NXLog Enterprise Edition version 5.2 Release Announcement

Release Announcement

We are proud to announce the first minor release in the new major version of NXLog Enterprise Edition.

The release fixes a number of bugs and issues and we are expanding the capabilities of our new passive network monitoring module with additional protocol parsers focusing on Industrial Control Systems.

This release also brings the initial version of our new module im_maculs - a native collection method for Apple's Unified Logging System.

  • Added protocol parser for S7
  • Added protocol parser for IEC104
  • Added native macOS Unified Logging module

If you have feedback, would like to see additional improvements, reach out to us.

Download a fully funcional trial version of NXLog Enterprise Edition 5.2 here.

Changelog

* 2020-12-17 5.2.6388
    [1576] Implemented im_maculs for collecting macos Unified Logging System
    [2866] Implemented librdkafka performance data collection to im_kafka and om_kafka
    [1858] Added common http layer to NXLog
    [2990] Restored SNI directive to om_http
    [2721] Fixed bad sockaddr error in im_linuxaudit
    [2895] Added missing hostname to im_linuxaudit records
    [2898] Fixed an error in im_http causing it to send invalid Content-Length
    [MR2454] Fixed an error in im_azure's chunked encoding parser
    [2915] Fixed a memory leak in local queue de/serialization reported by Valgrind
    [2956] Fixed an error causing kerberos authentication issues in im_wseventing
    [2939] Fixed a bug manifesting as SSL handshake errors in im_azure
    [2931] Fixed a request format error in om_elasticsearch
    [2943] Fixed infinite read loop in im_msvistalog when reading etl files
    [2750] Added charset to content-type header in om_raijin
    [2777] Removed accidentally packaged perl528.dll from Windows packages, restoring xm_perl functionality
    [2896] Fixed a segfault in the BACNET decoder
    [2408] Implemented S7 protocol support in im_pcap
    [2916] Fixed multiple crash bug in im_pcap
    [2579] Unify ownership and permission handling in pipe, file and uds outputs
    [2860] Fixed a segfault in im_linuxaudit triggered by loading the module with no rules
    [2783] Fixed a memory leak in om_batchcompress
    [2880] Fixed an im_raijin deserialization error
    [2864] Optimized pool handling in NXLog core
    [2374] Implemented IEC104 dissector in im_pcap
    [2826] Implemented LLDP dissector for PROFINET protocol in im_pcap
    [2878] Added deprecation warning for FlushLimit and FlushInterval directives
    [2861] Fixed an issue in om_raijin causing it to stop after 1 request
    [2883] Increased thread stack size on AIX
    [2856] Fixed an SSL related crash in im_batchcompress
    [2439] Implemented functions for logging librdkafka performance statistics
    [2838] Implemented additional parsing for PROFINET RTC-PDU
    [2620] Fixed a unicode escaping issue in common JSON handling code
    [2848] Fixed segmentation fault in uuid.c
    [2723] Fixed an error causing reload over xm_admin to fail if im_wseventing is in use
    [1619] Cleaned unnecessary RPATH from Linux generic packages
    [1327] Fixed various Valgrind error reports
    [2498] Raw event format refactored in im_msvistalog
    [2789] Implemented additional parsing for PROFINET RTA-PDU and UDP-RTA-PDU
    [2499] Raw event format refactored in im_odbc
    [2492] Raw event format refactored in im_etw
    [2503] Raw event format refactored in im_winperfcount
    [2497] Raw event format refactored in im_mseventlog
    [2501] Raw event format refactored in im_regmon
    [2494] Raw event format refactored in im_kafka
    [2487] Raw event format refactored in im_acct
    [2813] Added missing content-length header to xm_admin http responses
    [2379] Fixed incorrect use of SSL_shutdown()
    [2242] Fixed stalling connections in im_ssl
    [2815] Fixed a performance issue in im_regmon
    [1858] Refactor to use common HTTP layer    
    [2372] implemented PROFINET SCADA protocol in im_pcap 
    [2715] Fixed an error causing im_odbc to lose position after restart
    [2790] Fixed BOOL output for change-of-state events in the BACNET parser
    [2733] Parts of xm_asl were refactored
    [2659] Implemented additional data link types in im_pcap

Share this post