Bot releases are visible (Hide)

syslog-ng - syslog-ng-3.32.1

Published by github-actions[bot] over 3 years ago

3.32.1

Highlights

mongodb(): add workers() support (multi-threaded connection pooling)

The MongoDB driver now supports the workers() option, which specifies the
number of parallel workers to be used.
Workers are based on the connection pooling feature of the MongoDB C library.

This increases the throughput of the MongoDB destination driver.

Example:
```
destination {
  mongodb(
    uri("mongodb://hostA,hostB/syslog?replicaSet=my_rs&wtimeoutMS=10000&socketTimeoutMS=10000&connectTimeoutMS=10000&serverSelectionTimeoutMS=5000")
    collection("messages")
    workers(8)
  );
};
```
(#3621)
mongodb(): template support for the collection() option

The collection() option of the MongoDB destination driver now accepts
templates, for example:
```
destination {
  mongodb(
    uri("mongodb://host/syslog")
    collection("${HOST}_messages")
  );
};
```
(#3621)

Features

time-reopen: Support the time-reopen() option on the driver level for the following drivers:
- sources: example-diskq-source, python-fetcher
- destinations: amqp, example-destination, file, http, mongodb, network, pipe,
  program, pseudofile, python, redis, riemann, smtp, sql, stomp,
  syslog, tcp, tcp6, udp, udp6, unix-dgram, unix-stream, usertty
  (#3585)
csv-parser(): add drop-invalid() option along with the already existing
flag with the same name. This is to improve the consistency of the
configuration language.
(#3547)
usertty() destination: Support changing the terminal disable timeout with the time-reopen() option.
Default timeout change to 60 from 600. If you wish to use the old 600 timeout, add time-reopen(600)
to your config in the usertty() driver.
(#3585)
syslog-parser(): add a new drop-invalid() option that allows the use of
syslog-parser() in if statements. Normally a syslog-parser() injects an
error message instead of failing.
(#3565)

Bugfixes

date-parser: if the timestamp pattern did not covered a field (for example seconds) that field had undefined value

The missing fields are initialized according to the following rules:
1. missing all fields -> use current date
2. only miss year -> guess year based on current year and month (current year, last year or next year)
3. the rest of the cases don't make much sense, so zero initialization of the missing field makes sense. And the year is initialized to the current one.
  (#3615)
Fix compilation issues on OpenBSD

syslog-ng can now be compiled on OpenBSD.
(#3661)
loggen: debug message printed wrong plugin name (ssl-plugin instead of socket_plugin)
(#3624)
tls: fixup EOF detection issue in tls (before 3.0 version)

syslog-ng error message:
"I/O error occurred while reading; fd='13', error='Success (0)'"
(#3618)
kafka: the config() block couldn't contain option that is already a keyword in syslog-ng (example: retries)
(#3658)
templates: fixed error reporting when invalid templates were specified

The amqp(), file() destination, sql(), stomp(), pdbtool, and
graphite() plugins had template options that did not report errors at startup
when invalid values were specified.
(#3660)

Packaging

bison: minimum version of bison is bumped to 3.7.6
(#3547)
java-modules: the minimum version of gradle changed from 2.2 to 3.4
(#3645)
light: add to the release tarball
(#3613)

Credits

syslog-ng is developed as a community project, and as such it relies
on volunteers, to do the work necessarily to produce syslog-ng.

Reporting bugs, testing changes, writing code or simply providing
feedback are all important contributions, so please if you are a user
of syslog-ng, contribute.

We would like to thank the following people for their contribution:

Andras Mitzki, Attila Szakacs, Balazs Scheidler,
Gabor Nagy, Janos SZIGETVARI, Laszlo Budai, Laszlo Szemere,
LittleFish33, László Várady, Ming Liu, Norbert Takacs, Peter Kokai,
Todd C. Miller, Yi Fan Yu, Zoltan Pallagi

syslog-ng - syslog-ng-3.31.2

Published by github-actions[bot] over 3 years ago

3.31.2

Bugfixes

syslog-parser(): fix a potential crash in case parsing the message
fails and tags are already applied to the message.

Packaging

python2: Direct python2 support is dropped, we no longer test it in our CI.
No python2 related source codes were removed as for now, but we do not
guarantee that it will work in the future.

(#3603)

Credits

syslog-ng is developed as a community project, and as such it relies
on volunteers, to do the work necessarily to produce syslog-ng.

Reporting bugs, testing changes, writing code or simply providing
feedback are all important contributions, so please if you are a user
of syslog-ng, contribute.

We would like to thank the following people for their contribution:

Andras Mitzki, Antal Nemes, Attila Szakacs, Balazs Scheidler,
Gabor Nagy, Laszlo Budai, Laszlo Szemere, László Várady,
Norbert Takacs, Peter Kokai, Ryan Faircloth, Zoltan Pallagi

syslog-ng - syslog-ng-3.31.1

Published by github-actions[bot] over 3 years ago

3.31.1

Highlights

fortigate-parser(): new parser to parse fortigate logs

Example:
```
log {
  source { network(transport("udp") flags(no-parse)); };
  parser { fortigate-parser(); };
  destination { };
};
```
An adapter to automatically recognize fortigate logs in app-parser() has
also been added.
(#3536)
patterndb: Added OPTIONALSET parser. It works the same as SET, but continues, even if none of the
characters is found.
(#3540)

Features

syslog-parser(): add no-header flag to tell syslog-ng to parse only the
PRI field of an incoming message, everything else is just put into $MSG.
(#3538)
set-pri(): this new rewrite operation allows you to change the PRI value
of a message based on the string directly parsed out of a syslog header.
(#3546)

telegram: option to send silent message

Example:

destination { telegram(bot-id(...) chat-id(...) disable_notification(true)); };

(#3558)

app-parser(): added automatic classification & parsing for project Lumberjack/Mitre CEE formatted logs
(#3569)
diskq: if the dir() path provided by the user does not exists, syslog-ng creates the path with the same permission as the running instance
(#3550)

Bugfixes

network(), syslog() destinations: fix reconnection timer when DNS lookups are slow

After a long-lasting DNS query, syslog-ng did not wait the specified time (time_reopen())
before reconnecting to a destination. This has been fixed.
(#3526)
cmake: minor fixes
(#3523)
stats-level(): fix processing the changes in the stats-level() global
option: changes in stats-level() were not reflected in syslog
facility/severity related and message tag related counters after first
configuration reload. These counters continued to operate according to the
value of stats-level() at the first reload.
(#3561)
date-parser(): fix hour-only timezone parsing

If the timestamp contains a short timezone offset (e.g. hours only), the
recent change in strptime() introduces an error, it interprets those
numbers as minutes instead of hours. For example: Jan 16 2019 18:23:12 +05
(#3555)
loggen: fix undefined timeout while connecting to network sources (glib < 2.32)

When compiling syslog-ng with old glib versions (< 2.32), loggen could fail due a timeout bug.
This has been fixed.
(#3504)
grouping-by(): fix deadlock when context expires

In certain cases, the grouping-by() parser could get stuck when a message
context expired, causing a deadlock in syslog-ng.

This has been fixed.
(#3515)
date-parser: Fixed a crash, which occured sometimes when %z was used.
(#3553)
date-parser: %z. We no longer ignore daylight saving time when calculating the GMT offset.
(#3553)
kafka-c: fix a double LogMessage acknowledgement bug, which can cause crash with segmentation fault or exit with sigabrt. The issue affects both flow-controlled and non-flow-controlled log paths and it's triggered in case previously published messages failed to be delivered to Kafka.
(#3583)
python destination: Fixed a rare crash during reload.
(#3568)
date-parser(): fix non-mandatory parsing of timezone name

When %Z is used, the presence of the timezone qualifier is not mandatory,
so don't fail that case.
(#3555)
wildcard-file(): fix infrequent crash when file renamed/recreated

The wildcard-file source crashed when a file being processed was replaced by
a new one on the same path (renamed, deleted+recreated, rotated, etc.).
(#3513)
Remove the no-parse flag in system() source from FreeBSD kernel
messages, so the message header is no more part of the message.
(#3586)
Fix abort on macOS Big Sur

A basic subset of syslog-ng's functionality now works on the latest macOS version.
(#3522)
affile: Fix improper initialization in affile and LogWriter to avoid memory leak when reloading
(#3574)
udp destination: Fixed a bug, where the packet's checksum was not calculated,
when spoof-source(yes) and ip-protocol(6) were set.
(#3528)
python: fix LogMessage.keys() listing non-existenting keys and duplicates
(#3557)

Packaging

Simplify spec file by removing obsolete technologies:
- remove RHEL 6 support
- remove Python 2 support
- keep Java support, but remove Java-based drivers (HDFS, etc.)
  (#3587)
libnet: Minimal libnet version is now 1.1.6.
(#3528)
configure: added new --enable-manpages-install option along with the
existing --enable-manpages. The new option would install pre-existing
manpages even without the DocBook tools installed.
(#3493)

Notes to developers

apphook: the concept of hook run modes were introduced, adding support for
two modes: AHM_RUN_ONCE (the original behavior) and AHM_RUN_REPEAT (the new
behavior with the hook repeatedly called after registration).
(#3561)

Credits

syslog-ng is developed as a community project, and as such it relies
on volunteers, to do the work necessarily to produce syslog-ng.

Reporting bugs, testing changes, writing code or simply providing
feedback are all important contributions, so please if you are a user
of syslog-ng, contribute.

We would like to thank the following people for their contribution:

0140454, Andras Mitzki, Antal Nemes, Attila Szakacs, Balazs Scheidler,
egorbeliy, Gabor Nagy, Laszlo Budai, Laszlo Szemere, László Várady,
Michael Ducharme, Norbert Takacs, Peter Czanik, Peter Kokai, Pratik raj,
Ryan Faircloth, Zoltan Pallagi

syslog-ng - syslog-ng-3.30.1

Published by github-actions[bot] almost 4 years ago

3.30.1

Highlights

filter template function
support proxy-protocol

Features

kafka (C implementation):
- Added template support to topic().
- Added fallback-topic() option, which will be used, if the templated topic() yields an invalid topic name.
  (#3372)

transport: add proxy-protocol support

http://www.haproxy.org/download/1.8/doc/proxy-protocol.txt

@version: 3.29

source s_tcp_pp {
    network(
        port(7777)
#        transport("proxied-tcp")
        transport("proxied-tls")
        tls(
             key-file("/openssl/certs/certs/server/server.rsa")
             cert-file("openssl/certs/certs/server/server.crt")
             ca-dir("/openssl/certs/certs/CA")
#             peer-verify("optional-untrusted")
             peer-verify("required-trusted")
         )
    );
};

destination d_file {
    file("/var/log/pp.log" template("$(format-json --scope nv-pairs)\n"));
};

log {
    source(s_tcp_pp);
    destination(d_file);
};

filter: new template function

The new introduced filter template function will allow filtering lists based on a filter expression.

For example this snippet removes odd numbers

log {
  source { example-msg-generator(num(1) values(INPUT => "0,1,2,3")); };
  destination {
     file("/dev/stdout"
           template("$(filter ('$(% $_ 2)' eq '0') $INPUT)\n)")
     );
  };
};

(#3426)

file, network, program destinations: : new truncate_size option introduced to truncate an output message to a specified max size. default value is -1 (disabled).
```
network("127.0.0.1" truncate_size(100));
```
new stats counters:
```
dst.network;d_local#0;udp,127.0.0.1:1111;a;truncated_count;1
dst.network;d_local#0;udp,127.0.0.1:1111;a;truncated_bytes;1
```
(#3474)
network: add FreeBSD support for the so_reuseport(yes) the same as in linux SO_REUSEPORT (FreeBSD uses SO_REUSEPORT_LB flag).
(#3438)
date-parser: %z accepts local timezone std format as well
(#3453)
syslog-format: accepting longer sdata keys

Triggered by https://github.com/syslog-ng/syslog-ng/issues/3197
At the end of the discussion in the mentioned issue, we decided
to change the parser and accept longer than 32 character ID's.
(#3244)
systemd-journal: add namespace() option
This option accepts a string which is identical to the --namespace option of journalctl.
For systems defining this option with a systemd version older than v245 a warning is issued.
(#3358)

Bugfixes

date-parse: %Z should parse the same timezones as %z not just local and gmt
(#3453)
python: printing the exception instead of None (if compiled with clang)
(#3405)
network/udp: message was lost (not sent) if it was too large, and a time reopen amount of time needed to expire to send the next message lowering the thoughtput. now it is truncated at 65507.
(#3474)
tlscontext: support IPv6 X509v3 Subject Alternative Name

Fixes #3465
(#3466)

map: pass $_ to if correctly.

Prior this patchset, if did not receive $_ correctly.

After this change, these configurations will work:

log {
  source { example-msg-generator(num(1) values(INPUT => "0,1,2,3")); };
  destination {
     file("/dev/stdout"
           template("$(map $(if ('$(% $_ 2)' eq '0') 'even' 'odd') $INPUT)'\n)")
     );
  };
};

(#3426)

systemd-journal: add namespace to the persist name
(#3407)
syslog-ng: fixed numerous spelling mistakes in messages generated by syslog-ng
(#3398)
network: fix TLS certificate hostname verification when using failover() servers

For TLS certificate hostname verification, the certificate's hostname needs to be compared to the configured hostname
of the primary and each failover server. syslog-ng used always the primary server's name incorrectly.
(#3447)
afsocket: syslog-ng fails to bind() after config revert

When having a program source or destination and a network destination in the
config, if we reload with an invalid config, syslog-ng crashes, as it cannot init
the old network source, because its address is in use.
(#3416)
syslog-ng-ctl: when syslog-ng gets stuck on executing a heavy stats-ctl command, should be
able to do a graceful shutdown when it is requested.
(#3349)
json-parser: fix parsing 64 bit numbers (currently 32 bit was a limit)
(#3403)
usertty(): on each tty open error an error mesage and a 10 minutes long disabling of the usertty() destination has been added.
Until now, the usertty() destination were only disabled for blocking write() calls.
(#3473)

Notes to developers

Proxy protocol support added to loggen.

Four new options added to loggen to suppport the proxy protocol:
- --proxied : Generate PROXY protocol v1 header
- --proxy-src-ip : Set the source IP for the PROXY protocol v1 header. If not specified a random IP address generated (192.168.1.X).
- --proxy-dst-ip : Set the destination IP for the PROXY protocol v1 header. If not specified a random IP address generated (192.168.1.X).
- --proxy-src-port : Set the source port for the PROXY protocol v1 header. If not specified a random port generated in the range 5000-10000.
- --proxy-dst-port : Set the destination port for the PROXY protocol v1 header. If not specified the port number 514 will be used.
  (#3462)
bison: Minimum required version is now 3.4.2.
You still only need bison, if you are building from git source or changing the grammar in the released source tarball.
(#2526)
Template evaluation related function signatures changed.

A new structure LogTemplateEvalOptions is introduced to group parameters together.
(#3426)

Other changes

json-parser: change every per message logs that was higher than debug to debug
(#3401)

Credits

syslog-ng is developed as a community project, and as such it relies
on volunteers, to do the work necessarily to produce syslog-ng.

Reporting bugs, testing changes, writing code or simply providing
feedback are all important contributions, so please if you are a user
of syslog-ng, contribute.

We would like to thank the following people for their contribution:

Andras Mitzki, Antal Nemes, Attila Szakacs, Balazs Scheidler,
Boris Korzun, Gabor Nagy, Laszlo Budai, Laszlo Szemere, László Várady,
Norbert Takacs, Peter Kokai, Viktor Juhasz, Vivin Peris, Zoltan Pallagi,
bjoe2k4

syslog-ng - syslog-ng-3.29.1

Published by lbudai about 4 years ago

3.29.1

Highlights

panos-parser(): parse Palo Alto PAN-OS logs

Example:

@include "scl.conf"

log {
  source { network(transport("udp")); };

  parser { panos-parser(); };

  destination {
   elasticsearch-http(
     index("syslog-ng-${YEAR}-${MONTH}-${DAY}")
     type("")
     url("http://localhost:9200/_bulk")
     template("$(format-json
       --scope rfc5424
       --scope dot-nv-pairs --rekey .* --shift 1 --exclude *future_* --exclude *dg_hier_level_*
       --scope nv-pairs --exclude DATE --key ISODATE @timestamp=${ISODATE})")
   );
  };
};

(#3234)

Features

snmptrap: improve error message when missing dependency
(#3363)
disk queue: reduce memory usage during load
(#3352)
Allow dupnames flag to be used in PCRE expressions, allowing duplicate names for named subpatterns
as explained here: https://www.pcre.org/original/doc/html/pcrepattern.html#SEC16 .

Example:
```
filter f_filter1 {
  match("(?<FOOBAR>bar)|(?<FOOBAR>foo)" value(MSG) flags(store-matches, dupnames));
};
```
(#3381)

Bugfixes

filter/regex: if there was a named match (?..)? that is optional to match, the previose or the next named matches might not be saved as named match.
(#3393)
tls: Fixed a bug, where ecdh-curve-list() were not applied at client side.
(#3356)
scratch-buffers: fix global.scratch_buffers_bytes.queued counter bug
This bug only affected the stats_counter value, not the actual memory usage (i.e. memory usage was fine before)
(#3355)
wsl: fix infinite loop during startup
(#3340)
openbsd: showing grammar debug info for openbsd too, when -y command line option is used
(#3339)
stats-query: speedup syslog-ng-ctl query get "*" command.

An algorithmic error view made syslog-ng-ctl query get "*" very slow with large number of counters.
(#3376)
syslogformat: fixing crashing with small invalid formatted logs see example in #3328
(#3364)
cfg: fix config reload crash via introducing on_config_inited in LogPipe
(#3176)
config: fix error reporting
- Error reporting was fixed for lines longer than 1024 characters.
- The location of the error was incorrectly reported in some cases.
  (#3383)
disk queue: fix possible crash during load, and possible false positive corruption detection
(#3342)
db-parser, pdbtool, graphite-output: fix glib assertion error

The assertion happened in these cases
- dbparser database load
- argument parsing in graphite-output
- pdbtool merge commad
Syslog-ng emitted a glib assertion warning in the cases above, even in successful executions.

If G_DEBUG=fatal-warnings environment variable was used, the warning turned into a crash.
(#3344)
stats: fix stats-ctl query crash when trying to reset all the counters
syslog-ng-ctl query get '*' --reset
(#3361)

Packaging

RHEL 7 packaging: fix logrotate file conflict with rsyslog
(#3324)
Debian packaging: python3-nose was removed from package dependencies.
Pytest will run Python related unittests (for modules/python/pylib/syslogng/debuggercli/tests/)
instead of nose.
(#3343)

Notes to developers

light: test for assertion errors in glib for each testcases
(#3344)
Fix signal handling when an external library/plugin sets SIG_IGN

Previously, setting SIG_IGN in a plugin/library (for example, in a Python module) resulted in a crash.
(#3338)
func-test: removed logstore_reader check, which was never reached
(#3236)
plugin_skeleton_creator: fixing a compiler switch

Wrong compiler switch used in plugin_skeleton_creator. This caused a compiler warning. The grammar debug info did not appear for that module, when -y command line option was used.
(#3339)
Light test framework: get_stats and get_query functions to DestinationDriver class

Two new functions added to DestinationDriver class which can be used for getting the stats
and query output of syslog-ng-ctl.
(#3211)

Other changes

internal(): limit the size of internal()'s temporary queue

The internal() source uses a temporary queue to buffer messages.
From now on, the queue has a maximum capacity, the log-fifo-size() option
can be used to change the default limit (10000).

This change prevents consuming all the available memory in special rare cases.
(#3229)
network plugins: better timer defaults for TCP keepalive

From now on, syslog-ng uses the following defaults for TCP keepalive:
- tcp-keepalive-time(): 60
- tcp-keepalive-intvl(): 10
- tcp-keepalive-probes(): 6
Note: so-keepalive() is enabled by default.
(#3357)

Credits

syslog-ng is developed as a community project, and as such it relies
on volunteers, to do the work necessarily to produce syslog-ng.

Reporting bugs, testing changes, writing code or simply providing
feedback are all important contributions, so please if you are a user
of syslog-ng, contribute.

We would like to thank the following people for their contribution:
Andras Mitzki, Antal Nemes, Attila Szakacs, Balazs Scheidler, Christian Tramnitz, chunmeng, Gabor Nagy, Laszlo Budai, Laszlo Szemere, László Várady, MileK, Norbert Takacs, Peter Czanik, Péter Kókai, Terez Nemes.

syslog-ng - syslog-ng-3.28.1

Published by lbudai over 4 years ago

3.28.1

Highlights

http: add support for proxy option

Example:

log {
   source { system(); };
   destination { http( url("SYSLOG_SERVER_IP:PORT") proxy("PROXY_IP:PORT") method("POST") ); };
};

(#3253)

Features

map: template function

This template function applies a function to all elements of a list. For example: $(map $(+ 1 $_) 0,1,2) => 1,2,3.
(#3301)
use-syslogng-pid(): new option to all sources

If set to yes, syslog-ng overwrites the message's ${PID} macro to its own PID.
(#3323)

Bugfixes

affile: eliminate infinite loop in case of a spurious file path

If the template evaluation of a log message will result to a spurious
path in the file destination, syslog-ng refuses to create that file.
However the problematic log message was left in the msg queue, so
syslog-ng was trying to create that file again in time-reopen periods.
From now on syslog-ng will handle "permanent" file errors, and drop
the relevant msg.
(#3230)
Fix minor memory leaks in error scenarios
(#3265)
crypto: fix hang on boot due to lack of entropy
(#3271)
Fix IPv4 UDP destinations on FreeBSD

UDP-based destinations crashed when receiving the first message on FreeBSD due
to a bug in destination IP extraction logic.
(#3278)
network sources: fix TLS connection closure

RFC 5425 specifies that once the transport receiver gets close_notify from the
transport sender, it MUST reply with a close_notify.

The close_notify alert is now sent back correctly in case of TLS network sources.
(#2811)
disk-buffer: fixes possible crash, or fetching wrong value for logmsg nvpair
(#3281)
packaging/debian: fix mod-rdkafka Debian packaging
(#3282)
kafka destination: destination halts if consumer is down, and kafka's queue is filled
(#3305)
file-source: Throw error, when follow-freq() is set with a negative float number.
(#3306)
stats-freq: with high stats-freq syslog-ng emits stats immediately causing high memory and CPU usage
(#3320)
secure-logging: bug fixes (#3284)
- template arguments are now consistently checked
- fixed errors when mac file not provided
- fixed abort when derived key not provided
- fixed crash with slogkey missing parameters
- fixed secure-logging on 32-bit architectures
- fixed CMake build

Other changes

dbld: Fedora 32 support (#3315)
dbld: Removed Ubuntu Eoan (#3313)
secure-logging: improvements (#3284)
- removed 1500 message length limitation
- slogimport has been renamed to slogencrypt
- $(slog) will not start anymore when key is not found
- internal messaging (warning, debug) improvements
- improved memory handling and error information display
- CMake build improvements
- switched to GLib command line argument parsing
- the output of slogkey -s is now parsable
- manpage improvements

Notes to developers

dbld: devshell is now upgraded to Ubuntu Focal
(#3277)
dbld/devshell: Multiple changes:
- Added snmptrapd package.
- Added support for both python2 and python3.
  (#3222)
threaded-source: fully support default-priority() and default-facility()
(#3304)
CMake: fix libcap detection
(#3294)
Fix atomic_gssize_set() warning with new glib versions
(#3286)

Credits

syslog-ng is developed as a community project, and as such it relies
on volunteers, to do the work necessarily to produce syslog-ng.

Reporting bugs, testing changes, writing code or simply providing
feedback are all important contributions, so please if you are a user
of syslog-ng, contribute.

We would like to thank the following people for their contribution:

Airbus Commercial Aircraft, Andras Mitzki, Antal Nemes, Attila Szakacs,
Balazs Scheidler, Gabor Nagy, Laszlo Budai, Laszlo Szemere, László Várady,
Péter Kókai, Vatsal Sisodiya, Vivin Peris.

syslog-ng - syslog-ng-3.27.1

Published by lbudai over 4 years ago

3.27.1

Highlights

DESTIP/DESTPORT/PROTO: new macros. (#2899)
set-facility(): add new rewrite operation to change the syslog facility associated with the message. (#3136)
network tls: Added ca-file() option. With this option the user can set a bundled CA-file to verify the peer. (#3145)
Forward integrity and confidentiality of logs (#3121): It is an experimental feature currently, we are still working on the final form with the authors.

Features

DESTIP/DESTPORT/PROTO: new macros

These new macros express the destination ip, destination port and used protocol on a source.

The use-case behind the PR is as follows:
- someone has an appliance which sends out log messages via both UDP and TCP
- the format of the two are different, and he wants to capture either with the simplest possible filter
- netmask() doesn't work because the IP addresses are the same
- host() doesn't work because the hostnames are the same
Example:
```
log {
  source { network(localip(10.12.15.215) port(5555) transport(udp)); };
  destination { file("/dev/stdout" template("destip=$DESTIP destport=$DESTPORT proto=$PROTO\n")); };
};
```
Output:
```
destip=10.12.15.215 destport=5555 proto=17
```
(#2899)

set-facility(): add new rewrite operation to change the syslog facility
associated with the message.

log {
    source { system(); };
    if (program("postfix")) {
      rewrite { set-facility("mail"); };
    };
    destination { file("/var/log/mail.log"); };
    flags(flow-control);
};

(#3136)

network tls: Added ca-file() option. With this option the user can set a bundled CA-file to verify the peer.
(#3145)

http: When a HTTP response is received, emit a signal with the HTTP response code.
(Later it can be extended to read the response and parse it in a slot...).

This PR also extends the Python HTTP header module with the possibility of writing custom HTTP response code handlers. When someone implements an auth header plugin in Python, it could be useful (for example invalidating a cache).


@version: 3.25

python {
from syslogng import Logger

logger = Logger()

class TestCounter():
    def __init__(self, options):
        self.header = options["header"]
        self.counter = int(options["counter"])
        logger.debug(f"TestCounter class instantiated; options={options}")

    def get_headers(self, body, headers):
        logger.debug(f"get_headers() called, received body={body}, headers={headers}")

        response = ["{}: {}".format(self.header, self.counter)]
        self.counter += 1
        return response

    def on_http_response_received(self, http_code):
        self.counter += http_code
        logger.debug("HTTP response code received: {}".format(http_code))

    def __del__(self):
        logger.debug("Deleting TestCounter class instance")
};

source s_network {
  network(port(5555));
};

destination d_http {
    http(
        python_http_header(
            class("TestCounter")
            options("header", "X-Test-Python-Counter")
            options("counter", 11)
            # this means that syslog-ng will trying to send the http request even when this module fails
            mark-errors-as-critical(no)
        )
        url("http://127.0.0.1:8888")
    );
};

log {
    source(s_network);
    destination(d_http);
    flags(flow-control);
};

(#3159)

java/python: add support for the "arrow" syntax.
```
options("key" => "value")
```
(#3161) (#3247)
python: persist support for python

This feature enables users to persist data between reloads or restarts. The intended usage is to support bookmarking and acknowledgement in the future. It is not suitable for local database use cases.
(#3171)
rewrite: Added conditional set-tag() option. With this option the user can put condition statement inside set-tag option.
```
rewrite { set-tag("tag" condition(match("test" value("MSG")))); };
```
(#3190)
scl: add sumologic destinations: sumologic-syslog() and sumologic-http()
(#3194)
iterate: new template function

The iterate template function generates a series from an initial number and a next function.

For example you can generate a sequence of nonnegative numbers with
```
source {
  example-msg-generator(
    num(3)
    template("$(iterate $(+ 1 $_) 0)")
  );
};
```
(#3205)
telegram: new max-size option

Telegram message will be truncated for max-size size. Telegram does not accept message larger than 4096 utf8 characters. The default value is 4096.
(#3206)

example-message-generator : add support for values(name1 => value1, name2 => value2,..) syntax.

Example

@version: 3.27
log {
  source { example-msg-generator(template("message parameter")
                                 num(10)
                                 values("PROGRAM" => "program-name"
                                        "current-second" => "$C_SEC"
                                ));
         };
  destination { file(/dev/stdout template("$(format-json --scope all-nv-pairs)\n")); };
};

(#3237)

example-msg-generator: support freq(0) for fast message generation

log {
   source { example-msg-generator(freq(0) num(100)); };
   destination { file("/dev/stdout"); };
};

(#3245)

Bugfixes

file: changed time-reap() timer's schedule to respect the documentation (expires after last message)
(#3133)
dbld: fix building problems
- fix rpm package build on centos-7
- fix devshell image build
- fix ubuntu-trusty image build
- fix deb package build on ubuntu-trusty
- fix rpm package build on fedora-30
  (#3143)
tls (network): Properly log an error message, when key-file() or cert-file() is missing.
(#3145)
loggen: fix crash with invalid parameterization
(#3146)
format-json: fix printing of embedded zeros

Prior to 2.64.1, g_utf8_get_char_validated() in glib falsely identified embedded zeros as valid utf8 characters. As a result, format json printed the embedded zeroes as \u0000 instead of \x00. This change fixes this problem.
(#3175)
configure: fix --with-net-snmp configure option
(#3180)
python: fix Py_None reference counting in logger methods (trace, debug, info, warning, error)
(#3187)
afmongodb: do not build module when ENABLE_MONGODB=OFF
(#3188)
telegram: automatically truncate messages larger than 4096 utf8 characters to avoid telegram destination to get stuck
(#3206)
compat/glib: fix recursive call issue on CentOS-6/RHEL-6/platforms
(#3212)
timeutils: fix crash in %f conversion when non-numeric character is in usec field (e.g. ".asd123")
(#3270)

Packaging

macOS: add example startup configuration.
(#3172)
rpm: fix --without maxminddb option

If maxminddb development package was installed on the build system: rpmbuild fails if --without maxminddb was used.
(#3208)

Notes to developers

light: Support to relocate reports dir other than current base dir

For example

python -m pytest -lvs functional_tests/source_drivers/file_source/test_acceptance.py --installdir=/install --reports /tmp/

(#3157)

CONTRIBUTING.md: contribution guide updated
(#3174)
libtest: Now we install config_parse_lib.h, fake-time.h, mock-cfg-parser.h and queue_utils_lib.h
which help unit testing outside of core.
(#3179)
tests: Wait until snmptrapd process able to write traps into output file
(#3185)
mongodb: Replaced the deprecated get_server_status() API with command_simple().

This means, that syslog-ng can now be built with -Werror on systems with 1.15 libmongoc.
(#3199)
stats: add external stats counters

There are situations when someone wants to expose internal variables through stats-api.
Without this changeset, we need two distinct variables: one is for the internal state, other is for the
stats registration (internal state cannot depends on the life cycle of the StatsCounterGroup).
(#3225)

Other changes

afsnmp: merge two existing SNMP modules (trapd-parser and destination) into one.

Motivation: keep closely related modules together and decrease the number of small packages.

Packaging related changes:

libsnmptrapd-parser.so has been removed, both the snmp destination and the trapd parser are part of afsnmp.so .
- deb: we already had mod-snmp which shipped snmp-dest. From now, this packages installs the snmptrapd-parser syslog-ng module. The syslog-ng-mod-snmptrapd-parser package has been removed.
- rpm: snmpdest renamed to afsnmp and the snmptrapd-parser is installed by this package from now
  (#3142)
dbld: remove ubuntu-cosmic as it has reached EOL
(#3143)
afsocket-source: present the number of connections in stats

It helps in the debug process if we can see the number of source connections counted by syslog-ng internally.
(#3193)

Credits

syslog-ng is developed as a community project, and as such it relies
on volunteers, to do the work necessarily to produce syslog-ng.

Reporting bugs, testing changes, writing code or simply providing
feedback are all important contributions, so please if you are a user
of syslog-ng, contribute.

We would like to thank the following people for their contribution:

Airbus Commercial Aircraft, Andras Mitzki, Antal Nemes, Attila Szakacs, Balazs Scheidler, Gabor Nagy, Kokan, Laszlo Budai, Laszlo Szemere, László Várady, Mehul Prajapati, Roberto Meléndez, Stephan Marwedel, Steven Haigh, Peter Czanik, Thomas De Schampheleire, Vatsal Sisodiya, Vivin Peris

syslog-ng - syslog-ng-3.26.1

Published by lbudai over 4 years ago

3.26.1

Highlights

file source: Added a new option to multi-line file sources: multi-line-timeout()
After waiting multi-line-timeout() seconds without reading new data from the file, the last (potentially partial)
message will be flushed and sent through the pipeline as a LogMessage.
Since the multi-line file source detects the end of a message after finding the beginning of the subsequent message
(indented or no-garbage/suffix mode), this option can be used to flush the last multi-line message
in the file after a multi-line-timeout()-second timeout.
There is no default value, i.e. this timeout needs to be explicitly configured.
Example config:
```
file("/some/folder/events"
    multi-line-mode("prefix-garbage")
    multi-line-prefix('^EVENT: ')
    multi-line-timeout(10)
    flags("no-parse")
);
```
(#2963)

python-http-header: Added this new plugin, which makes it possible for users to implement HTTP header plugins in Python language.
It is built on top of signal-slot mechanism: currently HTTP module defines only one signal, that is signal_http_header_request and python-http-header plugin implements a python binding for this signal. This means that when the signal_http_header_request signal is emitted then the connected slot executes the Python code.
The Python interface is:

def get_headers(self, body, headers):

It should return string List. The headers that will be appended to the request's header.
When the plugin fails, http module won't try to send the http request without the header items by default.
If you want http module to trying to send the request without these headers, just disable mark-errors-as-critical() function.
Original code was written by Ferenc Sipos.

@version: 3.26
python {
from syslogng import Logger
logger = Logger()
class TestCounter():
    def __init__(self, options):
        self.header = options["header"]
        self.counter = int(options["counter"])
        logger.debug(f"TestCounter class instantiated; options={options}")
    def get_headers(self, body, headers):
        logger.debug(f"get_headers() called, received body={body}, headers={headers}")
       
        response = ["{}: {}".format(self.header, self.counter)]
        self.counter += 1
        return response
    def __del__(self):
        logger.debug("Deleting TestCounter class instance")
};
source s_network {
  network(port(5555));
};
destination d_http {
    http(
        python_http_header(
            class("TestCounter")
            options("header", "X-Test-Python-Counter")
            options("counter", 11)
            # this means that syslog-ng will trying to send the http request even when this module fails
            mark-errors-as-critical(no)
        )
        url("http://127.0.0.1:8888")
    );
};
log {
    source(s_network);
    destination(d_http);
    flags(flow-control);
};

azure-auth-header: Added this new plugin, which generates authorization header for applications connecting to Azure.
It can be used as a building block in higher level SCLs.
Implemented as a signal-slot plugin.

@version: 3.26
@include "scl.conf"
destination d_http {
  http(
    url("http://127.0.0.1:8888")
    method("PUT")
    user_agent("syslog-ng User Agent")
    body("${ISODATE} ${MESSAGE}")
    azure-auth-header(
      workspace-id("workspace-id")
      secret("aa1a")
      method("POST")
      path("/api/logs")
      content-type("application/json")
    )
  );
};
source s_gen {
  example-msg-generator(num(1) template("Test message\n"));
};
log {
  source(s_gen);
  destination(d_http);
};

python: From now on users can specify a persist name template from python code.
```
@staticmethod
def generate_persist_name(options):
    return options["file_name"]
```
- Usage of this function is necessary, when one python destination is used multiple times in one config.
- Persist name from config takes precedence over generate_persist_name.
- Persist name is exposed through self.persist_name. (#3016)

Features

set-severity(): Added this new rewrite rule for changing message severity.
It receives a template and sets message severity by evaluating the template.
Numerical and textual severity levels are both supported.
Examples:
```
rewrite {
  set-severity("info");
  set-severity("6");
  set-severity("${.json.severity}");
};
```
(#3115)
$(list-search): Added a new template function, which returns the first index of a pattern in a list.
Starts the search at start_index. 0 based. If not found, returns empty string.
Usage: $(list-search --mode MODE <pattern> ${list})
Where mode can be: literal (default), prefix, substring, glob, pcre.
Add --start-index <index> to change the start index. (#2955)
config version: Made the config version check of the configuration more liberal by accepting version numbers
that had no changes relative to the current version. This means that if you are running 3.26 and the last
semantic change in the configuration was 3.22, then anything between 3.22 and 3.26 (inclusive) is accepted
by syslog-ng without a warning at startup. (#3074)
$SEVERITY instead of $LEVEL: syslog-ng now follows the RFC3164 trend of using severity instead of level
to refer to the severity of the message that is used in the template language ($SEVERITY),
filter expressions (severity()) and so on. (#3128)
http: Added ssl_version("tlsv1_3") and ssl_version("no-tlsv13") options to respectively force and disable TLSv1.3. (#3063)
scl: Improved error message at init, when an scl is missing a dependency. (#3015)
geoip2: Added template() option as an alias for the positional argument string, to match the grammar convention. (#3051)
loggly: Added transport() option, so users can now use it with tls (or any network() supported transport). (#3149)
config-option-database: Added support for parser, diskq and hook-commands blocks. (#3029)

Bugfixes

configure.ac: Fixed gethostbyname() function location detection (#3135)
http: Fixed a crash, when workers() was set to 0. We do not allow nonnegative values anymore. (#3116)
snmp-dest: engine-id() option now handles 5 to 32 characters, instead of the strict 10 before. (#3058)
http: Fixed handling of ssl-version() option, which was ignored before.
Prior this fix, these values of ssl-version in http destination were ignored by syslog-ng:
tlsv1_0, tlsv1_1, tlsv1_2, tlsv1_3. (#3083)
network sources: Added workaround for a TLS 1.3 bug to prevent data loss.
Due to a bug in the OpenSSL TLS 1.3 implementation (openssl/openssl#10880),
it is possible to lose messages when one-way communication protocols are used, -
such as the syslog protocol over TLS (RFC 5425,
RFC 6587) - and the connection is closed by the client right after sending data.
The bug is in the TLS 1.3 session ticket handling logic of OpenSSL.

To prevent such data loss, we've disabled TLS 1.3 session tickets in all syslog-ng network sources.
Tickets are used for session resumption, which is currently not supported by syslog-ng.

The loggen testing tool also received some bugfixes (#3064), which reduce the
likelihood of data loss if the target of loggen has not turned off session tickets.

If you're sending logs to third-party OpenSSL-based TLS 1.3 collectors, we recommend turning session
tickets off in those applications as well until the OpenSSL bug is fixed. (#3082)
cmake: Now we install loggen headers, as we do with autotools. (#3067)
graylog2, format-gelf: Fixed sending empty message, when ${PID} is not set.
Also added a default value "-" to empty short_message and host as they are mandatory fields. (#3112)
loggen: fix dependency error with cmake + openssl from nonstandard location (#3062)
config-option-database: Fixed reading 'grammar' and 'parser' files on 'POSIX' environment (#3125)
file source: Fixed file source not able to process new message after log-msg-size() increase. (#3075)
checkpoint parser: Fixed parsing ISO timestamp. (#3056)
secret-storage: Fixed some cases, where diagnostical logs were truncated. (#3141)
loggen, dqtool: Fixed a crash, when writing error/debug message or relocating qfile. (#3069)
build: Fixed a compatibility related build error on Solaris 11. (#3070)
loggen: Fixed address resolution when only loopback interface was configured. (#3048)

Packaging

scl: Moved scl files to the core package. (#2979)
RHEL: Now we include the packaging/rhel/ folder in our release tarball. (#3071)
RHEL 8 / CentOS 8: Added RHEL 8 / CentOS 8 support to syslog-ng.spec (#3034)

Notes to developers

signal-slot-connector: Introduced a generic event handler interface for syslog-ng modules.
- The concept is simple:
  - There is a SignalSlotConnector which stores Signal - Slot connections
  - Signal : Slot = 1 : N, so multiple slots can be assigned to the same Signal.
  - When a Signal is emitted, the connected Slots are executed.
  - Signals are string literals and each module can define its own signals.
- Interface/protocol between signals and slots:
  - A macro (SIGNAL) can be used for defining signals as string literals:
```
SIGNAL(module_name, signal, signal_parameter_type)
```
The parameter type is for expressing a kind of contract between signals and slots.
- Usage:
```
   #define signal_cfg_reloaded SIGNAL(config, reloaded, GlobalConfig)
   the generated literal:
   "config::signal_reloaded(GlobalConfig *)"
```
- emit passes the argument to the slots connected to the emitted signal. (#3043)
http: Defined the Signal interface for HTTP - with one signal at this time.
What's in the changeset?
- List ADT (abstract data type for list implementations) added to lib.
  - Interface:
    - append
    - foreach
    - is_empty
    - remove_all
- Implemented the List ADT in http module with struct curl_slist for storing the headers.
- HTTP signal(s):
  - Currently only one signal is added, header_request.
    Note, that the license for http-signals.h is LGPL . (#3044)

example-modules: Added example http slot plugin.
This plugin is an example plugin that implements a slot for a HTTP signal (signal_http_header_request).
When the plugin is attached, it CONNECT itself to the signal.
When the signal is emitted by the http module, the slot is executed and append the header to the http headers.
header is set in the config file.

@version: 3.26
@include "scl.conf"
destination d_http {
  http(
    url("http://127.0.0.1:8888")
    method("PUT")
    user_agent("syslog-ng User Agent")
    http-test-slots(
      header("xxx:aaa") # this will be appended to the http headers
    )
    body("${ISODATE} ${MESSAGE}")
  );
};
source s_generator {
  example-msg-generator(num(1) template("test msg\n") );}
;
source s_net {
  network(port(5555));
};
log {
  source(s_generator);
  destination(d_http);
};

NEWS.md: From now on, for every PR that we want to include in the newsfile,
we must create the news entry with the PR itself. See news/README.md. (#3066)
snmp test in Light: Added snmp destination tests in the Light test framework.
These tests requires snmptrapd as an external dependency. If you don't want to run this test,
you can use the pytest's marker discovery feature: python -m pytest ... -m 'not snmp'
The tests are run by syslog-ng's Travis workflow. (#3126)
cmake: Added add_module function to cmake to normalize CMakeLists.txt files for modules. (#3106)
dbld: Introduced syslog-ng-kira as a new CI image (#3125)
FunctionalTests: Functional tests are now Python3 compatible (#3144)
dbld: Added Ubuntu 19.10 and 20.04 (#3091)
dbld: Added option to customize shell command.
With this change, it is possible to override the option with rules.conf, while keeping the default behaviour.
The simplest example: use existing images, start a new one if there is none. (use docker rm manually if you want to update)
```
DOCKER_SHELL=$(DOCKER) inspect $* > /dev/null 2>&1; \
  if [ $$? -eq 0 ]; then \
    $(DOCKER) start -ia $*; \
  else \
    $(DOCKER) run $(DOCKER_RUN_ARGS) -ti --name $* balabit/syslog-ng-$* /source/dbld/shell; \
  fi
```
(#3038)

Other changes

python: Added --with-python3-home configure option to use a hard-coded PYTHONHOME for Python-based plugins.
This can be useful when a Python interpreter is bundled with syslog-ng.
Relocation is supported, for example: --with-python3-home='${exec_prefix}' (#3134)
afmongodb: Removed the support of deprecated legacy configurations (#3092)
http: use-system-cert-store() now autodetects the system provided cert-store (#3086)
doc: Added manual page for persist-tool. (#3072)

Credits

syslog-ng is developed as a community project, and as such it relies
on volunteers, to do the work necessarily to produce syslog-ng.

Reporting bugs, testing changes, writing code or simply providing
feedback are all important contributions, so please if you are a user
of syslog-ng, contribute.

We would like to thank the following people for their contribution:

Andras Mitzki, Antal Nemes, Attila Szakacs, Balazs Scheidler, Dylan Perry, Gabor Nagy, Laszlo Budai,
Laszlo Szemere, László Várady, Norbert Takacs, Peter Czanik, Péter Kókai, Romain Tartière, Tomáš Mózes.

syslog-ng - syslog-ng-3.25.1

Published by lbudai almost 5 years ago

3.25.1

Highlights

http-destination: Users now can specify the action for any HTTP result code.
Use with response-action(response_code => action) in your http block.
Available actions are: success, retry, drop and disconnect. (#3007)
syslog-ng-cfg-db: Added a new script, which can provide the options of
sources and destinations queried by the user. This tool can make the configuration
of syslog-ng a lot easier. Use with ./syslog-ng-cfg-db.py from the
contrib/config_database dir.(#2997)
redis-destination: Improved the performance by 2 orders of magnitude.
In our labor environment, now it operates at 25k EPS. (#2972)

Features

create-dirs(): Added to pipe() source/destination, and standardize the behavior.
(#3018, #2635)
default-network-drivers: Added max-connections() option, to change the limit
from 10. (#2961)
checkpoint: Added support for timezone value at the end of timestamps. (#3033)
filter/rewrite: Added disable-jit flag to disable JIT PCRE compilation. (#2992, #2986)
syslog-ng-ctl: Added export-config-graph option to visualize config graph. (#2990)
build/travis: Added ARM64 arch support. (#2967)
build/dbld: Readded CentOS 6 support. (#2860, #2971, #3028)
python: Added Python 3.8 support. (#3017)

Bugfixes

tls: Fixed an infinite loop which occured, when a TLS connection broke. (#3026, #3009)
log-block: Fixed an issue, where inline network destinations disjointed
the rest of the config. (#2989, #2820)
kafka/network-load-balancer: Fixed a crash when an argument was set to empty. (#3002)
python-source: Fixed a memory corruption during reload. (#3014)
python-destination: Actually use return value of open method. (#2998, #2513)
python-fetcher: Fixed FETCH_NO_DATA and FETCH_TRY_AGAIN constants. (#3012)
python: Fixed python Exception reporting when no Exception happened. (#2995)
telegram: Fixed the syntax error of the use-system-cert-store() option. (#2977)
config: Throw error to single dots, which were ignored before. (#3000)
file-destination: Delay ACKs until messages are written to disk. This fixes message
drop on I/O error and message lost in the LogProtoFileWriter in case of a crash, by
retrying to send the message. (#2985)
http-destination: Handle global template options values. (#3020)
timeutils: Fixed month and day name parsing, when only the first 2 characters
matched. (#3035)
logmsg: Added default PRI value (LOG_USER | LOG_NOTICE) to log messages
created without initial parsing. (#2974)
packaging: Added ordering dependencies network.target and network-online.target
to the service files. (#2994, #2667)
amqp: Support older (0.7.1) version (#2999)
loggen: Set plugin path in installation time. (#3019)
timeutils/patterndb: Fixed some undefined behaviours. (#2969)
stomp: Fixed a buffer over-read on connection. (#2988)
pseudofile: Fixed a crash, when template() option is not set. (#2988)
wildcard-source: Fixed a crash, when max-files() was set to 0. (#2988)

Other changes

syslog-ng-debun: Various maintenance updates and small fixes. (#2993)
scl: Avoid @requires loading the plugins themselves. (#2887)

Credits

syslog-ng is developed as a community project, and as such it relies
on volunteers, to do the work necessarily to produce syslog-ng.

Reporting bugs, testing changes, writing code or simply providing
feedback are all important contributions, so please if you are a user
of syslog-ng, contribute.

We would like to thank the following people for their contribution:

Andras Mitzki, Antal Nemes, Attila Szakacs, Balazs Scheidler, Clément Besnier,
Gabor Nagy, jadhavsumit98, Janos Szigetvari, Laszlo Budai, Laszlo Szemere,
László Várady, MikeLim, Nikita Uvarov, Norbert Takacs, pabloli, Péter Kókai,
Zoltan Pallagi.

syslog-ng - syslog-ng-3.24.1

Published by lbudai about 5 years ago

3.24.1

Highlights

Add a new template function called $(format-flat-json), which generates
flattened json output. This is useful for destinations, where the json
parsing does not handle nested json format. (#2890)
Add ISO 8601 compliant week numbering. Use it with the ${ISOWEEK} macro
and and all its variants: S_ISOWEEK, R_ISOWEEK and C_ISOWEEK. (#2878)
Add add-contextual-data() glob selector. It matches the message with shell
style globbing. Enable it by setting selector(glob("$my_template") in the
add-contextual-data() block. (#2936)
Add new rewrite operations to manipulate the timezone portion of timestamps have
been added. set-timezone() to set the timezone value to a specific value,
fix-timezone() to fix up an incorrectly recognized timezone and guess-timezone()
to automatically deduce the timezone value on the assumption that the message
is received in near real time. (#2818)
Send Server Name Identification (SNI) information with transport(tls).
Enable it by setting the sni(yes) option in the tls block in your
destination. (#2930)

Features

templates: change the $LOGHOST macro to honour use-fqdn() (#2894)
Define syslog-ng-sysconfdir (#2932)
dqtool: add assign dqfile to persist file feature (#2872)

Bugfixes

Fix backtick subsitution of defines/environment variables in the main configuration file. (#2906, #2909)
Fix SCL block parameter substitution of quoted escaped newline (#2901)
python, diskq, random-generator source: crash after failed reload (#2907)
Fix crash at shutdown on 32bit systems (#2893, #2895)
Invalidate the value of the LEGACY_MSGHDR macro in case either the PID or the PROGRAM
macros are unset() using a rewrite rule. Previously LEGACY_MSGHDR would retain the old values. (#2896)
on 32bit platform diskq ftruncate could fail due to size 32/64 interface (#2892)
Support new tzdata format, starting from version 2009.XXX, in tzinfo parser. (#2898)
udp, udp6, tcp, tcp6, syslog, network destination: Correctly detect and set IP_MULTICAST_TTL
in case of multicast ip address (#2905)
Fix hostname resolve on systems with only the loopback network interface configured (#2933)
wildcard-file(): Add multi-line(), pad_size() and multi-line-mode() option validation. (#2922)
kafka-c: Fix multiple memleaks (#2944)

Other changes

geoip: remove deprecated module, geoip2 database location detection (#2780)
various refactor, build issue fixes (#2902)

Notes to the developers

LightRunWithStrace: Run syslog-ng behind strace (#2921)
LightVerboseLogOnError: Increase default pytest verbosity on error (#2919)
Dbld image caching (#2858)
Dbld gradle caching (#2857)
logreader,logsource: move scratch-buffer mark and reclaim into LogSource (#2903)

Credits

syslog-ng is developed as a community project, and as such it relies
on volunteers, to do the work necessarily to produce syslog-ng.

Reporting bugs, testing changes, writing code or simply providing
feedback are all important contributions, so please if you are a user
of syslog-ng, contribute.

We would like to thank the following people for their contribution:

Andras Mitzki, Antal Nemes, Attila Szakacs, Balazs Scheidler, Bertrand Jacquin,
Gabor Nagy, Henrik Grindal Bakken, Kerin Millar, kjhee43, Laszlo Budai,
Laszlo Szemere, László Várady, Péter Kókai, Raghunath Adhyapak, Zoltan Pallagi.

syslog-ng - syslog-ng-3.23.1

Published by lbudai about 5 years ago

3.23.1

Features

The redis() destination now handles any number of command parameters.
(#2816)
The format() option of date-parser() supports lists. From now on, a
single date-parser() instance is able to process different date formats,
making it easy to catch on when some programs change the way they log
information. (#2779)
Add relocation support for disk-buffer(). The relocate subcommand of
dqtool can be used to move a single or multiple queue files. (#2855)
file(), pipe(): The time-reap() option now can be set or disabled for
each destination separately.
Use time-reap(0) to disable closing idle destination files. (#2798)
syslog-ng-ctl: Add list-files subcommand to print files present in the
current configuration. (#2797)

Bugfixes

Fix minor memory leaks (#2868)
Add global context to standalone parsers (#2876)
Fix heap usage after free in cfg_run_parser_with_main_context (#2884)
Fix g_thread_init call order issue with older glibs (#2853)
SNMP destination: fixing statistics format (#2854)
eventlog: flush escaped_buffer when full (#2837)
dbparser: remove unnecessary lock (#2838)
dbparser: fix crash when context times out in the middle of another rule (#2832)
radix: fix grouping in PCRE (#2808)
add-contextual-data: make filters config plugin aware (#2886)
Undefined warning regression (#2829)

Other changes

Disable time-reap() on non-templated filenames by default (#2798)
The --preprocess-into command line flag accepts -, and writes the
preprocessed configuration to stdout. (#2869)
Add information on environment variables passed to the confgen script (#2888)
Light: minor fixes (#2867, #2844)
python: use malloc_debug for python unit tests (#2866)
Travis: verbose unit test output (#2851)
Travis cleanup (#2809)
filter: add unit tests to filter-op (#2835)
Fix clang/gcc diagnostic differences (#2810)
Fix leak in stats test (#2874)
cmake, autotools: -Wundef to enable-extra-warning (#2806)

Notes to the developers

Check whether commit messages are properly formatted (#2803, #2807)
gitignore: tags file and build directory (#2794)

Credits

syslog-ng is developed as a community project, and as such it relies
on volunteers, to do the work necessarily to produce syslog-ng.

Reporting bugs, testing changes, writing code or simply providing
feedback are all important contributions, so please if you are a user
of syslog-ng, contribute.

We would like to thank the following people for their contribution:

Andras Mitzki, Antal Nemes, Attila Szakacs, Balazs Scheidler, Gabor Nagy,
Laszlo Budai, Laszlo Szemere, László Várady, Mark Bonsack, Mehul Prajapati,
Péter Kókai, Romain Tartière, Zoltan Pallagi.

syslog-ng - syslog-ng-3.22.1

Published by lbudai over 5 years ago

3.22.1

Highlights

Sending SNMP traps: Using the new snmp() destination, incoming log messages
can be converted to SNMP traps, as the fields of the SNMP messages can be
customized with macros. (#2693)
$(template) dynamic binding: Extends the $(template) template function to
allow dynamic binding. For example, the name of the template to be invoked
can come from the message (name-value pairs). (#2716)
syslog(), network(): Add dynamic-window-size() option to enable dynamic
flow control that distributes the specified amount of window between active
connections at runtime. This can be used in low-memory environments, where
only a small subset of the active clients sends messages at high rate.
(#2772)

Features

match(): Add support for the template() option (#2715)
add-contextual-data(): Allow using templates in name-value pairs (#2711)
Add support for floating point operations in template functions (#2742)
Add support for usec precision when parsing time (#2709)

Bugfixes

Fix null pointer access when destinations are suspended (#2778)
Fix grouping-by() deadlock (#2758)
Fix a general source-related crash and enhance wildcard-file()'s bookmark
handling (#2589)
Fix infinite loop (reload/reopen) (#2739)
Fix python() package/module name collision (#2438)
Fix escaped quote in block argument (#2781)
Reintroduce test on SYSLOG_NG_HAVE_TIMEZONE (#2774)
snmp(): Fix template leak (#2746)

Other changes

Never drop flow-controlled messages: The meaning of log-fifo-size() has
changed to avoid dropping flow-controlled messages when log-fifo-size() is
misconfigured. From now on, log-fifo-size() only affects messages that are
not flow-controlled. (#2753)
The -d/--debug syslog-ng command line flag no longer implies
-e/--stderr. If you want to redirect internal() source to stderr,
use the -e/--stderr option explicitly. (#2731)
dbld, RPM and DEB packaging improvements (#2724)
Checkpoint parser improvements (#2740)
Reset the timezone on config reload event (#2691)
geoip2(): Include IP into the error message (#2743)
Improve regexp error messages (#2796)
http(): Warn if less workers used than urls (#2757)
http(): Allow URLs to be specified by a space/comma separated string
(#2699)
loggen: Change message rate at runtime using signals (#2756)
debun: add acquire_running_syslog_config function (#2752)
FreeBSD fixes for the test suite (#2783)

Notes to the developers

ivykis: update to 0.42.4 (#2736)
Support generator plugins in global options (#2747)
logthrfetcher: new constants (#2766)
logthrsourcedrv: support position tracking (#2750)
Light: Support pre-commit and tox (#2725)
Enable Bison error flags: conflicts-sr/rr (#2762)
Dynamic stats constant registration (#2761)

Credits

syslog-ng is developed as a community project, and as such it relies
on volunteers, to do the work necessarily to produce syslog-ng.

Reporting bugs, testing changes, writing code or simply providing
feedback are all important contributions, so please if you are a user
of syslog-ng, contribute.

We would like to thank the following people for their contribution:
Andras Mitzki, Antal Nemes, Attila Szakacs, Balazs Scheidler,
Christian Michallek, Fabien Wernli, Gabor Nagy, Kyeong Yoo, Laszlo Budai,
Laszlo Szemere, László Várady, Mehul Prajapati, Norbert Takacs, Oleksii Hamov,
Péter Kókai, Romain Tartière, Zoltan Pallagi.

syslog-ng - syslog-ng 3.21.1

Published by lbudai over 5 years ago

3.21.1

Highlights

Add an alternative, native, librdkafka based kafka-c() destination in
parallel of the existing Java implementation, that provides the same
configuration interface. Eventually, we expect this to replace the Java
one (#2496)
Add a native, http() based destination based driver for elasticsearch
called elasticsearch-http(), as an alternative of the Java one.
Eventually, we expect this to replace the Java implementation. (#2509)
Add the ability to automatically determine the timezone value for an
incoming log entry as long as the incoming stream is close to real time
and the timezone information is missing from the timestamp. Enable this
function by using flags(guess-timezone) for sources and the
date-parser(). (#2517, #2673)

Features

syslog(): Add the ability to work with messages larger than log-msg-size()
in the source driver by using the trim-large-messages(yes) option.
The characters over the limit will be truncated. Previously messages
longer than the limit caused the connection to be closed abruptly.
(#2644)
amqp(): add support for heartbeats and the "external" authentication
mechanism. (#2676, #2626)
graylog2(): add support for TLS and UDP. (#2657)
udp(): Add spoof-source-max-msglen() option to allow setting the
maximum spoofed datagram size, which was hard-wired to 1024 previously.
(#2535)
db-parser(): add an option program-template() that customizes the
value used for matching the PROGRAM field. (#2651)
pdbtool: Add sort option to pdbtool merge (#2664)
$(implode) and $(explode): add template functions to split and join
strings based on a simple separator. The exploded array is represented as
a syslog-ng list that can be manipulated with the $(list-*) template
functions. (#2700)
Add an --omit-empty-values option for value-pairs based destinations &
template functions. (#2519)
grouping-by() parser: add sort-key() option (#2701)

Support for non-syslog or non-standard formats in SCL

apache-accesslog-parser(): support for vhost:port as the first field in
common/combined log formats (#2688)
Add application adapter for Junos classification (#2684)
Add parser and adapter for CheckPoint LogExporter output (#2665)

Bugfixes

Fix race condition of idle timer and scheduled I/O job (#2650)
Few leaks find via sanitizer (#2696)
syslogformat: set $MSG even if the incoming message is empty (#2672)
Fix double-free error in logproto unit tests (#2662)
groupingby: identical persist name (#2659)
stats: deindex pruned counters/clusters (#2648)
Type hinting should not accept empty values (#2639)
app-parser, pseudofile: fix crash with grammar error (#2640)
python: set_timestamp normalization (#2643)
db-parser: fix memory leak (#2652)
grouping-by: use after free, memory leak, missing init calls of filters (#2655)
amqp: fixing double connect (#2660)
old style definition warning fixes (#2680)
Fix "!=" filter (#2683)
dbparser: fix memleak (#2706)
nondumpable-allocator: fixing mmap error handling (#2666)
Fix timeutils warning (#2604)
Fix old style include statement compatibility (#2600)
Fix config revert (threaded destinations) (#2596)
Add warning on old style include statement (#2592)

Other changes

cfg-parser: add aliases for yesno (#2671)
Include json-c in the dist tarball (#2590)
cmake: disable_all_modules support (#2647)
Cmake clang sanitizer (#2562)
timeutils refactor (#2483)
Expedite threaded flush at reload (#2656)
elasticsearch2: Added deprecation warning (#2628)
Astyle fixes (#2624)
Force C99 with GNU (#2623)
Make rewording and other small edits to README (#2608)
Port tests to Criterion (#2607, #2661, #2621, #2620, #2619, #2618, #2617,
#2616, #2615, #2599, #2594, #2593, #2591, #2586, #2584, #2583)
test_reliable_backlog: fix random failure (#2668)
Fix unit test with function pointer dereference in case of ASLR, Criterion (#2669)
test-stats-query: fix unit test (#2603)

Notes to the developers

Version from git describe (#2627)
light: example-msg-generator support (#2571)
light: test app parser applications (#2686)
light: Switch to native logger (#2546)
light: Remove SetupTestcase() dependency (#2587)

Credits

syslog-ng is developed as a community project, and as such it relies
on volunteers, to do the work necessarily to produce syslog-ng.

Reporting bugs, testing changes, writing code or simply providing
feedback are all important contributions, so please if you are a user
of syslog-ng, contribute.

We would like to thank the following people for their contribution:
Andras Mitzki, Antal Nemes, Attila Szakacs, Balazs Scheidler, Chris Spencer,
David Liew, Fabien Wernli, Gabor Nagy, Laszlo Budai, Laszlo Szemere, Layne,
László Várady, Mehul Prajapati, Nik Ambrosch, Parth Wazurkar, Péter Kókai,
Terez Nemes, Victor Ma, Zoltan Pallagi.

syslog-ng - syslog-ng-3.20.1

Published by alltilla over 5 years ago

3.20.1

Features

Add persist-tool (#2511)
Collectd destination (#1433)
Config reload status feedback (#2367)
Netskope parser (#2541)
Websense parser (#2471)
Json list support (#2536)
Xml-parser: add list support (#2544)

Bugfixes

DNS memory leak/segfault fix (#2500)
Elasticsearch2: fix bulk send for client-mode("http") (#2478)
Few leak fix (#2563)
Filter-re: ref/unref NVTable around regex eval (#2494)
Fix allowing negative version number in config (#2548)
Fix app-parser() per reload memory leak (#2469)
Fix non-reliable disk-queue truncating problem on load (#2406)
Fix threaded source/destination crash when reverting configuration (#2555)
Http: add missing free for self->body_template (#2558)
Java, elasticsearch2, explicit unsupport for named templates (#2534)
Loggen: parameter handling (#2477)
Python-source: fix crash when posting from python thread (#2533)
Read acknowledgments send by Riemann (#2523)
Redis, Riemann: fix ref/unref-ing templates (#2514, #2530)
Syslog-ng@default: use pid file location on control socket (#2489)
Threaded-dest: Fix integer overflow (#2512)
Threaded-dest: make persist_name local (#2516)
Xml/geoip2: make prefix optional (#2538)

Other changes

Autotools, cmake: add detection for pylint, nosetests (#2537,#2564)
Autotools: relaxing python dependency requirement (#2472)
Cfg-parser: printing error positions in case of parse failure (#2455)
Cmake: add missing detections (#2510)
Collect-cov.sh: make coverage should work with lcov in bionic (#2515)
Configure: fix "--with-docbook*" option usage (#2465)
Custom LGTM.com query for detecting uses of gmtime that are not covered by a lock (#2413)
Fix static uClibc-ng support (#2501)
Format non-literal fixes (#2567)
Grammar: remove the pragma less include (#2550)
Http-worker: refactor & fix curl_easy_getinfo error message (#2527)
Lib/compat: replace strcasestr() implementation (#2482)
Libtest: Adding stopwatch.h into libtest_HEADERS list (#2553)
Packaging: fix the description of mod-examples (#2522)
Python-debugger: fix macro completion (#2439)
Python, java destination add already introduced retry (#2559)
Remove elastic v1 support (#2554)
Simplify libtest queue utils (#2556)
Syslog-ng.8.xml: remove unneeded default-modules section (#2475)
Travis: use the latest Bison version (macOS) (#2529)
Various fixes for issues reported by LGTM (#2524)

Notes to the developers

Example-msg-generator: num option (#2565)
Own grammar support in generator plugin (#2552)
ProtoClient: provide process_in function to logwriter (#2468)
Pytest_framework: eliminating __registered_instances, exposing SyslogNgCtl to user api (#2503)
Pytest_framework: MessageReader: Explain the local context around python asserts (#2507)
Pytest_framework: support for implicit groups in config.create_logpath (#2490)
Pytest: Renaming pytest_framework to python_functional (#2542)
Python-destination: send can return worker_insert_result_t, flush support (#2487)
Python: internal() source exposed via syslogng.Logger (#2505)
Remove unused submodules (#2525)
Simpler names for WORKER_INSERT_RESULT_T in language bindings (#2506)
Split xml-parser into xml-parser and xml-scanner (#2459)

Credits

syslog-ng is developed as a community project, and as such it relies
on volunteers, to do the work necessarily to produce syslog-ng.

Reporting bugs, testing changes, writing code or simply providing
feedback are all important contributions, so please if you are a user
of syslog-ng, contribute.

We would like to thank the following people for their contribution:
Andras Mitzki, Andrej Valek, Antal Nemes, Attila Szakacs, Balazs Scheidler,
Bas van Schaik, Fᴀʙɪᴇɴ Wᴇʀɴʟɪ, Gabor Nagy, Laszlo Boszormenyi, Laszlo Budai,
Lorand Muzamel, László Várady, Mehul Prajapati, Naveen Revanna, Peter Czanik,
Peter Kokai, Romain Tartière, Stephen, Terez Nemes, Norbert Takács,
Soubhik Chakraborty, NottyRu, Chris Packham.

syslog-ng - syslog-ng-3.19.1

Published by MrAnno almost 6 years ago

3.19.1

Features

HTTP load balancer (#2347)
Slack destination (#2451)
Add Cisco Catalyst formatted triplets support to cisco-parser() (#2394)
Add RFC5424 syslog support to the system() source (FreeBSD 12.0 support) (#2430)
Add network interface() option to network sources (#2389)
Add so-reuseport() to network drivers (#2379)
Enable supporting HTTP redirects (#2136)

Bugfixes

Fix frequent disconnects of syslog() with TLS (#2432)
Fix possible refcount leak during reload/shutdown (#2434)
Fix message storm on trace level (#2425)
Fix use after free in file destinations (time-reap) (#2418)
Fixing a few memleaks in the Java destination (#2417)
Fix telegram dst default ca dir (#2416)
Fix prefix handling in $(list-concat) and $(strip) (#2405)
Fixing an eventfd leak with ivykis<=0.38 (threaded destinations) (#2404)
Process flush result after worker thread exits (threaded destinations) (#2402)
hdfs: do not try to write unopened file (#2391)
Fix leaks in redis() destination (#2383)
Block location tracking fixes (#2378)
Fix $(basename) and $(dirname) in the presence of a prefix (#2371)
Fixing a false positive corruption detection in non-reliable diskq (#2356)
Check if /proc/kmsg can be opened in system-source (#2408)
Fix include guard in systemd-journal (#2445)
Remove hexadecimal and octal number parsing from templates (#2401)

Other changes

Do not load certs from default CURL ca-dir by default (http() destination) (#2410)
Disable SSL compression by default (#2372)
Flush lines cleanup (#2386, #2392)
Refine json-parser() log messages to be less alarming (#2437)
Move some messages to trace (#2358)
Make include-path more discoverable (#2426)
Adding build flag -Wmissing-format-attribute and -Wsuggest-attribute=noreturn (#2423)
Rewrite filter unit tests based on criterion (#2422)
PytestFramework in Travis (#2415)
syslog-ng-mod-java debian pkg should depend on headless jre (#2388)
Add contextual data error reporting improvements & csv-scanner refactor (#2373)
Afsocket remove unused functions/bitfields (#2363)
Afsocket minor cleanup/refactor (#2355)
Riemann worker (#2313)
Afsql threaded dest driver (#2097)
dbld: do not mount .gitconfig if missing (#2419)
dbld: Add missing docbook-xsl packages (#2398)
dbld: update criterion to 2.3.3 (#2396)
dbld: Remove "proposed" Ubuntu repository from enable_dbgsyms() (#2382)
dbld: Add new target "list-builder-images" (#2381)
dbld: Support Ubuntu Bionic and update existing images (#2318)
dbld: release target should use the default image (#2464)

Notes to the developers

PytestFramework: Add initial test framework (#1940)

Credits

syslog-ng is developed as a community project, and as such it relies
on volunteers, to do the work necessarily to produce syslog-ng.

Reporting bugs, testing changes, writing code or simply providing
feedback are all important contributions, so please if you are a user
of syslog-ng, contribute.

We would like to thank the following people for their contribution:

Abder Benbachir, Andras Mitzki, Antal Nemes, Attila Szakacs, Balazs Scheidler,
Gabor Nagy, Gergely Tonté, JP Vossen, Juhasz Viktor, Laszlo Budai,
Laszlo Szemere, László Várady, Norbert Takacs, Peter Kokai, Zoltan Pallagi.

syslog-ng - syslog-ng-3.18.1

Published by MrAnno about 6 years ago

3.18.1

Features

HTTP batching (#2135)
HTTP multi threading (#2291)
HTTP framing support for batches (#2190)
Python source (#2308)
Template support for Python destination (#2196)
HDFS time-reap (#2257)
Riemann batching (#2098)
flush-timeout() for HTTP (#2251)
Base64 encoding template function (#2223)
url-decode() template function (#2278)
Allow IPv4 mapped addresses in IPv6 mode (#2312)
app-parser: set ${.app.name} to the application identified (#2290)
Value pairs improvements (#2287)
syslog-ng-ctl config to print pre-processed configuration (#2280)
Add support for whitespace in template functions (#2271)
Verify the configuration is the same as on the disk (#2345)

Bugfixes

Fix queue counters race condition (#2316)
AMQP configurable max connection and frame size (#2343)
Fix wakeup in threaded sources (#2339)
Fix libnet memory leak in network destinations (#2331)
Fix unexpected flag check-hostname in syslog-parser (#2314)
Fix memory leak in dbparser (#2311)
Inline Python code comment generates syntax error (#2319)
Password protected SSL keys portability (MADV_DONTDUMP) (#2341)
Fixing compiler warnings from armv7l (#2301)
Riemann crashes in flush (#2296)
Revert sticky hook option (#2295)
Small stats fixes (#2294)
Detect filter loop (#2283, #2288)
Fix infinite loop in threaded destinations with ivykis prior 0.39 (#2275)
Fix log expr node use after free (#2269)
Remove gradle from the list of "BuildRequires" (RPM packaging) (#2266)
Fix wildcard-source memleak when directory removed (#2261, #2267)
Missing macros: C_AMPM, C_USEC, C_MSEC, C_HOUR12 (#2259)
Fix cisco timestamp parsing (#2272)
Undefined filter reference (#2273)
Fix the literal() type hint (#2286)
logwriter, affile, afsocket: fixing "internal overflow". (#2250)
lib/gsockaddr.c: modify the unix salen calculation (#2285)
dbld: fix dbld/rules deb failure (#2282)
Update data type to avoid conversion. (#2281)
compat/getent: add support for platforms that lack the r versions (#2244)
Fix memory leak caused by saving stats counter to persist config (#2279)
Hdfs: disable archive when append-enabled is configured (#2235)
scl: add linux-audit() SCL to make files (#2230)
DebianPackaging: Add linux-audit SCL to included dirs (#2254)
cap_syslog capability detection (#2227)
LogProto partial write (#2194)

Other changes

telegram, urlencode: api changes (#2299)
python: include python2/3 in plugin description (#2337)
Stats prepare for multiple queues per destdrv (#2302)
Update deprecated use of tcp()/udp() to network(). This addresses #2322 (#2326)
Message about not supported cap_syslog only at debug level (#2333)
Few test leak fix (#2323)
warning elimination: pointer arithmetics (#2305)
templates: get rid off the args_lock (#2289)
Ack tracker small refact (#2277)
ElasticSearchDestination: Display deprecated warning message about us… (#2274)
Improve Readme.md header structure (#2258)
Rewrite json tests based on criterion (#2255)
Rewrite dbparser tests based on criterion (#2252)
Processed timestamp (#2243)
msg parameters: remove last NULL parameter from msg macros (#2242)
Fix threaded destination test cases (#2236)
dbld: missing packages, deps changes (#2232, #2332, #2327, #2260, #2256)
Use msg_trace() when emitting trace information (#2226)

Notes to the developers

Threaded source and fetcher (#2247)
"Examples" module (#2248)
Do not ship mongo-c-driver with syslog-ng (remove as submodule) (#2245)

Credits

syslog-ng is developed as a community project, and as such it relies
on volunteers, to do the work necessarily to produce syslog-ng.

Reporting bugs, testing changes, writing code or simply providing
feedback are all important contributions, so please if you are a user
of syslog-ng, contribute.

We would like to thank the following people for their contribution:

Andras Mitzki, Antal Nemes, Balazs Scheidler, Gabor Nagy, Gergely Tonté,
Laszlo Budai, Laszlo Szemere, László Várady, Maurice T. Meyer, Mahmoud Salama,
Norbert Takacs, Peter Czanik, Peter Gyorko, Peter Kokai, Robert Fekete,
Terez Nemes, Tibor Bodnar, Zoltan Pallagi, y-l-i.

syslog-ng - syslog-ng-3.17.2

Published by lbudai about 6 years ago

3.17.2

Bugfixes

Fix a bug in flow-control (#2224)
Fix template function evaluation in debugger (#2220)

syslog-ng - syslog-ng-3.17.1

Published by lbudai about 6 years ago

3.17.1

Features

Client side failback mode (#2183)
New linux-audit() source as SCL (#2186)
Decorating generated configuration (#2218)
Introduce ewmm() source (#2199, #2209)
Add parsing of Cisco unified call manager (#2134)
Mandatory parameters for cfg-block (SCL) (#2088)

Bugfixes

dqtool cat print backlog items (#2213)
Rewind backlog in case of stateless LogProtoClient (#2214)
Filter out incorrectly parsed sudo logs (#2208)
Minor fixes related to client-lib-dir, loggen and eventlog (#2204)
Minor stats-query fixes and refactor (#2193)
Reliable disk buffer non-empty backlog (#2192)
Fix pip package versions on older distro releases (dbld) (#2188)
Fix a groupset/groupunset and map-value-pairs() crash (#2184)
Make g_atomic_counter_set() atomic and update minimum glib version to 2.26 (#2182)
Aligning java related SCLs with mandatory parameters (#2160)
Loggen minor fixes (#2150)
grab-logging should be installed as a header (#2151)
Fix possible underflow of memory_usage (afsql, logqueue-fifo) (#2140)
Fix SELinux module version inconsistency (#2133)
Fix CMake unit test compilation (no-pie) (#2137)
Fix possible crash in syslog-parser() (#2128)
Disable ack for mark mode (#2129)
Fixing a Telegram destination bug with bot id (#2142)
All drivers should support inner destination or source plugins (#2143)
Fix default file and directory creation ownership (#2119)
Fix global "center;;received" counter when systemd-journal() is used (#2121)
Link everything to libsecret-storage (#2100)
Inform about the right dns-cache() configuration (warning message typo) (#2145)
Adjusting window size for internal mark mode (#2146)
Fix memory leaks in disk-buffer() (#2153)
Fix undefined behavior in log multiplexer (#2154)
Fix static linking mode (autotools) (#2155)
Fix internal mark mode infinite loop with old ivykis (#2157)
Fix missing normalize flags (#2162)
Keep JVM running on reload if once configured (#2164, #2211)
Fix a race condition (suspend) in LogSource (#2167)
Add @requires json-plugin to the cim() parser (#2181)
Added exclude_kmsg option to system source (#2166)
Fix padding template function (#2174)
Leak & invalid memory access (#2173)
FreeBSD 11.2 builderror SOCK_STREAM (#2170)
Add ref-counted TLSVerifier struct (use after free fix) (#2168)

Other changes

Improve loggen's file message parser (#2205)
syslog-ng-debun improvements (#2201)
Goodbye "goto relex" (refactor) (#2198)
Refactor the callback registration mechanism of WildcardFileReader (#2185)
Extended Linux capabilities detection (pkg-config) (#2169)
Add atomic gssize (#2159)
Lower the message level of @requires to debug (#2147)
macOS warning elimination (#2139)
Remove a misleading rewrite-related debug message (#2132)
Minor updates to SELinux policy installer script (#2127)
More robust GLib detection (CMake) (#2125)
Logthreaded nonfunctional changes (#2123)
Confgen and pragma improvements (#2122)
Flush before stopping syslog-ng (functional tests) (#2216)
Port unit tests into criterion (test_filters_netmask6, test_findeom, csv_parser, patternDB) (#2217, #2175, #2118)
Libtest refactors (#2149)
Add missing files to the source tarball (#2114)
Better python binary detection (#2092)

Notes to the developers

LogThreadedDestDriver batching (#2063)
Add sqlite3 and riemann to dbld devshell (#2210)
Make mock-transport inheritable (#2120)

Credits

syslog-ng is developed as a community project, and as such it relies
on volunteers, to do the work necessarily to produce syslog-ng.

Reporting bugs, testing changes, writing code or simply providing
feedback are all important contributions, so please if you are a user
of syslog-ng, contribute.

We would like to thank the following people for their contribution:

Andras Mitzki, Antal Nemes, Balazs Scheidler, Bernie Harris, Bertrand Jacquin,
Gabor Nagy, Gergely Nagy, German Service Network, Janos SZIGETVARI, Laszlo Budai,
Laszlo Szemere, László Várady, Norbert Takacs, Peter Czanik, Peter Kokai,
Szigetvari Janos, Terez Nemes, Viktor Juhasz.

syslog-ng - syslog-ng-3.16.1

Published by lbudai over 6 years ago

3.16.1

Features

Telegram destination and $(urlencode) template function (#2085)
Error reporting on misspelled block args (#1952)
New ignore_tns_config Oracle SQL destination config option (#2054)
Per-source "src.host" and "src.sender" counters (#2013)

Bugfixes

Fix possible loss of log messages in the systemd-journal() source (#1570, #1587, #1612)
Fix file source location information in internal logs (#2028)
Fix SDATA deserialization (disk-buffer crash) (#1919, #2067)
Fix unaccepted embedded 'file' keyword (file source and destination) (#2076)
Fix memory leaks in appmodel and varargs (#2086)
Fix a bug in the old LogMessage deserialization (#2103)
Fix reading the output of the confgen program (#1780, #2108)
Add safer mem_zero() to secret-storage (#2049)
Fix undefined behavior in syslog-ng-ctl query (#2043)
Fix lloc tracking for multi line blockrefs (#2035)
Added missing 'else {};' to default-network-drivers() to forward unparsable messages (#2027)
Fix mixed linking (#2020, #2022)
Fix compilation of evtlog on FreeBSD (#2014, #2015)
Fix thread_id allocation for more than 32 CPUs (crash) (#2008)
Add safe logging of errno (#1990, #1999)
Fix warnings related to floating point operations (#1959, #1996)
Partial revert of plugin discovery to bring back valgrind (#1953, #1995)
Fix connection close in network sources (#1991)
Fix file deletion in the wildcard-file() source (#1974)
Disable the DNS cache if use-dns(no) is used (#1923)
Fix compiler error for gcc 4.4 (#2044)
Fix emitted warnings due to -no-pie detection for gcc 4.4 (#2037)
Fix date format in functional tests (#2036)
Dbld fixes (#2034)
Rename PAGESIZE variables to pagesize in secret-storage (compilation fix) (#2111)
Fix the lifetime of TLSContext to prevent crash on reload (#2080, #2109)
Fix reaping program() source and destination when a Java-based destination is used (#2099)

Other changes

Add debug message to program source/destination about successful start (#2046)
Report memory exhaustion errors during config parsing (#2033)
Improved debug logs (#2032)
Dbld coverage (#2031)
LogTransportMock enhancement (#2017)
Modify the license of loggen from GPL to LGPL (#2006)
Loggen refactor (#1987)
Update RPM generation (#1980, #2113)
Support ENABLE_EXTRA_WARNINGS with CMake (#2072)
Rewrite unit tests based on Criterion (#2026, #2058, #2039, #2018, #2003)
Lexer test coverage improvements (#2062)
preparation for 3.16 OSE rhel/packaging (#2113)

Notes to the developers

Do not ship rabbitmq-c with syslog-ng (remove as submodule) (#2052)
Multitransport (#2057)
Timeout support for LogReader and LogWriter (#2056)
Update ivykis to 0.42.3 (submodule) (#2012)
Drop explicit version numbers from requirements.txt (#2050)
CMake modernization pt. 1 (#2007)
Assert when log_pipe_clone() is not implemented (#2019)
Small Java code refactor (#2066)

Credits

syslog-ng is developed as a community project, and as such it relies
on volunteers, to do the work necessarily to produce syslog-ng.

Reporting bugs, testing changes, writing code or simply providing
feedback are all important contributions, so please if you are a user
of syslog-ng, contribute.

We would like to thank the following people for their contribution:
Andras Mitzki, Andrej Valek, Antal Nemes, Balazs Scheidler, Gabor Nagy,
Gergely Nagy, German Service Network, Jakub Wilk, Laszlo Budai, Laszlo Szemere,
Laszlo Varady, Mehul Prajapati, Norbert Takacs, Peter Czanik, Peter Kokai,
Tomasz Kazimierczak, Viktor Juhasz

syslog-ng - syslog-ng-3.15.1

Published by lbudai over 6 years ago

3.15.1

Features

Support added for if/elif/else blocks to the configuration file syntax.
(#1856)
Dramatically improved debug messages during filter/parser evaluation. (#1898)
Similarly improved the error messages shown on syntax errors, they now show a
full backtrace of inclusions, among other things. (#1932)
The hook-commands module was added, allowing one to run custom commands on
source or destination setup and teardown. (#1951)
Implemented a way to skip processing included config file snippets in case a
dependency is missing: The @requires json pragma. (#827, #1956)
Basic client-side failover support was implemented. (#1905)
Errors from python destinations are now reported together with any exception
text (if any). (#1931)
add-contextual-data gained a new ignore-case() option. (#1911)

Bugfixes

Fix a crash that happened on disk queue restart. (#1886)
Fixed another crash when a corrupted disk queue file was being moved away.
(#1924)
Fixed a crash that could happen during nvtable deserialization. (#1967)
Fixed a crash that occurred when NVTables were stored on low memory
addresses. (#1970)
Fixed an issue with TLS session resumption, the session id context value is
now properly set. (#1936, #2000)
We now link directly to the evtlog shipped with syslog-ng, and are not
using the system library, not even when present. (#1915)
TLS destinations now work again without key-file or cert-file specified.
(#1916, #1917)
SDATA block names are now sanitized, in order to not break the spec when we
get our SDATA from sources that are more lax (such as JSON). (#1948)
Some internal messages contained key-value pairs where the key had spaces in
it, this has been addressed, they do not contain spaces anymore.
The STOMP destination will now correctly use template options when formatting
its body part. (#1957)
Fix compilation with OpenSSL 1.1.0 (#1921, #1997)
Fix compilation on FreeBSD. (#1901)
Fix compilation on SLES 11. (#1897)
Fix compilation on Hurd. (#1912, #1914)
Fix compiltaion on Solaris 10. (#1982, #1983)
Fix compilation on MacOS.
Fixed a value conflict in the afstreams module's grammar file.
Various compiler warning-related fixes all over the codebase.

Other changes

POSIX RegExp support was dropped from the filters, PCRE remains available. (#1899)
Miscellaneous build-system related fixes and improvements (both autotools and
CMake).
Update lib/json-c to json-c-0.13-20171207. (#1900)

Notes to the developers

The init() function is now optional for Python destinations. (#1756)
The Docker environment (dbld/) has seen significant changes, among them an
upgrade to Ubuntu Xenial. (#1876)
dbld/rules gained two new targets: login and build, that do what their
names suggest. (#1927)
The LogPipe object gained a pre_init() and a post_deinit() method, used
by the hook-commands module.

Credits

syslog-ng is developed as a community project, and as such it relies
on volunteers, to do the work necessarily to produce syslog-ng.

Reporting bugs, testing changes, writing code or simply providing
feedback are all important contributions, so please if you are a user
of syslog-ng, contribute.

We would like to thank the following people for their contribution:
Andras Mitzki, Antal Nemes, Balazs Scheidler, Budai Laszlo, Gabor Nagy, Gábor
Nagy, Gergely Nagy, Juhasz Viktor, Kókai Péter, Laszlo Budai, László Szemere,
László Várady, Mehul Prajapati, Norbert Takacs, Robert Fekete, SZALAY Attila,
Tamas Nagy, Terez Nemes, Utsav Krishnan, Videet Singhai, Vivek Raj

Package Rankings

Top 8.17% on Proxy.golang.org

Badges

Extracted from project README