立即与支持人员聊天
与支持团队交流

syslog-ng Premium Edition 7.0.19 - Release Notes

New features in syslog-ng PE version 7.0.18

Receiving large volume of UDP messages

Starting with syslog-ng PE version 7.0.18, you receive UDP logs at very high-volume using the new udp-balancer() source. The udp-balancer() source allows you to use multiple CPU cores to process the incoming UDP messages at a very high message rate, depending on the available hardware resources, incoming message size, and your syslog-ng PE configuration. Note that this feature requires a recent Linux kernel, so it is supported only selected platforms. For details, see "udp-balancer: Receiving UDP messages at very high rate" in the Administration Guide.

Enhancements

The default-network-drivers() source now supports the max-connections() option.

NOTE:

Starting with 7.0.19, syslog-ng PE assigns a persist name to Python sources and destinations. The persist name is generated from the class name. If you want to use the same Python class multiple times in your syslog-ng PE configuration, add a unique persist-name() to each source or destination, otherwise syslog-ng PE will not start. For example:

log {
    source { python(class(PyNetworkSource) options("port" "8080") persist-name("<unique-string>); };
    source { python(class(PyNetworkSource) options("port" "8081")); };
  };

Alternatively, you can include the following line in the Python package: @staticmethod generate_persist_name. For example:

from syslogng import LogSource
  class PyNetworSource(LogSource):
    @staticmethod
    def generate_persist_name(options):
        return options["port"]
    def run(self):
        pass
    def request_exit(self):
        pass

New features in syslog-ng PE 7.0.17

Fetching logs from Office 365

Starting with syslog-ng PE version 7.0.17, you can fetch logs from your Office 365 account using the Office 365 Management Activity API. For details, see "office365: Fetching logs from Office 365" in the Administration Guide.

Upgrade improvements

The upgrade from syslog-ng PE version 6 has been improved and made more robust. If you are upgrading from syslog-ng PE version 6, first upgrade to the latest available 6.0.x maintenance release. For details on the upgrade process to syslog-ng PE version 7, see "Upgrading from None 6.0.x to version None" in the Administration Guide.

New features in syslog-ng PE 7.0.16

Enhancements

Detailed documentation about upgrading from syslog-ng PE 6 to version 7 is available at "Upgrading from None 6.0.x to version None" in the Administration Guide.

New features in syslog-ng PE 7.0.14

Google Stackdriver destination

The stackdriver destination of syslog-ng PE can send log messages to the Google Stackdriver cloud. Google Stackdriver is a widely used metrics, event, and log aggregator and analyzer system. For details, see "stackdriver: Sending logs to the Google Stackdriver cloud" in the Administration Guide.

Elasticsearch HTTP destination

Version 7.0.14 of syslog-ng PE can directly post log messages to an Elasticsearch deployment using the Elasticsearch Bulk API over the HTTP and Secure HTTP (HTTPS) protocols. For details, see "elasticsearch-http: Sending messages to Elasticsearch HTTP Event Collector" in the Administration Guide.

Windows Server 2019 logs

The Windows Event Collector application now supports Windows Server 2019.

Enhancements
  • The syslog-ng-ctl reload command now has a return value: 0 if the operation was successful, 1 otherwise.

  • Instead of dropping incoming messages that are too long, you can now trim them using the trim-large-messages() option of the syslog() source.

相关文档