NXLog Enterprise Edition v4.1

The NXLog Enterprise Edition v4.0 was released earlier this year. If you have missed it, read the release announcement here.

We have been busy this summer, and are happy to bring you NXLog Enterprise Edition v4.1 today. This new version comes with more than 80 issues fixed since v4.0.

Below is the excerpt from the changelog:

  • Fixed an exporter table related memory consumption issue in xm_netflow and made some performance improvements.

  • Added an optional SQL configuration directive to om_odbc.

  • Fixed a high CPU usage issue in om_http and om_elasticsearch when the other end closed the connection.

  • CacheFlushInterval defaults to 5 seconds so that file positions are saved periodically.

  • Added a field mapping to xm_cef so that it generates Arcsight logger compliant output with Windows Eventlog.

  • Some modules were causing a PANIC or assertion failure issues in presence of configuration errors.

  • The unknown type was causing a PANIC in xm_soapadmin with unset module variables which resulted in disconnects.

  • The <Schedule> block now supports @startup and @reboot for immediate execution.

  • xm_admin now returns Solaris instead of unknown for the OS field in the ServerInfo response.

  • im_linuxaudit was acting inconsitently with duplicate rules.

  • Fixed a few potential problems in xm_snmp, xm_asl, xm_syslog, xm_cef and im_batchcompress uncovered by fuzz testing.

  • The macOS installer was getting stuck on domain bound macs.

  • Added kafka support for macOS.

  • A regression in xm_gelf was causing a crash with InputType GELF_UDP.

  • Better support for installing NXLog in docker containers.

  • A potential memory leak regression was fixed in im_file.

  • Fixed a potential race condition issue in im_ssl on connection closure.

  • xm_gelf now provides InputType GELF_TCP to parse the graylog GELF format.

  • xm_json generates the proper ISO timestamp format with the T by default: YYYY-MM-DDThh:mm:ss.sTZ.

  • Fixed an assertion failure issue with xm_bsm parsing the Solaris audit logs.

  • All Unix installers (AIX, BSD, Solaris, Linux) now support the NXLOG_USER and NXLOG_GROUP environment variables.

  • An unused instance of om_odbc could cause a crash on shutdown.

  • The windows service is now installed with delayedstart and there is an automatic service restart on failure.

  • The python modules changed the signal handlers resulting in ignoring SIGINT.

  • Fixed a memory leak regression issue in im_file.

  • Changed the default dateformat to YYYY-MM-DDThh:mm:ss.sTZ in xm_json to make it ISO-8601 compliant.

  • im_odbc was fetching duplicate logs in some cases when the id column was a datetime type.

  • Fixed an issue where two im_odbc instances could cause a crash on shutdown.

  • Added more tweaks to om_odbc to make it reconnect on some additional error situations.

  • Added more tweaks to om_odbc to make it reconnect on some additional error situations.

  • Implemented parsedate(string arg, boolean UTC).

  • Implemented the GenerateDateInUTC and ParseDateInUTC global config directives.

  • Fixed a race condition that could cause a crash during reload in presence of some loaded modules.

  • im_msvistalog was causing CPU spikes with the 64 bit build on Windows.

  • xm_gelf can be used to parse GELF logs using InputType GELF_TCP.

  • im_etw could produce garbage for some field values such as Zone, ZoneScope and AdditionalInfo in DNS server logs.

  • A regression in im_msvistalog was causing an assertion failure when using the File directive.

  • The im_etw KernelFlags directive now properly accepts multiple comma separated values.

  • The om_odbc module was causing a crash if it was declared but unused.

  • The om_odbc module could crash with time or datetimeoffset column types.

  • The om_kafka and im_kafka modules now support various config options of the librdkafka library via the Option configuration directive.

Upgrade instructions are available for each platform in the User Guide under the Deployment section.

Feel free to get in touch if you have any questions or suggestions about this release.

Happy logging!

Share this post