After upgrading to Splunk 5.0.3, upon startup, I noticed the following messages:
Undocumented key used in transforms.conf; stanza='syslogout' setting='DEST_KEY' key='_SYSLOG_ROUTING'
Please resolve these problems by correcting typos in key names, or by adding them to [accepted_keys] in transforms.conf if they are intended.
All preliminary checks passed.
I do have _SYSLOG_ROUTING setup in my transforms.conf as per splunk online doc for syslog out: