syslog-ng Premium Edition 7 released!

Today we’re announcing syslog-ng Premium Edition 7, our latest stable release for syslog-ng PE. This release is primarily for customers using syslog-ng PE as a log collection and log routing tool front-ending SIEM solutions and big data destinations. It also introduces a couple major changes, such as a new, modern core and a rolling release model, but because of the new code base,  it has some temporary limitations as well, which we discuss in detail below.

Introducing a new core

Going forward, syslog-ng Premium Edition and syslog-ng Open Source Edition will have the same core, providing several benefits for both our PE customers and for our open source community.
A common core means that whenever we make advancements in the PE core, the OSE core will get the same enhancements as well (except for PE exclusive features). Likewise, innovations and improvements made by the open source community will be available much quicker in our professionally supported packages. The common core’s much wider user base will help us raise the bar on our already acclaimed reliability, and bug fixes will also be more readily available to both user bases. Last but not least, it will also be easier to make the switch to the PE from the OSE if the need arises.

This however, comes at a cost for the time being. Several features present in previous versions of syslog-ng PE have not yet been implemented for the new core, and thus are temporarily missing from PE 7. Of course, this will change quite quickly with future releases, but for now, if you consider upgrading to PE 7, please be aware of the limitations. You might also need to re-write your syslog-ng PE configuration, since some functions work slightly differently than in previous releases. You can check the detailed changelog here.

With the new core, we also introduced a couple great new features. You can use an external database file to append custom name-value pairs to incoming logs, thus extending, enriching, and complementing the data found in log messages, and you can correlate and aggregate information from log messages using a few simple filters, without having to configure a pattern database. We also improved on configuration flexibility, and now you can define configuration objects inline without having to define them in a separate object. Additionally, you can use embedded log statements, junctions and in-line object definitions within source, destination, filter, rewrite and parser definitions.

New version policy

Starting with version 7.0, syslog-ng PE is moving to a new, rolling release model to achieve a faster release cycle. New features, bug and security fixes will be launched in the same release as they will be available for production usage.
Each rolling release is supported for 12 months after the original release date. Bug reports are accepted on any of the supported versions, but fixes will only be implemented to the latest version.
In the rolling release model, syslog-ng PE requires a new license file. With that, you are entitled to use all future versions of syslog-ng PE provided that you have a valid support contract. The old license will remain active for the previously released LTS product line.

Related Content