Softpedia >Linux >Internet >Log Analyzers >NXlog Enterprise Edition >  Changelog

NXlog Enterprise Edition Changelog

What's new in NXlog Enterprise Edition 2.8.1248

Dec 19, 2014
  • The rename_field() procedure was removing the field if the source and destination were the same.
  • The regexp and regexp replacement operators can now be used as statements, i.e. Exec $Message =~ s/aaa/bbb/;
  • Regular expressions now support the /m modifier to do multiline matching.
  • Regular expressions now support the /i modifier to do caseless matching.
  • Regular expressions now support the /s modifier to make the '.' match newline characters.
  • Fixed a regression introduced with the ActiveFiles directive in im_file when more than one truncation
  • did not get noticed. (ticket #40@sf) Credits go to 'savionat'.
  • Implemented missing parser support for IPv4 literals.
  • Added a host_ip() function to return the IP address associated with the hostname.
  • Using exec_async() could have exhausted the memory if it was called at a very high rate.
  • om_udp would stop sending messages in some cases after logging "apr_socket_send failed;Connection refused",
  • e.g. when graylog2 was not accepting udp packets. It should properly resume now.
  • The to_syslog_snare() formatter should now produce better snare compliant output.
  • Replace space, ']' and '"' with underscore in IETF syslog structured data field names.
  • Context cleaning would result in a segfault in pm_evcorr's thresholded rule if there was no triggering.
  • im_tcp and im_ssl on windows is not limited to 500 connections anymore.
  • Non-wildcarded File contents would get lost with ReadFromLast FALSE when the file did not exist
  • but did appear with unread data.
  • im_file does not emit "input file does not exist" warnings at every PollInterval.
  • The file_name() function caused assertion failures in some cases on shutdown.
  • A regression caused a crash with im_file when the File did not exist.
  • A typo in the code was causing a memory leak with rename_field().

New in NXlog Enterprise Edition 2.7.1189 (Feb 5, 2014)

  • The LICENSE has changed.
  • Added a new extension module to parse binary wtmp files on Linux.
  • Fixed a regression causing a crash after the 'failed to determine FQDN hostname' error message.
  • The to_syslog_*() procedures can now use $raw_event if $Message is unset to make it easier to convert to syslog.
  • Added a fix to im_msvistalog to handle the "EvtNext failed with error 13: The data is invalid." error better.
  • The im_file module now emits the last event when using with the xm_multiline extension.
  • Fixed the issue with more than 20 fiels and xm_multiline reported in ticket #33.
  • Json parse errors in raw_event could cause a double free resulting in a crash or undefined behavior.
  • It is now possible to use multiple instances of xm_perl.
  • Disallow using a single processor module instance in multiple routes.
  • The file_chown() procedure in xm_fileop works with user/group names in addtion to uid/gid values.
  • CloseWhenIdle directive for im_file.
  • File removal in some circumstances caused im_file to emit "input file does not exist" messages on windows.
  • In same rare cases im_file would give a panic on windows with "im_file got EAGAIN for read".
  • The regexp replacement operator s/// was leaking memory.
  • In some circumstances excess CPU was used when im_file watched several files.
  • Added some more performance optimizations to im_file to handle a large number of wildcarded files
  • so that it should consume less resources than before. It also comes with a new DirCheckInterval and
  • an ActiveFiles directive which can help in some cases when monitoring wildcarded files.
  • Added a RenameCheck directive to im_file which should help detecting renamed/rotated files.
  • The deb installer got stuck after trying to (re)start the daemon.