Overview

SymmetricDS Pro 3.18.0 release includes 0 features, 0 improvements, and 0 bug fixes.

What’s New

Analytics

The new Analytics tab in the SymmetricDS Pro console provides five pre-built reports that give operations teams deep visibility into replication activity and health.

Reports are generated by the Refresh Analytics job, which runs every six hours by default. Each report screen shows when data was last refreshed and provides a Run Now button to trigger the job immediately. The Data retained for link shows the current retention period and opens a dialog to edit the purge.stats.retention.minutes parameter.

Table Heat Map — shows the total rows synchronized per table per day over a rolling window of up to 30 days. Cell colors indicate activity levels relative to other tables. Filters control the time range, the event type (insert, update, or delete), the metric (sent or loaded), and the number of tables shown.

Table Status Report — displays the insert, update, and delete activity for a single table over a rolling window. Includes an event-type donut chart, a stacked daily bar chart, and a daily breakdown table. Tables with significantly above-average activity are flagged with a HIGH ACTIVITY badge. Click a table name in the Table Heat Map to navigate directly to its Table Status Report.

Capture Health — shows whether CDC was actively capturing changes for each configured table, month by month, over a 13-month rolling window. Green cells indicate continuous active capture; yellow cells indicate configuration changes; orange cells indicate a partial capture gap; red cells indicate no capture for the entire month. Clicking a cell opens a detail dialog showing rebuild events or exact gap periods.

Node Backlog Heat Map — shows the average outgoing batch backlog per node per day. Summary cards surface the node with the largest current backlog and the node whose backlog is growing fastest. When offline nodes collectively hold 50% or more of the total backlog, a warning message identifies those nodes as a potential indicator of network trouble.

Cluster Traffic Heat Map — shows how replication traffic is distributed across cluster hosts per day, relative to the cluster average. An imbalance callout identifies hosts consistently handling more or less than their expected share of traffic. Filter by replication stage (Routed, Extracted, Sent, or Loaded), channel, and row or byte count.

Data Refresh

SymmetricDS 3.18 expands Data Refresh to support multiple, independently scheduled refresh jobs and extends replication to database views.

The Deploy Wizard automatically presents the new Data Refresh Configuration screen whenever the deployment includes tables or views that cannot use CDC — such as views, tables without primary keys on log-based SQL Server sources, or tables without compatible timestamp columns on time-based sources. Each CDC-ineligible table or view must be assigned a reload strategy and a schedule before the wizard can proceed. Predefined schedules such as hourly, daily, and weekly are available, and custom schedules can be created inline by selecting + Create New Schedule…​.

For post-deployment management, named Data Refresh jobs can be created and edited under Configure → Details → Jobs. Tables are assigned to a specific job using the Data Refresh Job field in Configure → Details → Table Routing. Tables configured for CDC remain on the default CDC assignment and are unaffected by any refresh job.

The Data Refresh Type field in Configure → Details → Table Routing controls how each table is refreshed when its assigned job runs:

  • Auto — chooses between a full reload or compare-and-repair.

  • Full — issues a table reload request with delete-first.

  • Full (truncate) — truncates the target table, then reloads all rows.

  • Differences — performs a compare-and-repair to sync only rows that differ. Requires a Compare & Repair license.

Views are now supported in replication on Microsoft SQL Server, Oracle, PostgreSQL, MySQL, and MariaDB source endpoints. The Configure Diagram’s Select Tables screen includes a Show Views checkbox to include views during setup.

Docker Image Hardening

The official SymmetricDS Pro Docker image now runs as the symds non-root system account (UID 1000 by default), satisfying Kubernetes security policies such as runAsNonRoot: true. Named volumes work without additional configuration; bind mounts require the host directory to be writable by the container UID. To use a different UID, pass the SYMDS_UID build argument at image build time.

A hardened image variant is available under the -hardened tag suffix (for example, jumpmind/symmetricds-pro:3.18.0-hardened). The hardened image uses a JRE-only base image to exclude the Java compiler toolchain and removes the Alpine package manager to reduce the post-compromise attack surface. Features that compile Java at runtime — Java jobs, Java routers, Java transforms, and Java extensions — are not available in the hardened image; use BeanShell scripting as an alternative for these features.

The hardened image supports running with all Linux capabilities dropped:

docker run --cap-drop=ALL -p 31415:31415 --name sym jumpmind/symmetricds-pro:3.18.0-hardened

In Kubernetes, the equivalent security context is:

securityContext:
  runAsNonRoot: true
  capabilities:
    drop:
      - ALL

Each hardened image includes an SBOM attestation verifiable via cosign for supply chain auditing and provenance verification.

OpenTelemetry Integration

SymmetricDS now publishes its built-in metrics through the OpenTelemetry (OTel) API, making them available to any OTel-compatible observability platform — including Prometheus (via the OTLP receiver), Grafana Cloud, DataDog, and Dynatrace.

Two integration modes are supported. When no global OpenTelemetry instance is present in the JVM, SymmetricDS initializes its own SDK using standard OTel autoconfiguration; exporters and other settings are controlled by OTEL_* environment variables (for example, OTEL_EXPORTER_OTLP_ENDPOINT or OTEL_METRICS_EXPORTER). When an OTel Java agent is attached to the JVM, SymmetricDS detects the existing registered instance and routes all metrics through it automatically — no additional SDK configuration is required.

The metrics.opentelemetry.enabled parameter provides per-engine control and overrides the server-level OTEL_SDK_DISABLED flag for a single engine. This allows a server hosting multiple engines to enable or disable OTel publishing independently per engine.

Built-in Replication Metrics

SymmetricDS 3.18 introduces a built-in metrics framework that continuously collects and stores detailed statistics about the synchronization pipeline. Observations are aggregated into five-minute time windows and stored as summary statistics — average, minimum, maximum, standard deviation, and count — across four new tables: METRIC_KEY, METRIC_CONTEXT, METRIC_STATS_FLOAT64, and METRIC_STATS_INT64.

The following categories of metrics are collected automatically:

  • Server Connections — active connection reservations and utilization relative to the configured concurrent-worker limit.

  • Synchronization Pipeline — per-channel row and byte counts across each pipeline stage: routed, extracted, sent, received, and loaded.

  • Batch Status — per-node outgoing and incoming batch and row counts by status.

  • Queue Depth — unrouted row counts, data-gap counts, and oldest and newest unrouted row timestamps per channel.

  • Database Connection Pool — active, idle, and waiting connection counts and pool utilization.

  • Nodes — pull and push operation counts and elapsed times; registration, load, rejection, and disable counts.

  • Purge — row counts purged from the data, data event, and batch history tables.

  • Triggers — database trigger create, rebuild, and remove counts.

Metrics are published via the OpenTelemetry API under the scope symmetricds and are used to power the Analytics reports in SymmetricDS Pro.

Container Mode

SymmetricDS 3.18 adds first-class container support via the bin/sym --container command. This mode runs SymmetricDS as PID 1 inside the container, enabling proper signal handling and graceful shutdown behavior expected by container orchestrators.

Two HTTP health endpoints are available for container orchestrators:

/health/liveliness — returns HTTP 200 with the following body when SymmetricDS is running:

{
  "status": "UP"
}

/health/readiness — returns per-engine readiness status. When all engines are ready, it returns HTTP 200; when any engine is not ready, it returns HTTP 503:

{
  "engine_details": [
    {"engine_name": "corp-000", "status": "READY"}
  ],
  "status": "READY"
}

Tables

The following changes were made to the definition of configuration and runtime tables. Table changes are applied to the database automatically using data definition language (DDL) during startup.

New Tables

Table Name Description

sym_metric_key

Metric header - a dimension table that maps a compact surrogate key to a metric time-series identity (metric ID, hostname, engine name).

sym_metric_context

Dimension table mapping a surrogate context_id to a set of up to three metric attribute name/value pairs.

sym_metric_stats_float64

Fact table for floating-point observations aggregated across a time window (per metric). Statistics are time-weighted using a step-function model.

sym_metric_stats_int64

Fact table for integer observations aggregated across a time window (per metric). Statistics are time-weighted using a step-function model. Integer variant: min, max, avg, mean are BIGINT.

sym_analytics_report (Pro)

Report data generated by the Refresh Analytics job for the web console’s Analytics tab

New Columns

SYM_CONSOLE_TABLE_STATS (Pro)
Column Name Description

is_system_table

Whether or not this row contains statistics for a system table.
SYM_JOB
Column Name Description

implementation

Fully-qualified class name of a built-in job to extend. When set, takes precedence over job_type and job_expression. Only com.jumpmind.symmetric.job.DataRefreshJob is currently supported (Pro only).
SYM_NODE_HOST
Column Name Description

security_mode

The security mode of the runtime environment. 'standard' indicates a JDK is available; 'restricted' indicates a JRE-only environment where Java compilation features are unavailable.
SYM_TRIGGER_ROUTER
Column Name Description

data_refresh_job_name

The name of the data refresh job assigned to this trigger router. Usually for tables where typical trigger, log, or time-based capture is not available. The value 'CDC' (default) indicates the table uses change data capture and is ignored by all data refresh jobs.

Modified Tables

SYM_CHANNEL

  • queue size changed from 25 to 128

SYM_EXTRACT_REQUEST

  • Added index idx_er_nd_ld_src_sb (node_id, load_id, source_node_id, start_batch_id)

SYM_MONITOR_EVENT (Pro)

  • host_name size changed from 60 to 255

SYM_NODE_COMMUNICATION

  • queue size changed from 25 to 128

Parameters

The following changes were made to add new parameters, modify their default value, modify their description, or remove them from use.

New Parameters

analytics.report.time.zone (Pro)

The time zone used to group analytics report data by date. Accepts IANA zone IDs (e.g., UTC, America/New_York) or GMT offsets (e.g., GMT+05:30). When blank, defaults to the JVM time zone (user.timezone). Note: database timestamp columns carry no time zone info. JDBC interprets them using user.timezone to produce Java Date values (epoch millis). If the database server’s time zone differs from user.timezone, date boundaries may be misaligned regardless of this setting. (Default: )

cluster.instance.uuid

Set this to seed the instance.uuid file with a specific template value on startup. Useful in containerized environments where a stable unique identity must be assigned per node without modifying the image. Value will be marked with 0xCCCC to indicate that a constant seed was used. Equivalent environment variable: SYM_CLUSTER_INSTANCE_UUID (Default: )

cluster.jcs.port

TCP port used by Apache JCS lateral cache for cluster peer-to-peer communication. All nodes in the cluster must use the same port. Each node sends a heartbeat to its peers at the interval defined by cluster.peer.heartbeat.ms. If a peer misses three consecutive heartbeats, its database locks are cleared automatically. Security note: JCS lateral TCP communication is not encrypted or authenticated. Messages are plain serialized Java objects sent over raw TCP. Cluster nodes must be deployed on a private, firewalled network. This port should not be exposed to untrusted hosts, as a rogue node could spoof heartbeats to clear locks or trigger a duplicate-instance shutdown. (Default: 1101)

cluster.keystore.seed

Base64-encoded 256-bit AES key to seed the sym.secret keystore entry on first startup. All cluster nodes must share the same value so that encrypted values stored in the database can be decrypted by any node. Equivalent environment variable: SYM_CLUSTER_KEYSTORE_SEED (Default: )

cluster.peer.heartbeat.ms

Interval in milliseconds between heartbeat messages sent to cluster peers via JCS lateral cache. Shorter values detect crashes faster but increase network traffic. (Default: 3000)

cluster.peer.stale.ms

Age in milliseconds after which a peer’s last heartbeat is considered stale and the peer is treated as crashed. Must be greater than cluster.peer.heartbeat.ms to allow at least one missed heartbeat before declaring a peer dead. Default is 9 seconds (three missed heartbeats at the default 3-second interval). (Default: 9000)

container.mode.enable

Set to true automatically when SymmetricDS is launched with --container. (Default: false)

extension.use.legacy.interface.enabled

Whether to use legacy extension interfaces (IReloadVariableFilter, IExtractDataFilter, ITableResolver) that accept Table instead of the newer interfaces that accept Relation. (Default: false)

force.bulk.write.with.on.delete.cascade (Pro)

Force the MySQL and MariaDB bulk writers to use bulk mode, even when the table is a parent in a foreign key relationship, and the delete is set up with CASCADE ON DELETE (Default: false)

job.purge.metric.stats.cron

This is when the purge metric stats job will run. (Default: 0 0 0 * * *)

job.refresh.analytics.cron (Pro)

This is when the Refresh Analytics job will run. (Default: 0 0 */6 * * *)

job.refresh.backlog.report.period.time.ms

This is how often the refresh backlog report job will run. (Default: 900000)

log.cache.entries.max (Pro)

Maximum number of recent log entries retained in memory for the Manage Logging screen. (Default: 1000)

log.miner.capture.user (Pro)

While mining the log capture the user attached to the transaction in the log and write to sym_data.external_data for downstream processing. Supported by AS/400 log miner. (Default: false)

purge.metric.stats.retention.minutes

This is the retention for how long metric interval statistics will be kept in the metric_stats_float64 and metric_stats_int64 tables. Orphaned metric_context rows are also removed. Note that data will be purged only if the purge metric stats job is enabled. The minimum value is 10,080 minutes (one week). (Default: 525600)

start.purge.metric.stats.job

Whether the purge metric stats job is enabled for this node. (Default: true)

start.refresh.analytics.job (Pro)

Whether the Refresh Analytics job is enabled for this node. (Default: true)

start.refresh.backlog.report.job

Whether the refresh backlog report job is enabled for this node. (Default: true)

Modified Parameters

purge.stats.retention.minutes

This is the retention for how long statistic data will be kept in the symmetric stats tables. Note that data will be purged only if the statistics flush job is enabled. The minimum value is 10,080 minutes (one week). (Old Default: 14400) (New Default: 21600)

purge.trigger.hist.retention.minutes

This is the retention time for how long an inactive table capture history will be retained. Inactive table capture histories will only be purged if they’re older than the earliest create_time in the data table and they don’t have a build reason of N. (Old Default: 86400) (New Default: 525600)