RSS Feed
Latest Updates
Support packages and Service Level Objective
Posted by Bonnyai Emese on 2016 March 03 15:17

Dear Customers,


I would like to inform you that Service Level Objectives (SLOs) belonging to the different support packages were modified in our General Terms and Conditions as well.

SLOs are counted when the status of a technical case is active namely Balabit Support Team works on it.


Please, find more description about SLOs on our website:


Kind regards,


Emese Bonnyai

Balabit Support

Read more »

Balabit Support General Terms and Conditions
Posted by Bonnyai Emese on 2016 February 25 10:57

Dear Customers!


Our General Terms and Conditions document has taken effect since 15th Feb, 2016.


Let me draw your attention to some of the changes you will meet while submitting a support case:

  • severity level Minor Impact has changed to Normal Impact
  • business hours changed to 8:00 - 17:00 (CET/CEST) on the Business Days
  • new item: Extended Business Hours (from 08:00 to 20:00 (CET/CEST) on Business Days)
  • Maximum number of contact people from partner removed

The GTC is available at:


Kind regards,


Emese Bonnyai

Balabit Support


Read more »

BalaBit Support General Terms and Conditions update
Posted by Kálmán Kővári on 2016 January 15 17:23

Dear Customers!


Our General Terms and Conditions document update has been released.

The new GTC is in effect from 15th Feb, 2016.


The changes since the previous release are listed below.

The new GTC is available at:


Kind regards,

BalaBit Support


Changes of BalaBit Support General Terms and Conditions between the version on 23/04/14 and the current one:


Date: Thu Jan 7 20:59:15 2016 +0100

Legal review results merged into GTC:

  • minor rephrasings of definitions
  • general phrasing update
  • removed section 'Miscellaneous provisions'

Date: Tue Nov 24 17:54:11 2015 +0100

added holidays in 2016

Date: Wed Sep 16 10:24:42 2015 +0200

added Blindspotter support package.

Date: Mon Feb 16 15:58:58 2015 +0100

Hungarian holidays in 2014 table has been removed.

Date: Mon Feb 16 14:13:18 2015 +0100

  • Every appearence of 'Support Agreement' has been changed to
    'Support Service Agreement'
  • The definition of customer have been referred to electronic licence key
    rather then balabit licence key.
  • The definition of EULA has been moved to its alphabetical place.
  • The definition of Maximum engineer hours has been refactored
  • The definition of Partner has been extended with distributor and reseller.
  • The patch expression has been changed in the definition of Workaround
  • The by-pass expression has been changed in the definition of Workaround
  • Every Engineering Release and Workaround have been capitalized,
    because these are definitions
  • In the other service limitations table Maximum Engineer Hours
    has been changed to Maximum Engineer Hours of non-charged engineer hours.
  • A typo has been fixed in Escalation process
  • In hardware replacement session the 'non defective' clause was missing,
    this has been fixed. In the same sentence some semantical modifications
    has been made.
  • In the section of limitation of liability the second session which
    referred to the '314. of Act IV of 1959 on the civil code of hungary'
    has been removed.
  • The notices section has been expanded with email
  • In the governing law section the reference for Act IV of 1959
    has been changed to Act V of 2013
  • In modifications of GTC section the withdrawal part has been removed.
  • In modifications of GTC section from the clause 'immediately upon 30 days'
    the immediately has been deleted.
  • In version policy appendix the word: customer has been changed to partner.

Date: Wed Nov 19 10:51:22 2014 +0100

rephrasing of the chapter 7. 'Request handling process'

Date: Thu Nov 13 11:26:18 2014 +0100

1. Definitions:

  • firm changed to Balabit Europe Ltd. further reffered to as BalaBit
  • business hours changed to 8:00 - 17:00
  • new item: Extended Business Hours
  • L1, L2, L3 Support removed
  • severity levels: Minor Impact changed to Normal Impact

2. Technical Support definitions and prerequisites

  • minor changes in paragraph 5.
  • Hardware replacement paragraph 8 only refers to Section 9.

4. Service Level Objectives

  • removed Work Effort column
  • Communication frequancy changed to Status Update Frequency with footer
  • Changed SLO for ExtSU S1 and S3
  • Maximum number of contact people from partner removed

7. Incident handling process

  • clarified "work in progress"

8. Escalation procedure

  • minor changes in escalation handling (paragraph 3)
  • deleted para 6.

9. Hardware replacement

  • minor changes in para 2.

Appendix A:

  • added Hungarian work days and vacations for year 2015.

Appendix C:

  • Headline changed.

Date: Wed Oct 1 09:59:46 2014 +0200

fixed hardware replacement structure

Date: Wed Oct 1 09:10:04 2014 +0200

Added advanced replacement

Date: Wed Apr 23 16:18:55 2014 +0200

changed the company name in accordance with the ongoing legal changes

Read more »

syslog-ng Store Box 3 LTS End of Support
Posted by Gergely Csordás on 2015 September 15 10:27

In accordance with our version policy, support for syslog-ng Store Box
3 LTS ends on 30th September, 2015

Updates, security fixes, and technical support of syslog-ng Store Box
3 LTS will be discontinued from this date.

You are recommended to upgrade to syslog-ng Store Box 4 LTS before the
support of the above versions ends.

In order to upgrade to syslog-ng Store Box 4 LTS, follow the
instructions of the "How to upgrade to syslog-ng Store Box 4 LTS" guide:

If you need help performing the upgrade, please contact BalaBit support.

Best Regards,


Read more »

syslog-ng Store Box 4 LTS (4.0.4) has been released
Posted by Gergely Csordás on 2015 September 08 16:51

A new version of syslog-ng Store Box 4 LTS (4 LTS (4.0.4)) has been
 released. For latest fixes in the 4 LTS (4.0.x) branch you are
 recommended to upgrade to this version.


4 LTS (4.0.4)
   Thu, 31 Aug 2015 15:34:00 +0100

   Fixed bug:
     #33318 SSB now properly handles when bad stripes appear on the
            hard disk stripes in HW raid, and sends out alerts.
     #33520 When configuring SNMP agent settings, SSB sometimes
            unnecessarily enclosed the set value between double-quote
            characters ("). This has been corrected.
     #33493 Debug messages were not properly logged when syslog-ng was
            disabled, causing the following error message to appear in the
            system logs: "PHP Fatal error:  Call to undefined method
            Log::log_debug() in /opt/ssb/lib/LogSpaces.php"
            This has been corrected, now debug messages are logged properly
            even if syslog-ng is disabled.
     #33492 On newer, hardware RAID-based appliances, SSB sends false-
            positive alert events while the weekly scheduled consistency
            check is running, even if the array and all disks are in optimal
            This has been fixed, now SSB does not send alerts under
            these circumstances.
     #32522 MSSQL did not create a new table for every month because
            syslog-ng used the same transaction to create the table and
            insert values.
            Now these are done in two separate steps: if the new table does
            not exist, it is created first, and the values are inserted in a
            separate transaction. If any transaction fails, syslog-ng sends
            a rollback sql command and starts a new transaction.
     #33270 After generating a debug bundle on T4 or T10 machines, and then
            updating the SSB firmware, synchronizing the boot firmware to
            the slave not failed if SSB was not rebooted between generating
            the debug bundle and updating the firmware. This has been
            corrected, synchronization now works as expected.
     #33265 Because of changes in nfs-utils, SSB could connect to NFSv4
            servers only. From now on, SSB can connect to NFS server with
            protocol version lower than 4.
     #33394 Accessing the Policies > Shares page unnecessarily invokes the
            "net ads testjoin" function, even if no share is configured.
            This has been corrected.
     #32127 The configuration file of syslog-ng was world-readable. The file
            permissions have been adjusted, now only the necessary processes
            can access this file.

   Security updates:
     Upgraded to Ubuntu security upstream: apt, bash, batik, bind9, binutils, coreutils, cpio, cups, curl, dbus, e2fsprogs, elfutils, freetype, fuse, gnupg, gnutls26, icu, jinja2, libav, libdrm, libgcrypt11, libtasn1-3, libx11, libxalan2-java, libxext, libxfont, libxi, libxrender, libyaml, mime-support, munin, net-snmp, nspr, nss, ntp, openjdk-7, openssh, pcre3, pixman, python2.7, python3.2, pyyaml, qt4-x11, rsyslog, sqlite3, tcpdump, tiff, tzdata, unzip packages has been updated

   If you upgrade from a version preceeding SSB 4.0.1, you must manually download and execute a script.

   The reasons
   Compared to SSB 3.x, SSB 4 LTS includes a newer version of the OpenSSH application. The /etc/ssh/ssh_known_hosts file on SSB contains a line that the newer version of OpenSSH considers invalid, and ignores the known_hosts file. As a result, if you have two SSB nodes in high-availability mode, SSB cannot access the other node using SSH to upgrade its firmware. Although the problem does not cause any issues on a standalone SSB, you are recommended to execute the script even if you do not use SSB in high-availability mode.

   How to solve the problem
   To solve the problem, complete the following steps.
   1. Login to the SSB web interface and navigate to the 'Basic Settings > Management > SSH settings' page.
   2. Verify that the 'Enable remote SSH access' option is enabled.
      If you cannot access SSB using SSH, you will need to access SSB from a local console.
   3. Download the script from to your computer.
   4. Issue the <SSB-hostname-or-ipaddress> command to execute the script (replace <SSB-hostname-or-ipaddress> with the IP address or hostname of your SSB).
      * If remote SSH access to SSB is enabled, you can execute the script from your local computer, or any other computer that can access SSB and can execute Shell scripts. If you are running Microsoft Windows, you can download the WinSCP utility from, copy the script to SSB, login to SSB using an SSH client (or the IPMI console), and execute the script locally.
      * If you cannot remotely access SSB, you can execute the script locally on SSB. In this case, use as <SSB-hostname-or-ipaddress>.
   6. If needed, enter the password. (The script will require the password at least once.)
   7. The script automatically corrects the ssh_known_hosts file on the SSB found at <SSB-hostname-or-ipaddress>, and also on the other node if it is running in high-availability mode.

   What happens if you do not execute the script
   If you upgrade an SSB HA without correcting the known_hosts file, SSB will not be able to synchronize data between the two nodes, requiring the secondary node to be reinstalled, and all data re-synchronized.

 For details on the issues corrected in this release, see our issue
 tracking page at


 Firmwares and other files for syslog-ng Store Box are available at:

 The documentation of the syslog-ng Store Box is available in
 The syslog-ng Store Box Administrator Guide at

Kind Regards,

 BalaBit IT Security

Read more »