rsyslog

The rocket-fast system for log processing

Changelog

Changelog for 7.4.6 (v7-stable)

By adisconteamPosted on Posted in ChangelogTagged , , , , ,

Version 7.4.6 [v7.4-stable] 2013-10-31

  • bugfix: potential abort during HUP
    This could happen when one of imklog, imzmq3, imkmsg, impstats,
    imjournal, or imuxsock were under heavy load during a HUP.
    closes: http://bugzilla.adiscon.com/show_bug.cgi?id=489
    Thanks to Guy Rozendorn for reporting the problem and Peval Levhshin for
    his analysis.
  • bugfix: imtcp flowControl parameter incorrectly defaulted to “off”
    This could cause message loss on systems under heavy load and was
    a change-of-behaviour to previous version. This is a regression
    most probably introduced in 5.9.0 (but did not try hard to find the
    exact point of its introduction).
  • now requires libestr 0.1.9 as earlier versions lead to problems with
    number handling in RainerScript
  • bugfix: memory leak in strlen() RainerScript function
    Thanks to Gregoire Seux for reportig this bug.
    closes: http://bugzilla.adiscon.com/show_bug.cgi?id=486
  • bugfix: buffer overrun if re_extract function was called for submatch 50
    Thanks to Pavel Levshin for reporting the problem and its location.
  • bugfix: memleak in re_extract() function
    Thanks to Pavel Levshin for reporting this problem.
  • bugfix: potential abort in RainerScript optimizer
    closes: http://bugzilla.adiscon.com/show_bug.cgi?id=488
    Thanks to Thomas Doll for reporting the problem and Pavel Levshin for
    fixing it.
  • bugfix: memory leak in omhiredis
    Thanks to Pavel Levshin for the fix
  • bugfix: segfault if variable was assigned to non-container subtree
    Thanks to Pavel Levshin for the fix

 

Changelog for 7.5.6 (v7-devel)

By adisconteamPosted on Posted in ChangelogTagged , , , , ,

Version 7.5.6 [devel] 2013-10-29

  • improved performance of RainerScript variable access
    by refactoring the whole body of variable handling code. This also
    solves some of the anomalies experienced in some versions of rsyslog.
    All variable types are now handled in unified code, including
    access via templates.
  • RainerScript: make use of 64 bit for numbers where available
    Thanks to Pavel Levshin for enhancement.
  • slight performance optimization if GCC is used
    We give branch prediction hints for the frequent RETiRet macro which is
    used for error handling. Some slight performance gain is to be expected
    from that.
  • removed global variable support
    The original idea was not well thought out and global variables, as
    implemented, worked far different from what anybody would expect. As
    such, we consider the current approach as an experiment that did not
    work out and opt to removing it, clearing the way for a better future
    solution. Note: global vars were introduced in 7.5.3 on Sept, 11th 2013.
  • new module mmsequence, primarily used for action load balancing
    Thanks to Pavel Levshin for contributing this module.
  • bugfix: unset statement always worked on message var, even if local
    var was given
  • bugfix: segfault if variable was assigned to non-container subtree
    Thanks to Pavel Levshin for the fix
  • bugfix: imuxsock did not suport addtl sockets if syssock was disabled
    Thanks to Pavel Levshin for the fix
  • bugfix: running imupd on multiple threads lead to segfault if recvmmsg
    is available
  • bugfix: segfault if re_extract() function was used and no match found
  • bugfix: omelasticsearch did not compile on platforms without atomic
    instructions
  • bugfix: potential misadressing on startup if property-filter was used
    This could happen if the property name was longer than 127 chars, a case
    that would not happen in practice.
  • bugfix: invalid property filter was not properly disabled in ruleset
    Note: the cosmetic memory leak introduced with that patch in 7.4.5 is
    now also fixed.

Changelog for 7.4.5 (v7-stable)

By adisconteamPosted on Posted in ChangelogTagged , , , , , , ,

Version 7.4.5 [v7.4-stable] 2013-10-22

  • mmanon: removed the check for specific “terminator characters” after
    last octet. As it turned out, this didn’t work in practice as there
    was an enormous set of potential terminator chars — so removing
    them was the best thing to do. Note that this may change behaviour of
    existing installations. Yet, we still consider this an important
    bugfix, that should be applied to the stable branch.
    closes: http://bugzilla.adiscon.com/show_bug.cgi?id=477
    Thanks to Muri Cicanor for initiating the discussion
  • now requires libestr 0.1.8 as early versions had a nasty bug in
    string comparisons
  • omelasticsearch: add failed.httprequests stats counter
  • bugfix: invalid property filter was not properly disabled in ruleset
    Note that this bugfix introduces a very slight memory leak, which is
    cosmetic, as it just holds data until termination that is no longer
    needed. It is just the part of the config that was invalid. We will
    “fix” this “issue” in the devel version first, as the fix is a bit
    too intrusive to do without hard need in the stable version.
  • bugfix: segfault if re_extract() function was used and no match found
  • bugfix: potential misadressing on startup if property-filter was used
    This could happen if the property name was longer than 127 chars, a case
    that would not happen in practice.
  • bugfix: omelasticsearch: correct failed.http stats counter
  • bugfix: omelasticsearch: did not correctly initialize stats counters
  • bugfix: omelasticsearch: failed.es counter was only maintained in bulk mode
    This usually did not lead to any problems, because they are in static
    memory, which is initialized to zero by the OS when the plugin is
    loaded. But it may cause problems especially on systems that do not
    support atomic instructions – in this case the associated mutexes also
    did not get properly initialized.
  • bugfix: mmanon did not detect all IP addresses in rewrite mode
    The problem occured if two IPs were close to each other and the first one
    was shrunk.
    closes: http://bugzilla.adiscon.com/show_bug.cgi?id=485
    Thanks to micah-at-riseup.net for reporting this bug
  • bugfix: mmanon sometimes used invalid replacement char in simple mode
    depending on configuration sequence, the replacement character was set
    to ‘s’ instead of the correct value. Most importantly, it was set to
    ‘s’ if simple mode was selected and no replacement char set.
    closes: http://bugzilla.adiscon.com/show_bug.cgi?id=484
    Thanks to micah-at-riseup.net for reporting this bug
  • bugfix: memory leak in mmnormalize
  • bugfix: array-based ==/!= comparisions lead to invalid results
    This was a regression introduced in 7.3.5 bei the PRI optimizer
  • bugfix: omprog blocked signals to executed programs
    The made it impossible to send signals to programs executed via
    omprog.
    Thanks to Risto Vaarandi for the analysis and a patch.
  • bugfix: doc: imuxsock legacy param $SystemLogSocketParseTrusted was
    misspelled
    Thanks to David Lang for alerting us
  • bugfix: imfile “facility” input parameter improperly handled
    caused facility not to be set, and severity to be overwritten with
    the facility value.
    Thanks to forum user dmunny for reporting this bug.
  • bugfix: small memory leak in imfile when $ResetConfigVariables was used
    Thanks to Grégory Nuyttens for reporting this bug and providig a fix
  • bugfix: segfault on startup if TLS was used but no CA cert set
  • bugfix: segfault on startup if TCP TLS was used but no cert or key set
  • bugfix: some more build problems with newer json-c versions
    Thanks to Michael Biebl for mentioning the problem.
  • bugfix: build system: libgcrypt.h needed even if libgrcypt was disabled
    Thanks to Jonny Törnbom for reporting this problem

Changelog for 7.5.5 (v7-devel)

By Adiscon SupportPosted on Posted in ChangelogTagged , , , , , , , , , , , , , ,

Version 7.5.5 [devel] 2013-10-16

  • imfile: permit to monitor an unlimited number of files
  • imptcp: add “defaultTZ” input parameter
  • imudp: support for multiple receiver threads added
  • imudp: add “dfltTZ” input config parameter
  • bugfix: memory leak in mmnormalize
  • bugfix: mmutf8fix did not properly handle invalid UTF-8 at END of message if the very last character sequence was too long, this was not detected
    Thanks to Risto Vaarandi for reporting this problem.
  • mmanon: removed the check for specific “terminator characters” after  last octet. As it turned out, this didn’t work in practice as there was an enormous set of potential terminator chars — so removing them was the best thing to do. Note that this may change behaviour of existing installations. Yet, we still consider this an important bugfix, that should be applied to the stable branch.
    closes: http://bugzilla.adiscon.com/show_bug.cgi?id=477
    Thanks to Muri Cicanor for initiating the discussion
  • now requires libestr 0.1.7 as early versions had a nasty bug in string comparisons
  • bugfix: mmanon did not detect all IP addresses in rewrite mode
    The problem occured if two IPs were close to each other and the first one was shrunk.
    closes: http://bugzilla.adiscon.com/show_bug.cgi?id=485
    Thanks to micah-at-riseup.net for reporting this bug
  • bugfix: mmanon sometimes used invalid replacement char in simple mode depending on configuration sequence, the replacement character was set to ‘s’ instead of the correct value. Most importantly, it was set to ‘s’ if simple mode was selected and no replacement char set.
    closes: http://bugzilla.adiscon.com/show_bug.cgi?id=484
    Thanks to micah-at-riseup.net for reporting this bug
  • bugfix: memory leak in mmnormalize
  • bugfix: array-based ==/!= comparisions lead to invalid results
    This was a regression introduced in 7.3.5 bei the PRI optimizer

Changelog for 7.5.4 (v7-devel)

By Adiscon SupportPosted on Posted in ChangelogTagged , , , , , , , , , , , ,

Version 7.5.4 [devel] 2013-10-07

  • mmpstrucdata: new module to parse RFC5424 structured data into json message properties
  • change main/ruleset queue defaults to be more enterprise-like
    new defaults are queue.size 100,000 max workers 2, worker activation after 40,000 msgs are queued, batch size 256. These settings are much more useful for enterprises and will not hurt low-end systems that much. This is part of our re-focus on enterprise needs.
  • omfwd: new action parameter “maxErrorMessages” added
  • omfile: new module parameters to set action defaults added
    * dirCreateMode
    * fileCreateMode
  • mmutf8fix: new module to fix invalid UTF-8 sequences
  • imuxsock: handle unlimited number of additional listen sockets
  • doc: improve usability by linking to relevant web ressources
    The idea is to enable users to quickly find additional information, samples, HOWTOs and the like on the main site. At the same time, (very) slightly remove memory footprint when few listeners are monitored.
  • bugfix: omfwd parameter streamdrivermmode was not properly handled
    It was always overwritten by whatever value was set via the legacy directive $ActionSendStreamDriverMode
  • imtcp: add streamdriver.name module parameter
    permits overriding the system default stream driver (gtls, ptcp)
  • bugfix: build system: libgcrypt.h needed even if libgrcypt was disabled
    Thanks to Jonny Törnbom for reporting this problem
  • imported bugfixes from 7.4.4

Changelog for 7.5.3 (v7-devel)

By Adiscon SupportPosted on Posted in ChangelogTagged , , , , , , , ,

Version 7.5.3 [devel] 2013-09-11

  • imfile: support for escaping LF characters added embedded LF in syslog messages cause a lot of trouble. imfile now has the capability to escape them to “#012″ (just like the regular control character escape option). This requires new-style input statements to be used. If legacy configuration statements are used, LF escaping is always turned off to preserve compatibility.
    NOTE: if input() statements were already used, there is a CHANGE OF BEHAVIOUR: starting with this version, escaping is enabled by default. So if you do not want it, you need to add escapeLF=”off” to the input statement. Given the trouble LFs cause and the fact that the majority of installations still use legacy config, we considered this behaviour change acceptable and useful.
    see also: http://blog.gerhards.net/2013/09/imfile-multi-line-messages.html
  • add support for global and local variables
  • bugfix: queue file size was not correctly processed
    this could lead to using one queue file per message for sizes >2GiB
    Thanks to Tomas Heinrich for the patch.
  • add main_queue() configuration object to configure main message queue
  • bugfix: stream compression in imptcp caused timestamp to be corrupted
  • imudp: add ability to specify SO_RCVBUF size (rcvbufSize parameter)
  • imudp: use inputname for statistics, if configured
  • impstats: add process resource usage counters [via getrusage()]
  • impstats: add paramter “resetCounters” to report delta values possible for most, but not all, counters. See doc for details.
  • librelp 1.2.0 is now required
  • make use of new librelp generic error reporting facility
    This leads to more error messages being passed to the user and thus simplified troubleshooting.
  • bugfix: very small memory leak in imrelp
    more or less cosmetic, a single memory block was not freed, but this only happens immediately before termination (when the OS automatically frees all memory). Still an annoyance e.g. in valgrind.
  • fix compile problem in debug build
  • imported fixes from 7.4.4

Changelog for 7.4.4 (v7-stable)

By Adiscon SupportPosted on Posted in ChangelogTagged , , , , ,

Version 7.4.4  [v7.4-stable] 2013-09-03

  • better error messages in GuardTime signature provider
    Thanks to Ahto Truu for providing the patch.
  • make rsyslog use the new json-c pkgconfig file if available
    Thanks to the Gentoo team for the patches.
  • bugfix: imfile parameter “persistStateInterval” was unusable
    due to a case typo in imfile; work-around was to use legacy config
    Thanks to Brandon Murphy for reporting this bug.
  • bugfix: TLV16 flag encoding error in signature files from GT provider
    This fixes a problem where the TLV16 flag was improperly encoded. Unfortunately, existing files already have the bug and may not properly be processed. The fix uses constants from the GuardTime API lib to prevent such problems in the future.
    Thanks to Ahto Truu for providing the patch.
  • bugfix: slightly malformed SMTP handling in ommail
  • bugfix: segfault in omprog if no template was provided (now dflt is used)
  • bugfix: segfault in ompipe if no template was provided (now dflt is used)
  • bugfix: segfault in omsnmp if no template was provided (now dflt is used)
  • bugfix: some omsnmp optional config params were flagged as mandatory
  • bugfix: segfault in omelasticsearch when resuming queued messages after restarting Elasticsearch
    closes: http://bugzilla.adiscon.com/show_bug.cgi?id=464
  • bugfix: imtcp addtlframedelimiter could not be set to zero
    Thanks to Chris Norton for alerting us.
  • doc bugfix: remove no-longer existing omtemplate from developer doc was specifically mentioned as a sample for creating new plugins
    Thanks to Yannick Brosseau for alerting us of this problem.
    closes: http://bugzilla.adiscon.com/show_bug.cgi?id=473

Changelog for 7.5.2 (v7-devel)

By Adiscon SupportPosted on Posted in ChangelogTagged , , , , , , , ,

Version 7.5.2 [devel] 2013-07-04

Changelog for 7.4.2 (v7-stable)

By Adiscon SupportPosted on Posted in ChangelogTagged , , , , , , , , , , , , , , ,

Version 7.4.2 [v7.4-stable] 2013-07-04

  • bugfix: in RFC5425 TLS, multiple wildcards in auth could cause segfault
  • bugfix: RainerScript object required parameters were not properly checked – this clould result to segfaults on startup if parameters were missing.
  • bugfix: double-free in omelasticsearch closes: http://bugzilla.adiscon.com/show_bug.cgi?id=461 a security advisory for this bug is available at: http://www.lsexperts.de/advisories/lse-2013-07-03.txt PLEASE NOTE: This issue only existed if omelasticsearch was used in a non-default configuration, where the “errorfile” parameter was specified. Without that parameter set, the bug could not be triggered. Thanks to Markus Vervier and Marius Ionescu for providing a detailled bug report. Special thanks to Markus for coordinating his security advisory with us.
  • bugfix: omrelp potential segfault at startup on invalid config parameters
  • bugfix: small memory leak when $uptime property was used
  • bugfix: potential segfault on rsyslog termination in imudp closes: http://bugzilla.adiscon.com/show_bug.cgi?id=456
  • bugfix: lmsig_gt abort on invalid configuration parameters closes: http://bugzilla.adiscon.com/show_bug.cgi?id=448 Thanks to Risto Laanoja for the patch.
  • imtcp: fix typo in “listner” parameter, which is “listener” Currently, both names are accepted.
  • solved build problems on FreeBSD closes: http://bugzilla.adiscon.com/show_bug.cgi?id=457 closes: http://bugzilla.adiscon.com/show_bug.cgi?id=458 Thanks to Christiano for reproting and suggesting patches
  • solved build problems on CENTOS5

Changelog for 7.5.1 (v7-devel)

By Adiscon SupportPosted on Posted in ChangelogTagged , , , , , , , , , ,

Version 7.5.1 [devel] 2013-06-26

  • librelp 1.1.3 is required – older versions can lead to a segfault
  • add mmfields, which among others supports easy parsing of CEF messages
  • omrelp:
    * new parameter “compression.prioritystring” to control encryption parameters used by GnuTLS
  • imrelp:
    * new parameter “compression.dhbits” to control the number of bits being used for Diffie-Hellman key generation
    * new parameter “compression.prioritystring” to control encryption parameters used by GnuTLS
    * support for impstats added
    * support for setting permitted peers (client authentication) added
    * bugfix: potential segfault at startup on invalid config parameters
  • imjournal: imported patches from 7.4.1
  • omprog: add support for command line parameters
  • added experimental TCP stream compression (imptcp only, currently)
  • added BSD-specific syslog facilities
    * “console”
    * “bsd_security” – this is called “security” under BSD, but that name was unfortunately already taken by some standard facility. So I did the (hopefully) second-best thing and renamed it a little.
  • imported fixes from 7.4.2 (especially build problems on FreeBSD)
  • bugfix: imptcp did not properly initialize compression status variable could lead to segfault if stream:always compression mode was selected
Scroll to top