The latest release of NXLog log management tools brings several bug fixes and enhancements such as better Snare compatibility and various regular expression modifiers.
The full changelog is listed below:
The rename_field() procedure was removing the field if the source and destination were the same.
The regexp and regexp replacement operators can now be used as statements, i.e. Exec $Message =~ s/aaa/bbb/;
Regular expressions now support the /m modifier to do multiline matching.
Regular expressions now support the /i modifier to do caseless matching.
Regular expressions now support the /s modifier to make the '.' match newline characters.
Fixed a regression introduced with the ActiveFiles directive in im_file when more than one truncation
did not get noticed. (ticket #40@sf) Credits go to 'savionat'.
Implemented missing parser support for IPv4 literals.
Added a host_ip() function to return the IP address associated with the hostname.
Using exec_async() could have exhausted the memory if it was called at a very high rate.
om_udp would stop sending messages in some cases after logging "apr_socket_send failed;Connection refused",
e.g. when graylog2 was not accepting udp packets. It should properly resume now.
The to_syslog_snare() formatter should now produce better snare compliant output.
Replace space, ']' and '"' with underscore in IETF syslog structured data field names.
Context cleaning would result in a segfault in pm_evcorr's thresholded rule if there was no triggering.
im_tcp and im_ssl on windows is not limited to 500 connections anymore.
Non-wildcarded File contents would get lost with ReadFromLast FALSE when the file did not exist
but did appear with unread data.
im_file does not emit "input file does not exist" warnings at every PollInterval.
The file_name() function caused assertion failures in some cases on shutdown.
A regression caused a crash with im_file when the File did not exist.
A typo in the code was causing a memory leak with rename_field().