We are proud to announce the first minor release in the new major version of NXLog Enterprise Edition.
The release fixes a number of bugs and issues, but more importantly, we are expanding the capabilities of our new passive network monitoring module with additional protocol phrasers focusing on Indrustrial Control Systems. NXLog Enterprise Edition now supports passive network monitoring on Windows systems in addition to Linux and macOS, allowing greater visibility into what is happening on the network. Combined with the added support for industrial control protocols such as BacNet, Profinet and Modbus, the NXLog Enterprise Edition gives capabilities for hardening your security further.
- Added protocol parser for BACNET
- Improved handling of complex data in MODBUS packets
- Added protocol parser for PROFINET
- Packaged im_pcap - the passive network monitor module for Windows
- Started shipping individually signed packages on Debian
This release opens the door for exploring NXLog Enterprise's Edition's monitoring features in industrial environments.
If you have feedback, would like to see additional improvements in this area, reach out to us.
Download a fully funcional trial version of NXLog Enterprise Edition 5.1 here.
* 2020-09-18 5.1.6133  added im_pcap to Windows builds  fixed an error that left agent running after uninstall on Redhat  changed default configuration to enable NXLog Manager integration by default  add BACNET decoder to im_pcap  included patterndb.xsd to nxlog package  unified nxlog service state defaults in different Linux package flavours  added response data parsing to om_raijin  fixed segmentation fault in xm_asl  improved the handling of nested quotes in xm_kvp  im_etw was not populating hostname field  enabled dpkg package signing  fixed memory leak in nxlog_set_capabilities  fixed an error where binding to 0.0.0.0 was causing nxlog to listen on [::]  fixed python modules to set PYTHONPATH correctly  unified raw event formatting - im_fim  unified raw event formatting - im_linuxaudit  resurrected lost WSDL file for admin module  fixed assert on restart with full pm_buffer queue  fixed memory leak in xm_go and im_go  unified raw event formatting - im_pcap  unified raw event formatting - im_systemd  implemented DNP3 protocol parser in im_pcap  unified raw event formatting - im_mark  unified raw event formatting - xm_netflow  fixed an error in xm_exec causing 20s delay in shutdown  unified raw event formatting - im_aixaudit  unified raw event formatting - im_dbi  implemented JSON format for storing complex ModBus reponses  fixed an error causing output truncation when operating on large input files  updated redis modules to use common TCP code  implemented new Capabilities directive  fixed an error causing bogus warning about CacheFlushInterval  unified raw event formatting - xm_snmp  unified raw event formatting - im_bsm  updated python modules to work with python 3.x  improved im_odbc resilience in case of database deadlock errors  modified im_exec to capture STDERR of the executed process  unified raw event formatting - im_internal  fixed an error in im_wseventing causing to fail to collect forwarded events with EventID 4662  implemented common functions for handling raw event formatting  made DBName and DBTable directives mandatory for om_raijin  fixed assert in im_msvistalog when ResolveSID is enabled  fixed a segmentation fault in im_batchcompress  fixed an error leading to event loss when nxlog-processor was sending data over a network output  implemented logic to find default interface automatically in im_pcap  added missing Content-Length to im_http response  Fixed lax permissions set by Windows installer when installed in non-default location  fixed a memory leak im in_zmq  cleanups in xm_admin  improved string escaping in om_raijin  synchronized librdkafka's "queue.buffering.max.messages" with our LogqueueSize directive  fixed missing xm_soapadmin -> xm_admin link to AIX package  fixed an error causing delayed scheduled event processing  fixed packaging scripts on Solaris to cleanly stop nxlog on uninstall  fixed unhelpful error message when include is pointing to a missing directory  added doublequotes handlning to LogFile directive  fixed high CPU usage when network destination is unavailable  unified spelling of EventID field in im_etw and im_msvistalog  fixed an error causing stopped im_odbc module to keep SQLite DB file open  implemented PROFINET protocol parser in im_pcap