This article lists the bugs fixed in syslog-ng Premium Edition 7.0.11.
Released: Thu, 25 Oct 2018
#SYSLOGDEV-4385 - New HDFS time_reap option
#SYSLOGDEV-4529 - Reading kernel logs on AIX
#SYSLOGDEV-4550 - Memory leak in patterndb during reload
#SYSLOGDEV-4390 - Log message stuck in backlog using disk queue
#SYSLOGDEV-4493 - Memory leak in Java based destinations
#SYSLOGDEV-4590 - Memory leak during saving statistics
#SYSLOGDEV-4591 - Memory leak in wildcard filesource
#SYSLOGDEV-4391 - Detect CAP_SYSLOG correctly
#SYSLOGDEV-4473 - OpenSSL upgraded to 1.0.2p
#SYSLOGDEV-4510 - Cisco parser: fix parsing logs with misformatted timestamp
#SYSLOGDEV-4557 - Logstore memory leak
Reset the license counter
You can now configure syslog-ng PE to reset the counter that stores the list of known hosts. That way, you can make syslog-ng PE forget old clients that do not exist anymore, and otherwise would be counted against the license limit. This is especially useful in large datacenters or cloud environments where the client hosts are deployed and removed frequently.
Write your own destination in Python
Extending syslog-ng PE in Python with templates and parsers has been supported for several releases, but so far this feature was not available. Now you can find more details about this feature in “python: writing custom Python destinations” in the Administration Guide.
Write your own message source in Python
Starting with syslog-ng PE version 7.0.11, you can write custom message sources in Python. Both server-style and fetcher-style sources are supported. For more details, see “Python LogMessage API” in the Administration Guide and “python-fetcher: writing fetcher-style Python sources” in the Administration Guide.
When hdfs-append-enabled is set to true, syslog-ng will append new data to the end of an already existing HDFS file. Note that in this case, archiving is automatically disabled, and syslog-ng PE will ignore the hdfs-archive-dir option.
New template functions are available: url-encode(), url-decode() and base64-encode().
The syslog-ng-ctl config command can display the contents of the configuration file that syslog-ng is currently running.
Features available only in syslog-ng PE 6 LTS
Several features that are available in syslog-ng Premium Edition 6 LTS are not yet implemented in syslog-ng PE 7. In case you need to use these features, use syslog-ng PE 6 LTS, or contact the Balabit Support Team for advice. The features missing from syslog-ng PE 7 will become gradually available in future releases of syslog-ng PE.
The SNMP destination (snmp()).
The SQL source (sql()).
The persist-tool application.
The allow-compress(), ca-dir-layout(), and cert-subject() options related to TLS transport.
The syslog-ng PE 7 application is currently supported only on Linux platforms. For a detailed list, see Section 1.6, Supported platforms in The syslog-ng Premium Edition 7 Administrator Guide.
The failover-servers() and spoof-interface() options of the network() and syslog() destinations.
The read-old-records(), recursive() and use-syslogng-pid() options of the file() source.
The replace(), cut(), and format-snare() template-functions.
FIPS-compliant packages are not available.
Manual configuration upgrade needed
Since there are some missing features/options it is possible you will need to change parts of your configuration file. In case you need help with upgrading please contact the Balabit Support Team for advice.
Platforms supported in syslog-ng PE 7
Debian 7 (wheezy)
Debian 8 (jessie)
Oracle Linux 7
Oracle Linux 6
Red Hat EL 7
Red Hat EL 6
Ubuntu 12.04 LTS (Precise Pangolin)
Ubuntu 14.04 LTS (Trusty Tahr)
Ubuntu 16.04 LTS (Xenial Xerus)
Platforms not supported in syslog-ng PE 7
Oracle Linux 5