We are happy to report, the next release of NXLog Enterprise Edition v5 is now available.
The version 5.4 fixes issues and brings news functionality. The most noteworthy improvements are summarized below.
- Support for collecting Apple Endpoint Security events (im_maces)
- Release was tested on Windows 2022 Server
- Debian 11 packages added
- Red Hat Enterprise 8 and Ubuntu 20 AA64 packages
to_snare()for creating Snare compatible messages
- Support for pulling data from Azure Log Analytics Workspaces (technology preview)
If you have feedback, would like to see additional improvements, reach out to us.
Download a fully functional trial version of NXLog Enterprise Edition 5.4 here.
* 2021-09-06 5.4.7313  Added support for Debian 11  Updated OpenSSL to 1.1.1l in generic packages to address CVE-2021-3712 and CVE-2021-3711  Patched libapr in generic packages to address CVE-2021-35940  Added support for resolving additional fields to im_maculs  Changed OS name on macOS systems to "macOS"  Implemented json array parsing in im_http  Fixed assertion failure reported in pm_norepeat  Fixed overly noisy warning in putFile logging on Windows  Added nxlog version dependency to module packages - DEB  Added nxlog version dependency to module packages - RPM  Fixed unnecessary ListenAddress logging  Fixed runaway reconnection when output hostnames are unresolvable  Fixed a crash in im_azure triggered by a missing CA certificate file used in the configuration  Implemented support for automatically reopening externally rotated output files to om_file  Added support for Azure Log Analytics workspaces to im_azure  Added support for Apple Endpoint Security framework - im_maces  Improved error message in im_ssl when peer does not return a certificate  Added support for NetFlow Enterprise fields  Implemented InputType for xm_json  Improved include_stdout error handling  Fixes multiple parsing errors in the DNP3 dissector  Fixed faulty reconnect timer tracking in om_udp  Fixed im_fim to handle corrupted key value store files gracefully  Fixed xm_admin to track reconnection timeouts per IP address  Fixed hang in xm_admin when getLog pulls a file over StringLimit  Fixed an assertion error in im_file when the input file is truncated  Fixed xm_admin to handle moduleStop calls to itself  Added support for multiple Channel directives to im_msvistalog  Added Reconnect directive to xm_admin  Fixed an error causing om_http to fail if Binary mode and compression are both enabled  Modified priority of scheduled events to correct behaviour on module start  Modified field name restrictions to allow '@'  Added support for parsing the URL in incoming POST requests to im_http  Added support for HTTP PUT to om_http  Fixed SSL cipher negotiation issue on SLES12-SP5  Fixed EvtRender failed error in im_msvistalog  Fixed file_cycle on UNC paths  Added OnError directive for customizable http error handling  Added NegativeCacheExpiry to xm_resolver  Fixed regex escaping in replacement strings  Modified syslog parser to use int data type for pid  Added OS logging to startup log entry  Added new directive DirectoryReadingOrder to im_file  Fixed memory leak in im_linuxaudit  Added Channel name resolution using ID to im_etw  Unified file related directive parsing  Added automatic configuration recovery option to xm_admin  Improved error message for name resolution errors on Windows  Modified im_pcap to restart after an interface error  Fixed anchor parsing in im_http  Fixed segmentation fault in librdkafka  Fixed overly narrow implementation of the AllowUntrusted directive  Fixed an error in xm_admin causing getLog to hang when used w/o size specified  Fixed im_exec to capture STDERR of the external command  Improved om_elasticsearch _bulk API error handling  Improved SSL error message "SSL must be configured"  Fixed assertion error in im_msvistalog line 1648  Added support for api version 2015-02-21 to im_azure fixing HTTP error 409  Added warning for '\ ' at end of line  Fixed incorrect pointer type for JAVAHOME  Fixed segmentation fault in xm_perl when script is not found  Fixed a memory leak in im_tcp triggered by high reconnect rates with many connections  Added ExcludeSize to im_fim [dependencies#104] Updated expat, libcap, librdkafka, pcre2 in generic packages  Fixed date formatting in json functions  Fixed assert when the input/output converter's instance name is missing  Support additional fields (Opcode, Category) in im_etw  Added output sanitization to xm_admin's getlog  Added UNC path support to im_msvistalog  Fixed netflow processing errors in xm_netflow  Improved error message when external DLL cannot be loaded on Windows  Strip all nxlog modules to save space  Updated Windows builds to APR 1.7  Fixed im_linuxaudit warnings about additional unknown field types  Fixed xm_cef field mapping to better match the standard (end->rt )  Fixed a potential SSL related memory leak  Added support for Ubuntu 20, Redhat 8 on ARM  Fixed panic on unresolvable hostname or non-local address in im_udp  Implemented to_snare() function in xm_syslog  Fixed missing log generation on opening listen port in im_udp  Fixed a potential queue overflow in im_fim and im_regmon  Fixed a memory leak in im_linuxaudit  Fixed "iconv failed: 84" error in im_wseventing