NXLog Enterprise Edition version 5.0 Release Announcement

Release announcement

We are happy to announce NXLog Enterprise Edition v5.0.

This is a new major release that lays the foundation of improvements for the near future. We worked on hundreds of issues, features and changes.

Some of the highlights follow:

  • Core event processing changes enable us to reach up to 40% higher event throughput
  • Support for directly collecting systemd journal
  • Support for collecting from named pipes
  • Support for passive network monitoring
  • Improved and simplified flow control implementation
  • Improved IP version 6 support
  • Support for resolving SID and GUID values on Windows
  • Support for resolving numeric ids in Linux audit logs

You can grab the packages from Downloads. Installation and upgrade instructions are available in the User Guide under the Deployment section for your platform/s.

If you want to read the summary of the features check this article.

See the changelog below.

Changelog

* 2020-06-17 5.0.XX
   [2575] Updated Windows installer to properly migrate config files on upgrade
   [340] Fixed an error causing statistical counters showing undef before the end of the first interval
   [2430] Fixed an error in im_wseventing causing repeated tls handshakes
   [2137] Unified network module config syntax
   [2544] Implemented file rotation on open for xm_zlib
   [2453] fixed an error where getfile() failed when xm_admin was loaded via xm_soapadmin symlink
   [2514] Added redirection for changed config file names to xm_admin
   [2537] Fixed *m_pipe pipe permission issues
   [2441] Updated librdkafka dependency to 1.4.2 in generic builds
   [2371] Added modbus protocol parser to im_pcap
   [849] Added function to chain multiple types in OutputType or InputType directives
   [591] implemented file_hash() in xm_fileop
   [2381] Fixed segfault on shutdown
   [1566] Added support for TLSv3
   [2419] Fixed an issue limiting om_kafka performance
   [2375] Fixed im_pcap to properly handle multiple protocol capture
   [2156] Added logic to xm_rewrite for detecting and handling infinite recursion 
   [2403] Implemented logic to create registry entries on first start on Windows Nano
   [477] Re-added Reconnect and ReconnectInterval directives
   [2387] Fixed error causing nxlog refusing to stop on Windows
   [2421] Fixed handling of path beginning with \ for LogFile directive on Windows 
   [2402] Re-added LogConnections directive to im_wseventing
   [2415] Fixed im_ssl segmentation fault on Windows
   [2404] Added parsing for quoted string values in im pcap's Filter directive
   [630] Implemented encryption and decryption support in xm_crypto
   [19] Implemented compression and decompression module xm_zlib
   [2284] Fixed an issue in im_msvistalog causing EventData/ContextInfo field to be ignored
   [2323] Improved parsing for double quoted strings in im_linuxaudit
   [2384] Fixed null characters showing up in internal log during high load
   [2067] Moved log4ensics.conf to managed.conf
   [2044] Refactored SSL/TLS common code
   [2299] Implemented ReusePort for im_tcp and im_udp
   [2354] Implemented is_scanning() function in im_fim
   [2385] Implemented parsing for quoted value in PatternFile directive
   [2359] Fixed incorrect EventTime field in im_pcap
   [2365] Fixed incorrect escape sequence error in om_raijin
   [2378] Fixed a runtime fault during loading xm_leef on Windows 2016 Datacenter
   [2320] Fixed assersion error at line 797 in syslog.c/logdata_linebreaks_replace() in xm_syslog
   [2358] Implemented capability handling in im_pcap
   [2370] Fixed assertion error at line 68 in coremodule.c/nx_coremodule_dropped_records_log()
   [2343] Updated networking code to support new libapr function apr_sockaddr_info_copy()
   [2362] Fixed an issue where parse_syslog() was adding bogus EventTime field to invalid events
   [2352] Fixed error causing im_pcap to return empty raw_event field
   [2221] Fixed runaway CPU usage issue with om_http
   [1141] Moved from xm_soapadmin to xm_admin
   [1704] Fixed bogus warning about thread count
   [865] Added logging for dropped events when flow control is false 
   [2349] Fixed crash bug in TCP and UDP modules
   [2001] Added max queue size reporting ability to xm_admin
   [1470] Fixed a segfault in Java modules caused by trying to add non-existent file to ClassPath
   [2326] Implemented increasing reconnect delay in xm_admin
   [2342] Fixed error causing the configuration parser to refuse / as path separator on Windows
   [1827] Added logging of IP address in addition to DNS names to network modules
   [2327] Fixed an error causing im tcp refusing IPv6 any host address "::" as invalid.
   [2300] Fixed an error in om_tcp causing constant repeated reconnects
   [2078] Fixed memory leak in failover code
   [2256] Changed networking modules to log client address in error messages
   [1194] Changed default configuration to use etc/nxlog.d as config include directory
   [2276] Fixed error causing config parser to ignore empty lines when calculating position in config files
   [2257] Unified nxlog_exit() in main-unix.c and main-win32.c
   [1875] Implemented id resolution in im_linuxaudit
   [1521] Refactored network stack
   [2145] Fixed om_batchcompress LocalPort parsing error when combined with Host destination:port format
   [2230] Fixed an error causing the first execution of a Schedule block to occur 4:25m runtime and showing 0 counter value
   [1903] Removed support for kafka modules on AIX as librdkafka lost upstream support on that platform
   [2263] Fixed an error causing config validation to throw an error instead of a warning when no routes are defined
   [2130] Fixed a potential stack corruption issue in nx_module_pollset_poll
   [2245] Fix error causing empty $raw_message field with im_bsm
   [1703] Disabled python modules on AIX
   [2110] Refactored the per TCP connection pool usage in modules
   [2233] Fixed an error causing panic on shutdown
   [2205] Fixed an error in im_msvistalog causing "[error code: 0] no error" being reported
   [1992] Updated snmp library in xm_snmp
   [2043] Refactored connect/reconnect code
   [774] Fixed escaping with regards to Windows paths
   [1913] Renamed nx_logdata_t to nx_record_t to align with move to internal batch processing
   [1957] Fixed a segmentation fault in xm_admin triggered by expired server certificate
   [2248] Implemented support for per URI path batching in om_http
   [2239] Fixed error snappy compression not available in Windows package
   [2244] Implemented multiline batch mode in om_http and im_http
   [1999] Fixed memory leak in pm_norepeat
   [1528] Refactored netflow code
   [2142] Fixed an error in parse_syslog causing Hostname and EventTime fields to remain empty when hostname contains numbers
   [1297] FlowControl now drops oldest record first
   [2174] Fixed an error sometimes causing messages to be logged with the wrong context when SuppressRepeatingLogs TRUE 
   [1286] Fixed an error where ASCII NULL characters showed up in nxlog.log with SuppressRepeatingLogs TRUE
   [2237] Disabled im_pcap module on FreeBSD
   [2092] Fixed memory leak in om_http
   [2187] Fixed a parsing error in im_bsm producing empty event records
   [1308] Added support for all uppercase module names like IM_NULL in addition to literal name im_null
   [2186] Fixed im_aixaudit hang
   [354] Fixed an error where \ at a comment line's end turned the following uncommented line into a comment
   [2083] Fixed memory leak in nx_module_stop_self()
   [2146] Fixed an error causing LocalPort to become ineffective in om_udpspoof
   [2155] Added error message when LocalPort is used in Listen mode for om_tcp
   [1923] Implemented retry logic with backoff for apr_file_open() errorsin im_kernel variants
   [2139] Cleaned up leftover reconnect code in om_http
   [1987] Fixed memory leak in xm_filelist
   [1985] Fixed memory leak in xm_asl
   [2149] Fixed various inconsistencies in the FlowControl implementation
   [2168] Fixed an error in xm_leef (LEEFHeader directive) causing processing to stop
   [1469] Added support for redis pub/sub communication
   [2084] Added support for read-only system volume to macOS installer
   [1657] Added support for retrieving certificates using their thumbprints from Windows certificate store
   [1917] Fixed an error causing the Windows executable to refuse config check (-c) without running in foreground (-f)
   [2108] Fixed an error causing add_http_header() to fail after xm_rewrite call
   [2080] Fixed a memory leak in the config cache code
   [1207] Fixed consistency problems when handling duplicated audit rules in im_linuxaudit
   [1506] Added internal queue for im_internal
   [1933] Implemented common parser function for SSL configuration options
   [2129] Fixed an error causing nxlog configuration check to accept configuration with only an output module
   [2106] Fixed segmentation fault in nxlog_version()
   [2134] Fixed an error causing im_odbc to lose last read position in table
   [1994] Fixed an SSL related memory leak in im_http
   [2081] Fixed a memory leak in xm_kvp
   [1988] Fixed a memory leak in xm_fileop
   [2078] Fixed memory leak in the failover code
   [2066] Added field prefix support to avoid field name collisions to parse_kvp() to xm_kvp
   [2125] Fixed an error in om_udp causing high CPU usage 
   [2090] Fixed a segmentation fault in xm_json's escape_json() function
   [2084] Fixed an error causing om_udp not to fail over despite receiving port unreachable
   [2085] Fixed an error causing om_http to fail with empty path (Eg. "URL http://server:8080")
   [2068] Fixed an error preventing nxlog from starting in docker if im_internal is used
   [1909] Fixed nxlog startup to make sure event processing does not start before all modules are initialized
   [2086] Fixed memory leak in im_ssl with low open file limit
   [1724] Added the ability to preserve original SID and GUID values when resolving to im_msvistalog
   [2076] Fixed an error in xm_leef resulting in sporadic parsing issues under high event load
   [1975] Fixed debug log parsing error in xm_msdns 
   [2000] Fixed memory leaks found by valgrind in pm_pattern
   [1990] Fixed memory leaks found by valgrind in xm_pattern
   [1955] Fixed an issue causing nxlog.log being removed, but not recreated on rotation
   [2037] Fixed issue where NULL characters truncated the response to getLog getFile or serverInfo requests
   [28] Added option TCPNoDelay to om_ssl and om_tcp
   [2025] Added ReadTimeout for nxlog-processor to exit the process when its inputs have no more data
   [2046] Fixed inconsistencies in xm_leef leading to parsing errors when delimiter is not TAB 
   [1986] Fixed a memory leak found by valgrind in xm_charconv
   [2056] Fixed a bug causing crashes in nxlog-processor when ActiveFiles > 1300 and LogLevel debug
   [1997] Fixed a memory leak found by valgrind in pm_evcorr
   [1597] Fixed various thread safety issues discovered by valgrind
   [2040] Modified the default value of IncludeHiddenFields to TRUE in all applicable extension modules
   [2013] Fixed an error causing slow TLS negotiation in im_batchcompress
   [1641] Fixed an error causing paused modules to reject connection attempts
   [987] Deprecated obsolete im_wmi module
   [1650] Deprecated experimental xm_stdinpw module
   [2008] Fixed uninitialized bytes error found by valgrind
   [2027] Fixed an error mapping from "$SeverityValue" to "sev" in xm_leef/to_leef()
   [2009] Fixed an error preventing failover in case of name resolution errors
   [2038] Added support for Amazon Linux on ARM64 (packaging)
   [2005] Added the ability to detect LEEF events with missing fields to parse_leef()
   [2018] Added the ability to detect missing timestamp or hostname LEEF events to parse_leef()
   [1761] Added feature to return value from xm_exec
   [1976] Fixed an error preventing xm_msdns from parsing flag codes from PACKET events
   [1571] Fixed malformed SSL error log when PEM file is missing on SLES15 
   [1915] Added BatchFlushInterval directive
   [1550] Implemented batch processing architecture
   [2047] Fixed librdkafka compilation error in librdkafka with OpenSSL 1.0.2s on Windows
   [1951] Fixed an issue where "Include nxlog.d/*.conf" was not loading files in alphabetical order
   [2042] Fixed missing separator in xm_leef output
   [2033] Fixed error causing upgrades from nxsec package to nxlog package to ignore existing agent configuration
   [1949] Added IncludeHiddenFields to enable to_json() in xm_json to handle field names starting with . or _ 
   [1891] Added support for multiple File directives to im_msvistalog
   [1826] Added better support for PersistLogqueue to om_kafka
   [1926] Added support for librdkafka 1.1.0 on Windows
   [1531] Fixed error handling for "resource temporarily unavailable" errors thrown by the OS
   [2003] Fixed om_kafka to handle the lack of support for security.protocol in librdkafka 0.8.x
   [1927] Added AddHeader directive to om_elasticsearch for sending various http headers like Authorization
   [1970] Added parse_windows_eventlog_xml() to xm_xml for parsing Window XML Eventdata
   [2016] Disabled im_pcap on OpenBSD
   [2002] Fixed segmentation fault in om_elasticsearch caused by the introduction of failover functionality
   [821] Added im_pcap for capturing network traffic
   [1869] Package nxlog for RHEL 8
   [1867] Fixed om_kafka error causing the last queued event to be duplicated on restart
   [1947] Packaged nxlog for Debian 10
   [1788] Added support for kerberos/sasl to om_kafka in Windows and generic packages
   [1930] Fixed an error causing neither om_http or im_http starting SSL handshake and waiting indefinitely after connecting 
   [28] Added TCP_NODELAY socket option to om_ssl and om_tcp
   [1954] Fixed regression causing nxlog started message being omitted from im_internal's log
   [1899] Fixed an error causing a segmentation fault in CTRL-C handler when im_internal is in use
   [1948] Modified xm_cef to validate CEFSeverity field, extension field keys according to current specification
   [1434] Fixed SSL modules to conform to documented SSLProtocol behaviour
   [1836] Added command line switch to suppress logging to standard output
   [1894] Added functionality to nx_value_from_string() for detecting int64 overflow and converting data to string
   [1219] Removed deprecated im_oci and om_oci modules
   [1896] Refactored widetoutf8() from individual modules to common core
   [1907] Added separate packaging of Java modules to OS specific packages
   [1882] Added AllowUntrusted to SSL modules to allow connections with expired certificates
   [1928] Fixed use-after-free error in im_msvistalog causing crashes
   [1722] Fixed error in im_dbi that caused the raw_event field to remain empty
   [1921] Fixed a buffer handling error causing im_batchcompress to get stuck in a loop
   [1437] Changed default SSL Protocol version value to TLSv1.2 only
   [1925] Fixed xm_cef to follow up the upstream type change of externalID field from integer to string
   [1782] Added functions for selectively resolving SID and GUID values to xm_resolver
   [1633] Added support for Windows Certificate store to all SSL enabled modules
   [1905] Fixed multiple race conditions in xm_grok
   [586] Added function get_registryvalue() for querying registry entries to nxlog language on Widnows
   [1872] Fixed an type detection and conversion error in to_json() in xm_json
   [1776] Added DetectNumericValues to parse_kvp() to identify integers
   [1194] Changed log4ensics.conf location to conf.d
   [435] Added multipart batch mode to http modules
   [252] Added support for output module failover
   [1886] Fixed an issue causing nxlog to stop shipping logs with PersistLogqueue 
   [1864] Moved json related code into common code
   [1877] Fixed startup crash in chroot environment
   [1721] Add CreateDir directive to pm_buffer
   [1876] Fixed error in im_msvistalog causing failed authentications for the service user used by nxlog
   [1783] Added support for signed binary macOS packages
   [1860] Fixed an error causing message "not enough data to decode serialized binary buffer" to be printed
   [971] Fixed logging issue causing xm_soapadmin and xm_admin to log spurious errors and warnings
   [1852] Fixed error causing assertion failure while loading invalid python script
   [1009] Added module om_raijin for sending data to Raijin the schemaless database
   [1447] Added custom labels to xm_soapadmin and xm_admin to support storing arbitrary strings
   [1848] Removed libnxfilepath
   [1832] Fixed an error SpoolDir and CacheDir directive handling that was causing relative paths to fail
   [1809] Fixed error causing xm_admin to log sever_info calls only in debug logs
   [1724] Added support for storing resolved SID/GUID values in separate fields to im_msvistalog
   [737] Added support for specifying LogLevel at the level of modules
   [1553] Improved startup time with large number of queue files
   [1358] Added INSTALLDIR variable to default nxlog.conf
   [1871] Fixed error causing om_kafka to randomly stop polling for new events
   [1845] Fixed parsing error with empty fields in parse_cef() in xm_cef
   [1803] Added sha1sum, md5sum, sha512sum, base64encode and base64decode to nxlog's internal language
   [1470] Added java input ouput and extension modules
   [1815] Added support for Severity string to parse_cef() in xm_cef
   [1748] Added support for millisecond resolution parsing of "start" field to xm_cef
   [1269] Fixed error causing om_kafka to connect even if it is not used by any route
   [775] Added go input ouput and extension modules
   [1835] Fixed segmentation fault with Threads set to 2
   [1847] Fixed several errors in xm_cef
   [1838] Fixed crash while accessing file via UNC path in im_file
   [1830] Fixed compatibility issue with librdkafka 1.0.0 in om_kafka
   [1829] Fixed compatibility issue with librdkafka 0.8.3 in om_kafka
   [1807] Fixed segmentation fault om nx_module_input_func_linereader_clean
   [618] Added support for RenderingInfo element to im_msvistalog
   [1728] Added STATIC_ASSERT() to enable compile time assertion checks
   [1758] Added Level, MatchAnyKeyword and MatchAllKeyword directive to im_etw replacing hardcoded values
   [1213] Added INFO message reporting successful reconnect to om_udp
   [1822] Added support for "Flags" field to im_etw
   [534] Added IPADDR data type replacing and unifying IP4ADDR and IP6ADDR data types
   [1819] Fixed an issue where xm_soapadmin gets stuck in a loop
   [1810] Fixed data corruption in parse_cef() when multiple module instances are using it
   [1823] Fixed memory leak in im_dbi with PostgreSQL
   [1831] Fixed segmentation fault in om_kafka seen when the process is interrupted with CTRL-C just after startup
   [1789] Fixed error in im_wseventing where raw_event field was left empty
   [1798] Fixed im_internal crash caused by running division by 0 in Exec
   [1272] Fixed om_kafka issue where the module was reading data from route even when it was not connected to Kafka
   [1755] Fixed error handling in xm_soapadmin where it did not send a SOAP fault for local configuration issues
   [1744] Added AllowInvalidCounters for im_winperfcount to enable module startup when invalid counters are referenced
   [1361] Fixed om_kafka error printing duplicate error messages for incorrect properties in Options
   [1423] Fixed om_kafka related crash caused by librdkafka 0.9.4 
   [1812] Fixed "unknown publisher" error in signed Windows MSI installers
   [1796] Fixed duplicate debug message in xm_msdns
   [1797] Fixed parsing error of 12:00:00 PM in xm_msdns 
   [1591] Fixed multiple issues with event type and severity assignment in im_wseventing
   [1618] Fixed issue in xm_multiline where "/s" regez modifier in HeaderLine was causing a syntax error
   [1507] Added module and instance names to internal log entries
   [1764] Added missing LOG::NXLog perl module to Windows packages
   [1765] Fixed im_bsm parsing issues on macOS
   [1757] Added compression support to openssl on Windows
   [1282] Added logic to pm_buffer clean up queue files after events have been sent 
   [474] Fixed a memory leak in om_elasticsearch
   [1733] Fixed race condition in configcache triggered by multiple instances of im_msvistalog
   [1762] Fixed a segmentation fault caused by sending malformed json in request to "getLog" in xm_admin
   [1767] Fixed test failures caused by pcre2 update
   [684] Added im_systemd to collect from systemd journal
   [1253] Added Call directive to *m_perl and *m_python modules
   [1664] Set default value for SpoolDir on Windows 
   [1691] Added support for "Microsoft-Windows-IIS-FTP" event provider
   [1150] Fixed im_acct to use CamelCase field names
   [1558] Updated Windows packages to OpenSSL 1.1.1a
   [1740] Added support for dynamic fields names to Windows XML event parser
   [1700] Added CreateDir support to im_uds
   [1296] Cleaned out deprecated GetProcAddress usage from various modules on Windows
   [203] Added om_pipe and im_pipe writing logs to and reading logs from named pipes on UNIX like systems
   [314] Updated Perl version shipped on Windows
   [1730] Added support for parsing second, millisecond, microsecond resolution timestamps
   [1734] Added support for seconds and milliseconds to datetime()
   [1711] Added strcasestr() for use on platforms where it is not provided
   [1735] Fixed im_linuxaudit parsing issue causing valid rules failing to load
   [1727] Fixed packaging scripts so alternative names of library files would be symlinked in generic deb packages
   [1716] Fixed xm_bsm issue caused by replacing getauevnum() with getauevnum_r() on Solaris
   [1731] Fixed an issue causing delayed event collection in im_msvistalog
   [1668] Added support for TLS compression to SSL enabled modules
   [1556] Added support for event grouping to pm_evcorr
   [1710] Fixed a hang in file_cycle during file rotation
   [1718] Fixed kafka modules disappeared from generic packages
   [1681] Modified im_msvistalog to show channel name in error messages
   [1690] Fixed issue where subscription errors would throw an ERROR despite TolerateQueryErrors being true
   [636] Refactored xm_syslog's xm_syslog_input_func_rfc5425
   [1699] Fix FlowControl error
   [645] Added support for parsing XML in UserData and EventData fields to im_msvistalog
   [645] Added support for creating prefixed copies of EventData and UserData fields to im_msvistalog
   [1708] Updated AIX packages to openSSL 1.1.x, pcre2
   [1324] Migrated from pcre to pcre2 on Debian, Ubuntu, FreeBSD, OpenBSD, MacOS, Solaris
   [1590] Fixed xm_bsm breakage on macOS 10.14 (Mojave)
   [1393] Added ResolveGUID directive for im_msvistalog
   [1702] Fixed "xm_soapadmin_free_input" error in xm_soapadmin
   [1476] Added support for verbose audit output to xm_aixaudit on AIX
   [1661] Updated SLES12, SLES15, FreeBSD, OpenBSD, MacOS, Solaris packages for OpenSSL 1.1
   [1669] Fixed libapr dependency issue in generic RPM packages
   [MR1136] Started using libssl package instead of libssl1.0 for building deb packages
   [1688] Fixed an error causing General Protection Failure on shutdown
   [1685] Fixed memory leak and misuse of log_info() for debug output
   [1644] Fixed segmentation fault on exit on Windows
   [1683] Fixed memory leak in im_fim
   [868] Added the ability to pass arguments to perl module function calls
   [1413] Added support for different timestamp formats supported by xm_msdns
   [1670] Fixed regression where the module om_http did not call om_http_erase_hdrflds on module stop
   [MR1111] Fixed NXLog Manager address handling in Docker containers
   [1665] Refactored pointer usage
   [1645] Fixed encoding error when loading Ruby gems
   [1587] Updated FreeBSD and OpenBSD installers to deploy nxlog.conf instead of nxlog.conf.sample
   [590] Added IPv6 support
   [1260] Fixed an error where Exec after RubyCode would lost events
   [904] Fixed issues found during fuzz testing of veriour parser functions
   [1420] Changed the handling of the Hostname field to accept IPAddress in addition to host name as a string
   [1258] Fixed RubyCode relative path parsing
   [1254] om_ruby now requires RubyCode directive
   [1604] Fixed memory leak in im_file
   [1650] Deprecated xm_stdinpw
   [1219] Deprecated *m_oci
   [1271] Fixed crash when running multiple im_perl instances
   [1310] Added support for collecting raw XML to im_msvistalog
   [886] Set the default configuration file location to INSTALLDIR on Windows
   [1396] Fixed om_python crash on NULL value
   [1616] Fixed im_wseventing to collect events produced while nxlog was not running
   [1371] Fixed xm_charconv assertion errors on malformed UTF-16LE file
   [1151] Added support for Severity and SeverityValue fields to im_acct
   [1257] Disabled invalid methods for ruby modules
   [1623] Added locking to xm_fileop to prevent race condition when multiple directives refer to the same file
   [1440] Fixed errors found during fuzz testing parse_nps
   [1263] Dropped Module instance from required om_ruby arguments as it was unused
   [1428] Fixed errors found during fuzz testing parse_leef
   [1441] Fixed errors found during fuzz testing parse_xml and parse_multiline 
   [1085] Fixed om_webhdfs timeout and x509 
   [606] Added wildcard support for the File directive to im_msvistalog
   [596] im_msvistalog now detects file changes and reopens them when it is set to read from File
   [650] Added support for resolving SID values in XML Userdata in im_msvistalog
   [666] Added the ability to set "_id" in om_elasticsearch
   [1490] Make im_fim insensitive to case-only file name changes on Windows
   [1505] Log "NXLog started" event through im_internal
   [1466] Fixed errors found while fuzz testing xm_bsm
   [1464] Fixed error handling to prevent division by zero from crashing NXLog
   [1452] Suppressed DNS lookup failures in xm_resolver
   [1520] Fix xm_gelf interoperability with im_file
   [1518] Added proxy support to om_http and om_elasticsearch
   [1535] Clean up connection code in networked modules
   [1578] Fix xm_netflow error "No template definition ... cannot parse v9 packet until template definitions are refreshed"
   [1536] Follow up ProcessID change to ExecutionProcessID in to_syslog_
   [1411] xm_rewrite's empty Keep directive now throws error
   [1572] Fix busy loop in im_linuxaudit
   [1532] Fix segmentation fault on loading configuration with partial default route
   [1427] Introduce PatternFile and fix related error handling in xm_grok
   [1569] Fix om_ruby hang on exit in Valgrind
   [1586] Set default SpoolDir
   [1626] Fixed error where im_wseventing ignored HTTPSCAFile 
   [1616] Fix im_wseventing bookmark handling error
   [1611] Fixed spelling error in log message
   [1608] Fix xm_perl assertion failure
   [1298] Fixed im_wseventing stall
   [1535] Fix connection cleanup in batchcompress
   [1541] Fixed an error causing im_batchcompress to not receive full packet
   [1582] Fixed an issue causing om_elasticsearch to stop shipping logs after a while
   [1255] Added public call() procedure to xm_python
   [1190] Fixed hang when im_python calls to xm_python
   [1579] Changed im_etw Channel string to ChannelId integer
   [1425] Restrict im_bsm to reading device file
   [1584] Fixed library file location on MacOS
   [1552] Fixed failed assertion on exit in im_udp
   [1554] Fixed run user change does not work on some operating systems
   [1357] Fixed nx_date_fix_year should not set time in the future
   [1546] Fixed kerberos handling in im_wseventing
   [1370] Fixed xm_charconv BOM handling
   [1545] Fixed PdhAddEnglishCounterA() failure resulting in xm_soapadmin disconnecting
   [1187] Disabled invalid methods for python modules
   [1335] Added man pages to Unix/Linux installers
   [1549] Added backup script to Solaris package to ease "upgrade"
   [1509] Fixed xm_admin crashes in Listen mode
   [1544] Improved exit handling of im_checkpoint to prevent it becoming a zombie
   [1416] Added TCP 2514 as default port form om_batchcompress

Share this post