Release Notes
November 2018
These release notes provide information about the syslog-ng Open Source Edition release.
The syslog-ng Open Source Edition application is highly portable and is known to run on a wide range of hardware architectures (x86, x86_64, SUN Sparc, PowerPC 32 and 64, Alpha) and operating systems, including Linux, BSD, Solaris, IBM AIX, HP-UX, Mac OS X, Cygwin, Tru64, and others.
The source code of syslog-ng Open Source Edition is released under the GPLv2 license and is available on GitHub.
See the Downloads page for binary packages.
Version 3.18 of syslog-ng Open Source Edition includes the following main features.
The http() destination can now send a batch of log messages in a single HTTP request, greatly improving the performance. In addition, this feature also allows you to post proper JSON-encoded arrays as POST payloads, which is required by several REST APIs. For details, see Administration Guide.
Extending syslog-ng OSE in Python has been supported for several releases, but so far this feature was mostly undocumented. Now you can find more details about this feature in "python: writing custom Python destinations" in the Administration Guide.
Starting with syslog-ng OSE version
When hdfs-append-enabled is set to true, syslog-ng OSE will append new data to the end of an already existing HDFS file. Note that in this case, archiving is automatically disabled, and syslog-ng OSE will ignore the hdfs-archive-dir option.
The hdfs destination now supports the time-reap() option.
The urlencode() template function has been renamed to url-encode(). Also, the telegram() destination now automatically encodes the messages.
New template functions are available: url-decode() and base64-encode(). For details, see "Template functions of syslog-ng OSE" in the Administration Guide.
The syslog-ng-ctl config command can display the contents of the configuration file that syslog-ng OSE is currently running.
The rekey option of value-pairs() now supports a new transformation: shift-levels. It cuts dot-delimited "levels" in the name (including the initial dot). For example, --shift-levels 2 deletes the prefix up to the second dot in the name of the key: .iptables.SRC becomes SRC
For details, see "value-pairs()" in the Administration Guide.
The value-pairs() option now has a new scope: none. This scope resets previously added scopes, making it possible to get remove automatically added name-value pairs from the scope.
For details, see "value-pairs()" in the Administration Guide.
When receiving messages with the default-network-drivers() source, syslog-ng OSE now automatically sets the ${.app.name} name-value pair to the name of the application that sent the log message.
For details, see "default-network-drivers: Receive and parse common syslog messages" in the Administration Guide.
The elasticsearch() destination has been deprecated, because it supports only ElasticSearch version 1.x, which has been End-of-Life since January, 2017. Use the elasticsearch2() destination instead.
For a detailed list of issues resolved in this release, see syslog-ng Releases page.
© 2025 One Identity LLC. ALL RIGHTS RESERVED. Conditions d’utilisation Confidentialité Cookie Preference Center
