[syslog-ng] syslog-ng Insider - August 2011

Peter Czanik czanik at balabit.hu
Wed Aug 17 15:41:13 CEST 2011 

Dear syslog-ng users,


This is the 5th issue of the syslog-ng Insider, a monthly newsletter
that brings you syslog-ng related news.

Your feedback and news tips about the next issue is welcome at
documentation at balabit.com <mailto:documentation at balabit.com>



FEATURED NEWS


Please test 3.3 beta2!

--------------------

Version 3.3 is a major step in syslog-ng's development, as it is now
fully multi-threaded, and is also the first release with considerable
amount of community developed features. A new beta was released this
weekend! It received many changes and fixes since the beta1 release.

According to internal testing, it works nice and stable, but we already
received some external problem reports. So your feedback is very
valuable, especially if you could test it in real world situations with
logs and configurations we could never imagine ourselves. As threading
is a major new feature, which is not enabled by default, please try it
by adding “threaded(yes)” to your options in syslog-ng.conf

Please download sources from
http://www.balabit.com/downloads/files?path=/syslog-ng/sources/3.3.0beta2 !

For a list of changes and fixes check the announcment at
http://lists.balabit.hu/pipermail/syslog-ng-announce/2011-August/000117.html


If you use FreeBSD, ports is already updated to beta2:
http://www.freshports.org/sysutils/syslog-ng3-devel/

Documentation is also available:
http://www.balabit.com/sites/default/files/documents/syslog-ng-ose-3.3-guides/syslog-ng-ose-v3.3-guide-admin-en.html/index.html-single.html


Windows in focus

----------------

The syslog-ng application is often used in a Windows environment. There
is now an ongoing blog series about syslog clients for Windows. BalaBit
also released some patterns for Windows.

The patterns are available from
http://czanik.blogs.balabit.com/2011/07/patterns-for-windows-server-2008/

Blogs about syslog clients:

http://czanik.blogs.balabit.com/2011/07/eventlog-to-syslog/

http://czanik.blogs.balabit.com/2011/07/snare/

http://czanik.blogs.balabit.com/2011/07/some-more-applications-to-forward-windows-events-to-syslog-ng/

To be continued...


Performance

-----------

Both syslog-ng OSE and PE are now multi threaded, which brings
performance to extreme. On the test machine HDD and multiple gigabit
Ethernet lines were the limiting factor, not syslog-ng. The test were
done using PE, but OSE performance should be similar:

http://pzolee.blogs.balabit.com/2011/07/do-you-want-to-process-800-000-messagessec/

BalaBit call the features and technologies aimed compliance at a high
performance HSRL (High Spead Reliable Logging).


POLL


Please take a minute to answer three syslog-ng related questions at
https://www.surveymonkey.com/s/6ZQDVH6


OTHER SHORT NEWS


    *

      A few more words on CVE-2011-1951:
      http://bazsi.blogs.balabit.com/2011/07/on-cve-2011-1951-bug-or-security-issue/

    *

      Logs as a movie:
      http://algernon.blogs.balabit.com/2011/06/twelve-days-of-log/

    *

      ELSA updated:
      http://ossectools.blogspot.com/2011/07/elsa-vmware-appliance-available.html

NEW RELEASES


    *

      syslog-ng OSE 3.3 beta2 was released:
      http://lists.balabit.hu/pipermail/syslog-ng-announce/2011-August/000117.html




ARCHIVE


http://insider.blogs.balabit.com/

-- 
Peter Czanik (CzP) <czanik at balabit.hu>
BalaBit IT Security / syslog-ng upstream
http://czanik.blogs.balabit.com/

More information about the syslog-ng mailing list