of
current time on reload. [#257]
* The syslog-ng.spec file does not try to install the
long-removed ChangeLog file anymore.
Incompatible changes
====================
* Template escaping was changed in an incompatible way:
previously, both the lexer and the template compiler used
the '\' character for escaping, which was confusing. The
template compiler uses '$$' to escape the '$' char, and '@@'
to escape '@'.
If a non-numeric value follows '@', a warning will be
printed.
* The replace() transformation function of value-pairs() was
renamed to replace-prefix() to better reflect what it
actually does. The old name remains as an obsolete alias,
however.
* The username() and password() options of the MongoDB
destination were removed, they never did anything before,
either.
Major features since 3.4
========================
Multi-line support
------------------
A major feature in the 3.5 release is the inclusion of support
for multi-line messages, a feature that has been available in
syslog-ng PE for a good while.
With this, both indented and regexp-based multi-line support
becomes available. For further information and examples, see
the following blog post:
http://asylum.madhouse-project.org/blog/2013/09/05/what-is-cooking-in-syslog-ng-3.5/#f:multiline
STOMP destination
-----------------
Joining the message-queue club, this new destination makes
syslog-ng able to send events to any STOMP-capable message
queuing server, such as Apache ActiveMQ.
For further information about the destination, see this commit
message:
https://github.com/balabit/syslog-ng-3.5/commit/82d19a4d4ad3f91e8214006f6ea7a47baabf48ef
Redis destination
-----------------
Developed during the Google Summer of Code 2013 program, this
destination driver makes it possible to easily send commands
to a Redis server.
For further information and examples, please see the following
blog post:
http://tichygsoc.blogspot.hu/2013/09/the-road-so-far.html
Template type hinting
---------------------
While syslog-ng supported sending events to various datastores
and queues for a while now (SQL first, MongoDB, JSON, and AMQP
later), even if those supported other types of data, syslog-ng
only ever sent strings.
With template type hinting, it became possible to tell
syslog-ng what type a certain template should be, so that the
drivers can use that information in whatever way they see fit.
This is currently implemented for the MongoDB driver and the
$(format-json) template function only.
For more information about type hinting and for examples, see
the following post:
http://asylum.madhouse-project.org/blog/2013/09/05/what-is-cooking-in-syslog-ng-3.5/#f:type-hinting
Template options honored everywhere
-----------------------------------
Until this release, there were situations where template
options were ignored, such as filter expressions that use the
comparsion operators, regexp based substitutions, incoming
templates for parsers, the new value rewrite rules, SMTP
values, some of the new drivers (stomp, amqp), and patterndb
context-id.
These all honor the global template options now, and
per-driver options such as frac-digits and local-time-zone are
available for drivers which did not have them before, like
MongoDB.
Support for unit suffixes in the configuration
----------------------------------------------
You no longer need to remember how many zeros to put after a
big number in the syslog-ng configuration file, you can use
unit suffixes, such as:
log-fifo-size(2GiB)
See the following post for more details:
http://asylum.madhouse-project.org/blog/2013/09/05/what-is-cooking-in-syslog-ng-3.5/#f:unit-suffix
The Incubator project
---------------------
Alongside the 3.5.1 release, we are pleased to announce the
existence of the syslog-ng incubator project, which hosts
additional modules and tools not merged into syslog-ng proper.
These serve both as examples and as a staging area, but also
makes it easier to try out new modules without patching or
upgrading your syslog-ng version.
The project's homepage is:
https://github.com/balabit/syslog-ng-incubator
Other features
==============
* in-list() filter: this new filter function allows one to
easily implement file-based white- and blacklists with a
simple syntax:
filter f_white { in-list("/path/to/file", value("HOST")); };
* A set of new string-related template functions are
available: $(uppercase STRINGS...), $(lowercase STRINGS...)
and $(replace-delimiter DELIMITERS NEW-DELIMITER TEXT).
The first two do exactly what their names suggest, while the
last one replaces all occurrences of any DELIMITERS within
TEXT with the NEW-DELIMITER.
* There is also a new $(env VARIABLE...) template function,
which looks up the given variables in the environment. This
is similar to using backticks in the configuration file,
however the name of the environment variable with $(env) may
contain macros too.
* Support for Linux 3.5+'s /dev/kmsg was added, and the
system() source will automatically detect whether to use it
over /proc/kmsg.
* For every correlated message in patterndb, the
${.classifier.context_id} property is automatically set to
the context-id attribute of the matching rule.
* The build system was completely redone, it is much faster,
more reliable, and less verbose by default now.
* Several systemd-related enhancements were made, including
support for notification-based startup. This also means that
when systemd support is compiled in, libsystemd-daemon
becomes a new dependency.
Known Bugs
==========
* The afstreams module is broken, does not compile, and does
not work. This will be corrected in a later maintenance
release.
Credits:
========
syslog-ng is developed as a community project, and as such it relies
on volunteers to do the work necessarily to produce syslog-ng.
Reporting bugs, testing changes, writing code or simply providing
feedback are all important contributions, so please if you are a
user of syslog-ng, contribute.
These people have helped in this release:
Alexandre Biancalana <biancalana at gmail.com>
Andras Tim <tia at balabit.hu>
Anton Koldaev <koldaevav at gmail.com>
Attila M. Magyar <athos at balabit.hu>
Attila Nagy <bra at fsn.hu>
Attila Szalay <sasa at balabit.hu>
Balazs Scheidler <bazsi at balabit.hu>
Balint Kovacs <blint at balabit.hu>
Chris Johnson <chris.johnson3 at hp.com>
Cy Schubert <Cy.Schubert at komquats.com>
Evan Rempel <erempel at uvic.ca>
Fabien Wernli <cpan at faxm0dem.org>
Gergely Nagy <algernon at balabit.hu>
Gonzalo Paniagua <gonzalo.paniagua+slng1 at acquia.com>
Jose Pedro Oliveira <jpo at di.uminho.pt>
Laszlo Budai <lbudai at balabit.hu>
Lucas McLane <lucas at clicksecurity.com>
Marc Falzon <marc.falzon at cloudwatt.com>
Martin <bmartin at lavabit.com>
Michal Privoznik <miso.privoznik at gmail.com>
Michael Sterrett <mr_bones_ at gentoo.org>
Nicolas Szalay <nico at rottenbytes.info>
Oscar Muñoz
Paul Dann <pdgiddie+balabit at gmail.com>
Peter Czanik <czanik at balabit.hu>
Peter Gyongyosi <gyp at balabit.hu>
Robert Fekete <frobert at balabit.hu>
Ryan Frederick
Sergey Shuman
Tamas Pal <folti at balabit.hu>
Tibor Benke <btibi at balabit.hu>
Tihamer Petrovics <tihameri at gmail.com>
Valentijn Sessink <valentijn at sessink.nl>
Viktor Juhasz <jviktor at balabit.hu>
Viktor Tusa <tusa at balabit.hu>
Vincent Brillault <spam at lerya.net>
DOWNLOAD:
You can download the source or binary packages from:
http://www.balabit.com/network-security/syslog-ng/opensource-logging-system/downloads
The documentation of the syslog-ng Open Source Edition is available in
The syslog-ng Open Source Edition Administrator's Guide at
http://www.balabit.com/support/documentation/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 199 bytes
Desc: not available
Url : http://lists.balabit.hu/pipermail/syslog-ng-announce/attachments/20131104/eb540402/attachment.pgp
More information about the syslog-ng-announce
mailing list