syslog-ng 3.8 – what changed?

Almost a year has passed since the last major syslog-ng release. The first beta of the upcoming 3.8 release was published last week. This brought many changes both in terms of new features and in packaging. To encourage testing I would like to highlight some of the most important new features. Most people prefer using packages, so I also collected what changed in packaging.

Highlights

In the past few days I asked people about what they consider the most important new features in syslog-ng 3.8. Almost everybody highlighted something different, based on personal needs and preferences. The list below is in no particular order and it is far from complete, only including those that were mentioned most frequently. Some of the new features were already introduced in a blog, others are only documented in a commit message.

Packages

There are already some unofficial packages available for various Linux distributions. Most syslog-ng features are enabled in these builds, because distribution packaging guidelines are not always strictly followed by these packages Slight smile If you use an RPM-based distribution, experimental builds for some of the Rust modules are also available. In all cases it is not enough to download the syslog-ng package, you need to add the repository containing the package to be able to install all necessary dependencies.

Debian / Ubuntu: https://build.opensuse.org/package/show/home:laszlo_budai:syslog-ng/syslog-ng-3.8beta

Fedora / RHEL 7: https://copr.fedorainfracloud.org/coprs/czanik/syslog-ng38/

openSUSE / SLES 12: https://copr.fedorainfracloud.org/coprs/czanik/syslog-ng38/

Compilation / packaging changes

There are some new and changed ./configure arguments:

  • –datadir now appends syslog-ng to the path name, so you need to remove it:

[codesyntax lang=”bash”]

– –datadir=”%{_datadir}/syslog-ng” \

+ –datadir=”%{_datadir}” \
[/codesyntax]

  • Java modules can now be compiled independently from Java support. Therefore, even if your distribution does not have Gradle or some of the JAR dependencies to build the Java modules, you can still provide Java support in the official distribution syslog-ng package and let the users download Java modules separately. You can use the –enable-java-modules or –disable-java-modules arguments to decide whether you want to build modules.

Depending on how you package syslog-ng, you might not need to follow up all of the file list changes:

  • dqtool: a tool to manage disk buffers
  • new SCL configuration snippets, mostly related to Logging as a Service (LaaS) providers
  • new modules, related to disk buffer, CEF formatting, and so on.
  • native connector: files required to build parsers written in Rust includes a new JAR file for Elasticsearch 2.X support together with a list of JAR dependencies, which make REST API support possible

As JAR dependencies that are required for Elasticsearch 1.X and 2.X support conflict with each other, it is no more possible to store all dependencies in a flat directory. This also means that there is no single archive for building and running syslog-ng Java modules. If you need an offline version of JAR files that are required to build syslog-ng Java modules, you can use the following script to build a local Maven repository from a Gradle cache: https://github.com/lbudai/gradle_cache_to_local_maven_repo

 

If you have any questions or comments regarding syslog-ng 3.8 there are many ways to contact us. These are collected at https://www.syslog-ng.com/contact-sales/

Parents Comment Children
No Data
Related Content