Better Snare compatibility and enhanced regular expressions in 2.8.1248

The latest release of NXLog log management tools brings several bug fixes and enhancements such as better Snare compatibility and various regular expression modifiers.
The full changelog is listed below:

The rename_field() procedure was removing the field if the source and destination were the same.
The regexp and regexp replacement operators can now be used as statements, i.e. Exec $Message =~ s/aaa/bbb/;
Regular expressions now support the /m modifier to do multiline matching.
Regular expressions now support the /i modifier to do caseless matching.
Regular expressions now support the /s modifier to make the '.' match newline characters.
Fixed a regression introduced with the ActiveFiles directive in im_file when more than one truncation
did not get noticed. (ticket #40@sf) Credits go to 'savionat'.
Implemented missing parser support for IPv4 literals.
Added a host_ip() function to return the IP address associated with the hostname.
Using exec_async() could have exhausted the memory if it was called at a very high rate.
om_udp would stop sending messages in some cases after logging "apr_socket_send failed;Connection refused",
e.g. when graylog2 was not accepting udp packets. It should properly resume now.
The to_syslog_snare() formatter should now produce better snare compliant output.
Replace space, ']' and '"' with underscore in IETF syslog structured data field names.
Context cleaning would result in a segfault in pm_evcorr's thresholded rule if there was no triggering.
im_tcp and im_ssl on windows is not limited to 500 connections anymore.
Non-wildcarded File contents would get lost with ReadFromLast FALSE when the file did not exist
but did appear with unread data.
im_file does not emit "input file does not exist" warnings at every PollInterval.
The file_name() function caused assertion failures in some cases on shutdown.
A regression caused a crash with im_file when the File did not exist.
A typo in the code was causing a memory leak with rename_field().

Share this post