After upgrading to Splunk 5.0.3, upon startup, I noticed the following messages:
Undocumented key used in transforms.conf; stanza='syslogout' setting='DESTKEY' key='SYSLOGROUTING'
Please resolve these problems by correcting typos in key names, or by adding them to [acceptedkeys] in transforms.conf if they are intended.
All preliminary checks passed.
I do have SYSLOGROUTING setup in my transforms.conf as per splunk online doc for syslog out: