Several stabilization fixes are available in 2.6.1131

The detailed changes are as follows:
Service control manager could not properly shut down the service on windows2003 and possibly other windows versions. This could have resulted in unsaved positions and duplicated log collection on system restart.
Fixed a panic in nx_config_cache_write() during shutdown.
Fixed an assertion failure when pm_pattern was trying to set an invalid datetime field.
The installer adds 'eventlog' as a dependency for the nxlog service.
Some error conditions (e.g. The interface is unknown, Access is denied, Invalid parameter, etc) should be handled better now by im_mseventlog.

Parsing key-value Pairs in Log Messages

Version 2.5.1089 has been released. There is a new extension module xm_kvp which makes it a lot easier to parse key-value pairs in log messages produced by many log sources.
This release includes several other enhancements and bug fixes, please consult the changelog for the details.

Now works on AIX

Version 2.4.1054 has been released. This version now compiles and works on IBM AIX and should be fine on Solaris as well. This release contains numerous stabilization and bug fixes, consult the ChangeLog file for the detailed list of changes.

Advanced log correlation

Version 2.3.1027 has been released today. This version brings a new processor module named pm_evcorr which provides event log correlation functionality in addition to the already available nxlog language features (variables and statistical counters). This module was greatly inspired by the Perl based sec.pl simple event correlation tool.
In addition to the above the following fixes and enhancements are available in this release:

Sending logs over HTTP(s)

Version 2.1.956 has been released today. It comes with a shiny new om_http module which allows sending logs to HTTP services such as loggly, elasticsearch etc.
The pm_buffer module has been rewritten to use chunked file storage. This release contains several other fixes and improvements, see the included changelog for more information.

Now scaling better with thousands of files

Version 1.4.803 has been released today.
The im_file module has been enhanced so that it deals better with thousands of files and consumes less CPU. It will automatically retry files which gave a read error earlier instead of stopping completely. The im_msvistalog module now pulls all application logs by default in addition to the system logs. There were several other enhancements and bug fixes, the changelog is available in the source tarball.

Conditional buffering in 1.4.764

Version 1.4.764 has been released.
size(), replace() and substr() functions are now available for string manipulation. Also added buffer_size() and buffer_count() functions to the pm_buffer module. This allows conditional buffering, see the Explicit drop section in the reference manual and this mailing list post about how this can be used.
Some other issues and bugs were fixed, details are in the ChangeLog.

Support for multi-line messages

Version 1.4.729 has been released.
Nxlog could already handle multi-line messages using module variables. This release adds a new extension module (xm_multiline) which makes it easier to process log messages spanning more than one line. It can handle java exception traces, DICOM logs and other multi-line log messages with a lot simpler configuration.

Pages