While no dates are set to stone yet, we expect a couple of syslog-ng releases in the near future. As version 4.8.1 is used in major Linux distributions and has a couple of known bugs, we will release 4.8.2 to address those. However, we are also working on 4.9.0, which will bring many changes.
Before you begin
For testing, you need an up-to-date build of syslog-ng. You have many options:
-
If you have ARM64 or x86_64 systems, you can use the nightly syslog-ng container images: https://www.syslog-ng.com/community/b/blog/posts/nightly-arm64-syslog-ng-container-builds-are-now-available
-
Nightly packages for Debian / Ubuntu are available for x86_64: https://www.syslog-ng.com/community/b/blog/posts/nightly-syslog-ng-builds-for-debian-and-ubuntu
-
Weekly git snapshot builds are available for openSUSE / SLES & Fedora / RHEL & compatibles: https://www.syslog-ng.com/community/b/blog/posts/rpm-packages-from-syslog-ng-git-head/
-
https://github.com/czanik/freebsd/tree/master/syslog-ng4-devel has up-to-date FreeBSD ports. However, you have to build the syslog-ng source tgz yourself and place it under /usr/ports/distfiles.
All these contain the very latest syslog-ng code, in preparation for 4.9.0. If you want to test what is coming to syslog-ng 4.8.2, you can do that on Fedora / RHEL & compatibles by installing syslog-ng-4.8.1.90.g63cdee6 from the abovementioned repository:
dnf install syslog-ng-http-4.8.1.90.g63cdee6
Just make sure that you always use this version, otherwise dnf will install the latest available syslog-ng version.
Another option is to compile syslog-ng from source. In this case, you can download the syslog-ng source code from https://github.com/syslog-ng/syslog-ng/. The default git branch now is “develop”, containing the latest syslog-ng code and what you can expect to see in 4.9.0 as of today. If you want the source code for 4.8.2, switch to the “master” branch. Note that in the future, this branch will only contain released code, as we are in a transition period right now.
What to test?
Version 4.8.2 will contain two major bug fixes (and several smaller changes):
-
The 4.8.1 release brought in some incompatible changes to the format-json() template function to fix a crash. However, it broke several SCL-based drivers, which were not updated accordingly, including elasticsearch-http(). This is now fixed and debugging was also made easier. Elasticsearch, Opensearch, and others should work again.
-
The S3 destination driver had some message loss problems, which were addressed in a refactor. But along the way, we also made some major performance improvements as well. You can read more about the changes at: https://github.com/syslog-ng/syslog-ng/pull/5257
Version 4.9.0 will contain many new features and under the hood changes. Some are not easy to test, unless you compile syslog-ng yourself, as they require using the slightly-modified bundled ivykis library (https://github.com/syslog-ng/syslog-ng/pull/5312). Most packaging in Linux distributions and in FreeBSD use the latest official ivykis release, as the use of bundled libraries is not allowed (and not recommended).
-
Formatting the output of the syslog-ng-ctl stats and syslog-ng-ctl query commands is unified. You can learn more about how to use the new --format option at https://github.com/syslog-ng/syslog-ng/pull/5248
-
Added inotify-based regular file change detection to the wildcard-file() source using the existing inotify-based directory monitor. This improves efficiency on OSes like Linux, where only polling was available before, significantly reducing CPU usage while also enhancing change detection accuracy. You can learn how to configure it at https://github.com/syslog-ng/syslog-ng/pull/5315
What is next?
Please provide your feedback! Obviously, we need testing and bug reports to make sure that all bugs are fixed, and no new bugs are introduced before the new release. Post these at https://github.com/syslog-ng/syslog-ng/issues However, besides bug reports, any kind of feedback is very welcome, such as knowing whether your old config works with the new release, or whether you experience any syslog-ng performance improvements. You can post these at https://github.com/syslog-ng/syslog-ng/discussions or on the mailing list.
-
If you have questions or comments related to syslog-ng, do not hesitate to contact us. You can reach us by email or even chat with us. For a list of possibilities, check our GitHub page under the “Community” section at https://github.com/syslog-ng/syslog-ng. On Twitter, I am available as @PCzanik, on Mastodon as @Pczanik@fosstodon.org.