Changelog for 8.3.1 (v8-devel)
Version 8.3.1 [v8-devel] 2014-04-24
- external message modification interface now support modifying message PRI
- “jsonmesg” property will include uuid only if one was previously generated
This is primarily a performance optimization. Whenever the message uuid is gotten, it is generated when not already present. As we used the regular setter, this means that always the uuid was generated, which is quite time-consuming. This has now been changed so that it only is generated if it already exists. That also matches more closly the semantics, as “jsonmesg” should not make modifications to the message.
Note that the same applies to “fulljson” passing mode for external plugins. - added plugin to rewrite message facility and/or severity
Name: fac-sever-rewrite.py - permits to build against json-c 0.12
Unfortunately, json-c had an ABI breakage, so this is necessary. Note that versions prior to 0.12 had security issues (CVE-2013-6370, CVE-2013-6371) and so it is desirable to link against the new version.
Thanks to Thomas D. for the patch.
Note that at least some distros have fixed the security issue in older versions of json-c, so this seems to apply mostly when building from sources. - bugfix: using UUID property could cause segfault
- bugfix/mmexternal: memory leak
- bugfix: memory leak when using “jsonmesg” property
- bugfix: mmutf8fix did not detect two invalid sequences
Thanks to Axel Rau for the patch. - bugfix: build problems with lexer.l on some platforms
For some reason, the strdup() prototype and others are missing. I admit that I don’t know why, as this happens only in 8.3.0+ and there is no indication of changes to the affected files. In any case, we need to fix this, and the current solution works at least as an interim one.
Changelog for 8.2.1 (v8-stable)
Version 8.2.1 [v8-stable] 2014-04-17
- permits to build against json-c 0.12
Unfortunately, json-c had an ABI breakage, so this is necessary. Note that versions prior to 0.12 had security issues (CVE-2013-6370, CVE-2013-6371) and so it is desirable to link against the new version.
Thanks to Thomas D. for the patch. Note that at least some distros have fixed the security issue in older versions of json-c, so this seems to apply mostly when building from sources. - doc is no longer shipped as part of the rsyslog tarball
Instead, the rsyslog-doc project creates its own tarball. This is the result of a mailing list discussion after the 8.2.0 release with a tarball-in-tarball approach, which was disliked by almost all distro maintainers. This move also has the advantage of de-coupling the release cycles of both projects a bit (which turned out to be a bit problematic in practice). - bugfix: mmutf8fix did not detect two invalid sequences
Thanks to Axel Rau for the patch.
Changelog for 8.3.0 (v8-devel)
Version 8.3.0 [v8-devel] 2014-04-10
- new plugin for anonymizing credit card numbers
Thanks to Peter Slavov for providing the code. - external message modification modules are now supported
They are bound via the new native module “mmexternal”. Also, a sample skeleton for an external python message modification module has been added. - new $jsonmesg property with JSON representation of whole message object
closes: https://github.com/rsyslog/rsyslog/issues/19 - improved error message for invalid field extraction in string template
see also:
http://kb.monitorware.com/problem-with-field-based- extraction-t12299.html - fix build problems on Solaris
- NOTE: a json-c API that we begun to use requires the compiler to be in c99 mode. By default, we select it automatically. If you modify this and use gcc, be sure to include “-std=c99” in your compiler flags. This seems to be necessary only for older versions of gcc.
Changelog for 8.2.0 (v8-stable)
Version 8.2.0 [v8-stable] 2014-04-02
This starts a new stable branch based on 8.1.6 plus the following changes:
- we now use doc from the rsyslog-doc project
As such, the ./doc subtree has been removed. Instead, a cache of the rsyslog-doc project’s files has been included in ./rsyslog-doc.tar.gz. Note that the exact distribution mode for the doc is still under discussion and may change in future releases. This was agreed upon on the rsyslog mailing list. For doc issues and corrections, be sure to work with the rsyslog-doc project. It is currently hosted at https://github.com/rsyslog/rsyslog-doc - add support for specifying the liblogging-stdlog channel spec
new global parameter “stdlog.channelspec” - add “
defaultnetstreamdrivercertfile” global variable to set a default for the certfile.
Thanks to Radu Gheorghe for the patch. - omelasticsearch: add new “usehttps” parameter for secured connections
Thanks to Radu Gheorghe for the patch. - “action resumed” message now also specifies module type which makes troubleshooting a bit easier. Note that we cannot output all the config details (like destination etc) as this would require much more elaborate code changes, which we at least do not like to do in the stable version.
- add capability to override GnuTLS path in build process
Thanks to Clayton Shotwell for the patch - better and more consistent action naming, action queues now always contain the word “queue” after the action name
- bugfix: ompipe did resume itself even when it was still in error
See: https://github.com/rsyslog/rsyslog/issues/35
Thanks to github user schplat for reporting
Changelog for 7.6.3 (v7-stable)
Version 7.6.3 [v7.6-stable] 2014-03-27
- add capability to override GnuTLS path in build process
Thanks to Clayton Shotwell for the patch - support for librelp 1.2.5
Support new return states of librelp 1.2.5 to emit better error messages. For obvious reasons, librelp 1.2.5 is now required. - bugfix: ompipe used invalid default template
This is a regression from an old change (didn’t track it down precisely, but over a year ago). It used the Forwarding template instead of the file template (so we have a full syslog header). This fix corrects it back to previous behaviour, but new scripts that used the wrong format may now need to have the RSYSLOG_ForwardingFormat template explicitely be applied.
closes: https://github.com/rsyslog/rsyslog/issues/50 - bugfix: ompipe did emit many suspension messages for /dev/xconsole
(hopefully now) closes: https://github.com/rsyslog/rsyslog/issues/35
When it was present, but nobody reading from it. The problem is the way the rsyslog v7 engine tries to resolve failures in outputs. It does some retries, and along those lines some state information gets lost and it is close to impossible to retain it. However, the actual root problem is that ompipe does not reliably detect if it is able to recover. The problem here is that it actually does not know this before it does an actual write. These two things together mess up the logic that suppresses invalid resumption/suspension messages (actually, the plugin switches state really that often). Nevertheless, the prime problem with /dev/xconsole (and probably most other pipes as well) is that it gets full. So I have now added code that checks, during resume processing, if the pipe is writable. If it is not, resume is deferred. That should address the case.
Changelog for 7.6.2 (v7-stable)
Version 7.6.2 [v7.6-stable] 2014-03-17
- support for librelp 1.2.4
This was necessary due to the problems with librelp 1.2.3 API stability.
We now use the new native 1.2.4 APIs to learn about the state of librelp’s TLS support.
For obvious reasons, librelp 1.2.4 is now required.
Changelog for 7.6.1 (v7-stable)
Version 7.6.1 [v7.6-stable] 2014-03-13
- added “action.reportSuspension” action parameter This now permits to control handling on a per-action basis rather to the previous “global setting only”.
- “action resumed” message now also specifies module type which makes troubleshooting a bit easier. Note that we cannot output all the config details (like destination etc) as this would require much more elaborate code changes, which we at least do not like to do in the stable version.
- better and more consistent action naming, action queues now always contain the word “queue” after the action name – add support for “tls-less” librelp we now require librelp 1.2.3, as we need the new error code definition See also: https://github.com/rsyslog/
librelp/issues/1 - build system improvements
- autoconf subdir option
- support for newer json-c packages Thanks to Michael Biebl for the patches.
- imjournal enhancements:
- log entries with empty message field are no longer ignored
- invalid facility and severity values are replaced by defaults
- new config parameters to set default facility and severity Thanks to Tomas Heinrich for implementing this
- bugfix: ompipe did resume itself even when it was still in error See: https://github.com/rsyslog/
rsyslog/issues/35 Thanks to github user schplat for reporting - bugfix: “action xxx suspended” did report incorrect error code
- bugfix: ommongodb’s template parameter was mandatory but should have been optional Thanks to Alain for the analysis and the patch.
- bugfix: only partial doc was put into distribution tarball Thanks to Michael Biebl for alerting us. see also: https://github.com/rsyslog/
rsyslog/issues/31 - bugfix: async ruleset did process already-deleted messages Thanks to John Novotny for the patch.
Changelog for 8.1.6 (v8-devel)
Version 8.1.6 [devel] 2014-02-20
- omfile: permit to set global defaults for action parameters
Thanks to Nathan Brown for the patch.
See also: https://github.com/rsyslog/rsyslog/pull/23 - add capability to escape control characters in the C way of doing it
adds new global parameter “parser.escapeControlCharactersCStyle”
Thanks to Nathan Brown for the patch.
See also: https://github.com/rsyslog/rsyslog/pull/13 - parser global parameters can now be set using RainerScript global()
Thanks to Nathan Brown for the patch.
See also: https://github.com/rsyslog/rsyslog/pull/23 - omprog: guard program-to-be-executed against CTL-C
This can frequently happen in debug mode, where rsyslog is terminated
by ctl-c. In any case, SIGINT is not meant to control the child process,
so it should be blocked. - omprog bugfix: parameter “forceSingleInstance” is NOT mandatory
- add new jsonr property replacer option
Thanks to Nathan Brown for the patch. - added external plugin interface
- ommongodb: add authentication support (untested)
Thanks to JT for the patch.
See also: https://github.com/rsyslog/rsyslog/pull/17 - bugfix: json templates are improperly created
Strings miss the terminating NUL character, which obviously can lead
to all sorts of problems.
See also: https://github.com/rsyslog/rsyslog/issues/27
Thanks to Alain for the analysis and the patch. - ompgsql bugfix: improper handling of auto-backgrounding mode
If rsyslog was set to auto-background itself (default code behaviour, but
many distros now turn it off for good reason), ompgsql could not
properly connect. This could even lead to a segfault. The core reason
was that a PG session handle was kept open over a fork, something that
is explicitely forbidden in the PG API.
Thanks to Alain for the analysis and the patch. - bugfix: ommongodb’s template parameter was mandatory but should have
been optional
Thanks to Alain for the analysis and the patch. - bugfix: end of batch processing was not 100% correct. Could lead to
outputs not properly wirting messages. At least omelasticsearch did not
write anything to the database due to this bug.
See: https://github.com/rsyslog/rsyslog/issues/10
Thanks to Radu Gheorghe for reporting the issue.
Changelog for 7.6.0 (v7-stable)
Version 7.6.0 [v7.6-stable] 2014-01-??
This starts a new stable branch based on 7.5.8 plus the following changes:
- bugfix: imuxsock input parameters were not accepted due to copy&paste error.
Thanks to Andy Goldstein for the fix. - added ProcessInternalMessages global system parameter
This permits to inject rsyslog status messages into *another* main syslogd or the journal. - new dependency: liblogging-stdlog (for submitting to external logger)
- bugfix: json templates are improperly created
Strings miss the terminating NUL character, which obviously can lead to all sorts of problems.
See also: https://github.com/rsyslog/rsyslog/issues/27
Thanks to Alain for the analysis and the patch. - ompgsql bugfix: improper handling of auto-backgrounding mode
If rsyslog was set to auto-background itself (default code behaviour, but many distros now turn it off for good reason), ompgsql could not properly connect. This could even lead to a segfault. The core reason was that a PG session handle was kept open over a fork, something that is explicitely forbidden in the PG API.
Thanks to Alain for the analysis and the patch.
Changelog for 7.4.10 (v7-stable)
Version 7.4.10 [v7.4-stable] 2014-02-12
- bugfix: json templates are improperly created
Strings miss the terminating NUL character, which obviously can lead to all sorts of problems.
See also: https://github.com/rsyslog/rsyslog/issues/27
Thanks to Alain for the analysis and the patch. - ompgsql bugfix: improper handling of auto-backgrounding mode
If rsyslog was set to auto-background itself (default code behaviour, but many distros now turn it off for good reason), ompgsql could not properly connect. This could even lead to a segfault. The core reason was that a PG session handle was kept open over a fork, something that is explicitely forbidden in the PG API.
Thanks to Alain for the analysis and the patch.