Select Page

syslog-ng features published in 3.x

  • Conceptual improvements
    • blocks and SCLs (3.2.x)
    • value-pairs (3.4.x)
    • template functions to manipulate/map values right within templates (3.4.x)
    • type hinting (3.5.x)
    • junctions and channels (3.4.x)
    • support for lists in name value pairs (3.20.1)
    • collecting extra information about the sending process
    • unique message IDs ($UNIQID, $RCPTID) (3.7.x)
    • support for list values (3.10.1)
    • ewmm (3.13.1)
    • if/else/elif blocks (3.15)
  • Parsing and processing
    • support for JSON (3.3.x)
    • XML support to parse Windows eventlog (3.12.1)
    • app-parser (3.13.1)
    • db-parser (3.2.x)
    • kv-parser (3.7.x)
    • date-parser (3.8.1)
    • geoip lookups (3.7.1)
    • map-value-pairs (3.10.1)
    • add-contextual-data (3.8.1)
    • grouping-by(): streaming aggregation/correlation of related messages
    • geoip support
    • url encode/decode (3.18)
    • base64 encode/decode (3.18)
    • automatic detection/fixing of timezone information (3.21.1)
    • regexp-parser (3.34.1)
    • Out-of-the-box, application specific parsers
      • apache-accesslog-parser()
      • linux-audit() parser (3.17)
      • cisco-parser()
      • windows-eventlog-parser()
      • Netskope parser (3.20
      • Websense parser (3.20)
      • JunOS (3.21)
      • CheckPoint LogExportqer (3.21)
      • panos-parser for Palo Alto PAN-OS logs (3.29)
      • fortigate-parser (3.31)
  •  Architecture
    • Multi threaded execution
    • the ability to extend syslog-ng with plugins (3.2.x)
    • python/Java bindings (3.7.1)
    • multi-threaded destinations with batching support (e.g. HTTP, kafka, mongodb, redis)
    • Dynamic Window Sizing (3.22)
    • interactive debugger (syslog-ng -i)
    • The ability for plugins to collaborate using a signal-slot mechanism, which is used to implement Azure authentication (written in Python) with the C based HTTP destination for instance
  • Souces and destinations
    • sql
    • mongodb (3.3.x)
    • amqp (3.4.x)
    • smtp (3.4.x)
    • stomp (3.5.x)
    • redis (3.5.x)
    • riemann (3.6.x)
    • graphite (3.6.x)
    • Elastic, Kafka, Hadoop destinations (3.7.1)
    • HTTP destination (3.8.1) with multi-threaded enhancements for Splunk HEC (3.18.1), and a client side HTTP load balancer (3.19.1)
    • node.js apps via Winston (3.6.1)
    • loggly (3.8.1)
    • logmatic (3.8.1)
    • SNMP traps source (3.10.1) and destination (3.22.1)
    • osquery source (3.10.1) and destination (3.13.1)
    • graylog2 support
    • telegram destination (3.16.1)
    • slack destination (3.19.1)
    • collectd destination (3.20.1)
    • sumologic destination (3.27.1)
    • discord destination (3.33)
    • mqtt destination (3.33) and source (3.35)
    • network load balancing over several connections (3.13.1)
    • client side failover (3.15.1) and fallback (3.17.1) support in syslog destinations
    • source side UDP socket load balancing (so-reuseport) (3.19.1)
syslog-ng future blog
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.