NXLog Enterprise Edition version 5.5 Release Announcement

We are happy to announce, the next release of NXLog Enterprise Edition v5 is now available.

The version 5.5 fixes issues and brings news capabilities. The most noteworthy improvements are summarized below.

  • Google Chronicle output module has been added
  • New functions to extract parts of JSON and XML data
  • New documentation format
  • xm_sap improvements
  • om_kafka can now use CAThumbprint to load certificates on Windows
  • NXLog EE can now create output files with a single JSON array of events in them

If you have feedback, would like to see additional improvements, reach out to us.

Download a fully functional trial version of NXLog Enterprise Edition 5.5 here.

* 2022-04-15 5.5.7535
    [3934] Fixed TLS handshake issue when nxlog is connecting to itself
    [3660] documentation is now bundled as a multi-page HTML document
    [3678] om_raijin now treats URL ending with or without / the same
    [3754] Fixed an assertion triggered by xm_admin in str.c/_nx_string_create()
    [3539] Fixed an assertion error in logqueue.c/nx_logqueue_peek()
    [3360] Added Google Chronicle unstructured logging output module
    [3830] Fixed a TCP socket descriptor leak
    [3344] Implemented extract_xml() in xm_xml and extract_json() in xm_json
    [3676] Fixed a logic error causing configcache.dat not being created until the first clean shutdown of nxlog
    [3855] Fixed reconnect throttle during failover
    [3696] Fixed a segmentation fault in om_exec occasionally triggered when the executed script exits with an error
    [3500] Implemented saved positions in im_azure
    [3821] Fixed issue where im_azure caused high CPU usage when invalid SharedKey is used
    [3449] Added the feature for capturing resolved address from DNS analytical logs
    [3559] Added im_etw Session directive support
    [3346] Fixed issue in macOS where traceId parsing was causing a 64bit int overflow
    [3264] Updated im_http module to negotiate Accept-Encoding header
    [3741] Fixed issue where flow control is activated when it is set to FALSE
    [3549] im_azure Blob and Table modes updated to use dynamic field mapping
    [3729] Fixed im_maculs segmentation fault when encountering unknown data object type
    [3516] Fixed im_systemd to add nxlog user to systemd-journal group
    [3616] Fixed issue with excessive logging for netflow v9 traffic
    [3722] Added support for IEC61850 event and message filtering
    [2801] Added python modules to the Windows installer
    [3727] Fixed an issue of im_wseventing with kerberos auth on Linux/Docker
    [3739] Fixed error reporting in xm_admin in case of "ServerRestart" failure
    [3663] Fixed typo in default managed.conf
    [3708] Fixed false error message "Malformed logqueue metadata" when PersistLogqueue is set to TRUE
    [3669] Fixed an assertion error in om_elasticsearch when dynamic ID directive is used
    [3651] Fixed issue with agent unable to load some patterns sent from Manager
    [3460] Added Support for multiple tcp connections per module
    [3535] Fixed runaway CPU usage in network output modules on Windows when name resolution fails during connection setup
    [3327] Added CAThumbprint directive to om_kafka on Windows
    [2725] Fixed xm_admin/SOAP error message when ModuleStop, Module Start and ModuleRestart calls fail
    [3619] Fixed xm_kvp setting some fields to null when KVPDelimiter is set to ' '
    [3028] Improved the performance of http modules
    [3645] Improved xm_sap fields
    [3638] Fixed im_systemd to save position regularly, to prevent event duplication after agent crash
    [3644] Fixed memory leak in xm_ruby-libnxruby
    [1595] Updated macOS GUI installer
    [3561] Fixed assertion error when xm_rewrite drops a record and deletes fields
    [2429] Added xm_sap for parsing SAP audit logs
    [3637] Fixed potential memory corruption in xm_json when key length exceeds 500 bytes
    [3576] Fixed crash in xm_json during parsing specific Windows Events when Unflatten is TRUE
    [1775] Implemented field substitution in regular expressions
    [3622] Fixed im_exec not reading script output
    [3606] Fixed a memory leak in im_linuxaudit
    [3636] Fixed issue in im_etw modul, assersion failing after setting kernelflags
    [3542] Fixed im_linuxaudit failing on ARM
    [2048] Fixed a rare hang in om_tcp caused by a race condition
    [3583] Implemented "AbortOnDoubleSigterm" directive
    [3618] Fixed issue with im_etw not collecting events from some providers
    [2223] Added support for multiple Provider directives to im_etw
    [2969] Added im_pcap performance improvements
    [3109] Added support for writing one JSON array of multiple events per file to om_file
    [3609] Fixed issue in im_etw module, where setting “MatchAllKeyword” and “MatchAnyKeyword” had no effect
    [3489] Updated kafka modules to use the librdkafka recommended broker configuration method
    [3621] Fixed issue where xm_nps fails to parse record when it contains the MS-RAS-Client-Version field
    [3378] Improved xm_python error message when it fails to open the script file
    [3573] Fixed an issue in xm_json where InputType failed to set $raw_event
    [3599] Fixed segmentation fault when BufferSize is 0 or 1
    [2433] Added feature: NXLog reporting detailed build information
    [3340] Added feature for nxlog to search the entire Windows certificate store during certificate verification
    [3589] Fixed assertion error in om_zmq.c/_om_zmq_message_alloc()
    [3534] Added copy-truncate rotation strategy to file_cycle
    [3554] Fixed pm_blocker assertion failure in module.c/nx_module_progress_batch()
    [3268] Fixed issue with incorrect dropped event count reported via xm_admin for im_internal
    [3509] Fixed SNI related certificate verification failure in im_azure
    [3346] Fixed 64 bit int overflow in xm_json caused by traceId field on macOS
    [1973] Fixed infinite loop when "include" directive includes itself recursively
    [1593] Modified im_etw to resolve and display the Channel name using the ID
    [3536] Added support in im_maces for proc_check, pty_grant, pty_close
    [3507] Fixed runaway reconnection when server certificate verification fails with im_azure
    [3503] Fixed exec_async() error causing file handle leak
    [3322] Fixed om_azure 403:Forbidden failures
    [3061] Improved im_maculs performance
    [3395] Added support for the field Level in im_imvistalog and im_etw
    [3389] Fixed memory leaks in im_pcap
    [3422] Implemented function failed_over() for detecting if the module's primary destination failed
    [3352] Fixed memory leak in nx_record_set_field_value after throwing an exception

Share this post