Last week One Identity released version 4.8.0 of its open-source log management application. Learn about some of the new features and bug fixes: why upgrade to the latest syslog-ng version, not only on FreeBSD :-)
Before you begin
If you want to try syslog-ng 4.8.0 note that it is not yet available for most operating systems. You can find up-to-date third party packages for some operating systems, check out our 3rd party binaries page at https://syslog-ng.org/3rd-party-binaries/. Support for some older distributions (I would call ancient…) was removed recently, so you cannot test syslog-ng 4.8.0 on SLES 12, RHEL 7 (and compatibles) and Debian 10. Two of these have already reached end of life, but are still used in production…
wildcard-file() fixes and improvements
Someone reported a problem about reading files with syslog-ng. What originally sounded like a minor problem, it led to a major refactor and improvements in the file and directory monitoring code. The original problem has been resolved, and along the way the code became a lot more efficient. This is especially visible on FreeBSD and MacOS, where directory monitoring is now based on kqueue, making it faster while using a lot less resources.
Better platform support
Some of the latest features had very limited platform support. They only compiled with GCC and only on leading edge Linux distributions. Not anymore! CLANG is now also supported to compile C++ code, meaning that C++ features are now also available on FreeBSD and on Linux distributions utilizing CLANG. The same set of fixes also added support for the first Enterprise Linux distribution, as RHEL 9 and compatibles are now supported as well.
It means that support for OpenTelemetry and Grafana Loki are now available on a wider range of platforms.
My unofficial RPM packages for Fedora / RHEL already have these enabled: https://www.syslog-ng.com/community/b/blog/posts/installing-latest-syslog-ng-on-rhel-and-other-rpm-distributions
Furthermore, it should be available soon in FreeBSD ports. Until then you can use the port from my GitHub repo, which I use for testing syslog-ng git snapshots. It contains the 4.8.0 release: https://www.syslog-ng.com/community/b/blog/posts/installing-a-syslog-ng-4-development-snapshot-on-freebsd
Version
Starting with syslog-ng version 4.8, the lack of version declarations does not stop syslog-ng anymore. Instead, it provides you with a warning message:
WARNING: no version information provided in the configuration file. Please specify `current` to use the latest version and silence this warning or specify a specific version number using @version as the first line in the configuration file.
For more details check my blog from last week: https://www.syslog-ng.com/community/b/blog/posts/why-it-is-useful-to-set-the-version-number-in-the-syslog-ng-configuration
What is next?
There were further changes in this release. S3 server-side encryption, severity can be filtered by number, even more proxy options, and so on. Check the release notes for full details: https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.8.0
I hope I could prove to you that while FreeBSD users benefited the most, there is something interesting for everyone in this release.
-
If you have questions or comments related to syslog-ng, do not hesitate to contact us. You can reach us by email or even chat with us. For a list of possibilities, check our GitHub page under the “Community” section at https://github.com/syslog-ng/syslog-ng. On Twitter, I am available as @PCzanik, on Mastodon as @Pczanik@fosstodon.org.