We are happy to announce, the next release of NXLog Enterprise Edition v5 is now available.
The version 5.5 fixes issues and brings news capabilities. The most noteworthy improvements are summarized below.
- Google Chronicle output module has been added
- New functions to extract parts of JSON and XML data
- New documentation format
- xm_sap improvements
- om_kafka can now use
CAThumbprintto load certificates on Windows
- NXLog EE can now create output files with a single JSON array of events in them
If you have feedback, would like to see additional improvements, reach out to us.
Download a fully functional trial version of NXLog Enterprise Edition 5.5 here.
* 2022-04-15 5.5.7535  Fixed TLS handshake issue when nxlog is connecting to itself  documentation is now bundled as a multi-page HTML document  om_raijin now treats URL ending with or without / the same  Fixed an assertion triggered by xm_admin in str.c/_nx_string_create()  Fixed an assertion error in logqueue.c/nx_logqueue_peek()  Added Google Chronicle unstructured logging output module  Fixed a TCP socket descriptor leak  Implemented extract_xml() in xm_xml and extract_json() in xm_json  Fixed a logic error causing configcache.dat not being created until the first clean shutdown of nxlog  Fixed reconnect throttle during failover  Fixed a segmentation fault in om_exec occasionally triggered when the executed script exits with an error  Implemented saved positions in im_azure  Fixed issue where im_azure caused high CPU usage when invalid SharedKey is used  Added the feature for capturing resolved address from DNS analytical logs  Added im_etw Session directive support  Fixed issue in macOS where traceId parsing was causing a 64bit int overflow  Updated im_http module to negotiate Accept-Encoding header  Fixed issue where flow control is activated when it is set to FALSE  im_azure Blob and Table modes updated to use dynamic field mapping  Fixed im_maculs segmentation fault when encountering unknown data object type  Fixed im_systemd to add nxlog user to systemd-journal group  Fixed issue with excessive logging for netflow v9 traffic  Added support for IEC61850 event and message filtering  Added python modules to the Windows installer  Fixed an issue of im_wseventing with kerberos auth on Linux/Docker  Fixed error reporting in xm_admin in case of "ServerRestart" failure  Fixed typo in default managed.conf  Fixed false error message "Malformed logqueue metadata" when PersistLogqueue is set to TRUE  Fixed an assertion error in om_elasticsearch when dynamic ID directive is used  Fixed issue with agent unable to load some patterns sent from Manager  Added Support for multiple tcp connections per module  Fixed runaway CPU usage in network output modules on Windows when name resolution fails during connection setup  Added CAThumbprint directive to om_kafka on Windows  Fixed xm_admin/SOAP error message when ModuleStop, Module Start and ModuleRestart calls fail  Fixed xm_kvp setting some fields to null when KVPDelimiter is set to ' '  Improved the performance of http modules  Improved xm_sap fields  Fixed im_systemd to save position regularly, to prevent event duplication after agent crash  Fixed memory leak in xm_ruby-libnxruby  Updated macOS GUI installer  Fixed assertion error when xm_rewrite drops a record and deletes fields  Added xm_sap for parsing SAP audit logs  Fixed potential memory corruption in xm_json when key length exceeds 500 bytes  Fixed crash in xm_json during parsing specific Windows Events when Unflatten is TRUE  Implemented field substitution in regular expressions  Fixed im_exec not reading script output  Fixed a memory leak in im_linuxaudit  Fixed issue in im_etw modul, assersion failing after setting kernelflags  Fixed im_linuxaudit failing on ARM  Fixed a rare hang in om_tcp caused by a race condition  Implemented "AbortOnDoubleSigterm" directive  Fixed issue with im_etw not collecting events from some providers  Added support for multiple Provider directives to im_etw  Added im_pcap performance improvements  Added support for writing one JSON array of multiple events per file to om_file  Fixed issue in im_etw module, where setting “MatchAllKeyword” and “MatchAnyKeyword” had no effect  Updated kafka modules to use the librdkafka recommended broker configuration method  Fixed issue where xm_nps fails to parse record when it contains the MS-RAS-Client-Version field  Improved xm_python error message when it fails to open the script file  Fixed an issue in xm_json where InputType failed to set $raw_event  Fixed segmentation fault when BufferSize is 0 or 1  Added feature: NXLog reporting detailed build information  Added feature for nxlog to search the entire Windows certificate store during certificate verification  Fixed assertion error in om_zmq.c/_om_zmq_message_alloc()  Added copy-truncate rotation strategy to file_cycle  Fixed pm_blocker assertion failure in module.c/nx_module_progress_batch()  Fixed issue with incorrect dropped event count reported via xm_admin for im_internal  Fixed SNI related certificate verification failure in im_azure  Fixed 64 bit int overflow in xm_json caused by traceId field on macOS  Fixed infinite loop when "include" directive includes itself recursively  Modified im_etw to resolve and display the Channel name using the ID  Added support in im_maces for proc_check, pty_grant, pty_close  Fixed runaway reconnection when server certificate verification fails with im_azure  Fixed exec_async() error causing file handle leak  Fixed om_azure 403:Forbidden failures  Improved im_maculs performance  Added support for the field Level in im_imvistalog and im_etw  Fixed memory leaks in im_pcap  Implemented function failed_over() for detecting if the module's primary destination failed  Fixed memory leak in nx_record_set_field_value after throwing an exception