RSyslog Windows Agent 3.0 Released
Adiscon is proud to announce the 3.0 release of RSyslog Windows Agent.
This new major release adds full support for Windows 2012 R2 and also has been verified to work on Windows 10 preview versions.
The new major version is a milestone in many ways. Most important the performance of the core engine has been considerably increased. All existing configurations will benefit from this. Also a new Configuration Client has been added which has been rewritten using the .Net Framework (Like the InterActive Syslog Viewer). With the new Configuration Client, we also introduce support for a new file based configuration format (as an alternative to the registry-based method). RSyslog Windows Agent can now run from a configuration file and save it state values
into files.
We also extended the classic EventLog Monitor to support multiple dynamic *.evt files for NetApp customers.
Detailed information can be found in the version history below.
Build-IDs: Service 3.0.130, Client 3.0.201
Features |
|
Bugfixes |
|
Version 3.0 is a free download. Customers with existing 2.x keys can contact our Sales department for upgrade prices. If you have a valid Upgrade Insurance ID, you can request a free new key by sending your Upgrade Insurance ID to sales@adiscon.com. Please note that the download enables the free 30-day trial version if used without a key – so you can right now go ahead and evaluate it.
rsyslog daily builds and tarballs
The past days, we have worked on making rsyslog daily builds and tarballs a reality. We hope this will enable users to rapidly deploy the latest features as well as make it easier to help with testing the current development system. Daily builds are what the scheduled v8-devel builds were under the previous release paradigm. Consequently, the archives are named v8-devel.
Right now, builds are only supported for Ubuntu. Users of other platforms are advised to use the daily tarballs to build from source. Depending on feedback on and success of the daily builds, we will make them available for more platforms.
A daily build is based on the latest git master version. So it really is at the [b]leading edge of technology. So why create them?
A top reason is that we often fix a bug for someone, and that someone then is unable to build from source. In the end result, we have a bugfix, but there is no external confirmation that it really fixed the bug when we merge it into the next release. We hope that now those users can simply pick the daily build and check if that solves their problem.
Also, in general we hope that some users will use the daily tarballs to get not only the latest and greatest but contribute to the project by doing some testing.
Finally, and quite important, with daily builds we will see build problems as early as possible. In the past, we often saw problems only after source release (or very close to it), which was obviously problematic. Now, this should no longer happen. For obvious reasons, the final release build is now more or less a copy of a daily build.
As a technical side-note, daily builds are identified by the git master branch head hash that was used to build them. As a forth version component, they have the first 12 digits of that hash (an example is “8.8.0.35e7f12a2c04”). This enables us to track error reports to the right version. The packages have a different version name, based on the build date. The reason is that the hash does not increment and so newer versions (with lower hash values) are considered as “old” by Launchpad. We avoid this by using an always incrementing package version. Also note that the package changelog just contains a “daily build” entry — anything else makes limited sense.
We hope you enjoy this new feature! Feedback is appreciated.
rsyslog 8.7.0 (v8-stable) released
We have released rsyslog 8.7.0.
Version 8.7.0 contains various improvements and additions to a wide array of modules, like imfile, imptcp, improvements to RainerScript and mmnormalize (thanks to Singh Janmejay) and a couple of other improvements. But, the biggest addition is the new omkafka module that now allows direct writing to Apache Kafka.
This release also contains important bug fixes.
This is a recommended upgrade for all users.
http://www.rsyslog.com/changelog-for-8-7-0-v8-stable/
Download:
http://www.rsyslog.com/downloads/download-v8-stable/
As always, feedback is appreciated.
Best regards,
Florian Riedl
Changelog for 8.7.0 (v8-stable)
Version 8.7.0 [v8-stable] 2015-01-13
- add message metadata “system” to msg object
this permits to store metadata alongside the message - imfile: add support for “filename” metadata
this is useful in cases where wildcards are used - imptcp: make stats counter names consistent with what imudp, imtcp uses
- added new module “omkafka” to support writing to Apache Kafka
- omfwd: add new “udp.senddelay” parameter
- mmnormalize enhancements
Thanks to Janmejay Singh for the patch. - RainerScript “foreach” iterator and array reading support
Thanks to Janmejay Singh for the patch. - now requires liblognorm >= 1.0.2
- add support for systemd >= 209 library names
- BSD “ntp” facility (value 12) is now also supported in filter
Thanks to Douglas K. Rand of Iteris, Inc. for the patch.
Note: this patch was released under ASL 2.0 (see email-conversation). - bugfix: global(localHostName=”xxx”) was not respected in all modules
- bugfix: emit correct error message on config-file-not-found
closes https://github.com/rsyslog/rsyslog/issues/173 - bugfix: impstats emitted invalid JSON format (if JSON was selected)
- bugfix: (small) memory leak in omfile’s outchannel code
Thanks to Koral Ilgun for reporting this issue. - bugfix: imuxsock did not deactivate some code not supported by platform
Among potential other problemns, this caused build failure under Solaris.
Note that this build problem just made a broader problem appear that so
far always existed but was not visible.
closes https://github.com/rsyslog/rsyslog/issues/185
LibLogging 1.0.5 released
liblogging 1.0.5 [download]
We have released liblogging 1.0.5.
sha256sum: 310dc1691279b7a669d383581fe4b0babdc7bf75c9b54a24e51e60428624890b
– cleanup for systemd-journal >= 209
closes https://github.com/rsyslog/liblogging/issues/17
– bugfix: date stamp was incorrectly formatted
The day part was totally off. This affected the “uxsock:” and “file:”
drivers.
closes https://github.com/rsyslog/liblogging/issues/21
rsyslog -devel packages are being removed soon
If you use rsyslog’s devel packages on your system, you will receive errors soon. Be sure to read the complete posting to avoid trouble!
As part of rsyslog’s new release schedule and version naming, devel releases will no longer be named according to the “normal” numbering scheme. This also means that the previous “devel” branches will disappear, as git master branch now is the always-current devel version.
Keep on your mind that we previously had a release cycle of 3 to 9 month for a new feature to appear in a stable version. That was because new feature releases were only done when a complete devel turnaround was done, and relatively many new features were added. For this reason, some people opted to run devel versions in production, and thus needed specific tarballs (and packages) for them.
With the new six week release cycle, we get new features rather quickly into the stable builds. So it usually should be no problem to wait for the next stable to use that recently-implemented new feature. As such, there is no need any longer for special devel releases, and thus no need for devel tarballs and packages.
Well… almost. One thing we would like to have is a “daily devel version”. The idea is that if the testbench runs are OK, a new tarball and a set of packages is generated automatically and posted to a special archive. In general, that archive should receive an update once a day. So people really interested in the [b]leading edge can simply install from that daily package archive — and report bugs quickly, so helping the development process. Unfortunately, time is precious and we don’t know when and if we can setup the required automation. Most probably not before January 2015, and how it works out then needs to be seen.
In the interim, we will begin to delete the -devel packages. The old -devel tarballs will remain available, at least for the time being. The problem with -devel packages is that folks may have set their system to use the -devel repro. If we would just keep it as is, those systems would never again receive any updates, neither security-releated nor others, simply because -devel versions no longer exist in the way they were. That would pose a potentially big security risk. As such, we will delete the -devel content, and begin to do so early next week. If you use the -devel packages, be sure to switch the v8-stable instead.
rsyslog 8.6.0 (v8-stable) released
We have released rsyslog 8.6.0.
This is the first stable release under a new release cycle and versioning scheme. This new scheme is important news in itself. For more details, please have a look here:
http://www.rsyslog.com/rsyslogs-new-release-cycle-and-versioning-scheme/
Version 8.6.0 contains important new features like the ability to monitor files via wildcards in imfile. It also contains new, experimental zero message queue modules (special thanks to team member Brian Knox), improvements to RainerScript and mmnormalize (thanks to Singh Janmejay) and a couple of other improvements.
This release also contains important bug fixes.
This is a recommended upgrade for all users.
http://www.rsyslog.com/changelog-for-8-6-0-v8-stable/
Download:
http://www.rsyslog.com/downloads/download-v8-stable/
As always, feedback is appreciated.
Best regards,
Florian Riedl
rsyslog’s new release cycle and versioning scheme
With today’s release of rsyslog 8.6.0, we start a new release schedule and versioning scheme. In a nutshell, we will be doing stable releases every six weeks now, and devel releases will be distributed via git exclusively.
We have made this move after reflecting the changes in user participation in open source development as well as analyzing what big projects like the Linux kernel, Firefox and Chrome are doing. I am very excited about the new methodology and sincerely hope it will make new features even more readily available to a large user base. Details on the new system are in the embedded presentation.
Changelog for 8.6.0 (v8-stable)
Version 8.6.0 [v8-stable] 2014-12-02
NOTE: This version also incorporates all changes and enhancements made for
v8.5.0, but in a stable release. For details see immediately below.
- configuration-setting rsyslogd command line options deprecated
For most of them, there are now proper configuration objects. Some few will be completely dropped if nobody insists on them. Additional info at
http://blog.gerhards.net/2014/11/phasing-out-legacy-command- line-options.html - new and enhanced plugins for 0mq. These are currently experimantal.
Thanks to Brian Knox who contributed the modules and is their author. - empty rulesets have been permitted. They no longer raise a syntax error.
- add parameter -N3 to enable config check of partial config file
Use for config include files. Disables checking if any action exists at
all. - rsyslogd -e option has finally been removed
It is deprectated since many years. - testbench improvements
Testbench is now more robust and has additional tests. - testbench is now by default disabled
To enable it, use –enable-testbench. This was done as the testbench now does better checking if required modules are present and this in turn would lead to configure error messages where non previously were if we would leave –enable-testbench on by default. Thus we have turned it off. This should not be an issue for those few testbench users. - add new RainerScript functions warp() and replace()
Thanks to Singh Janmejay for the patch. - mmnormalize can now also work on a variable
Thanks to Singh Janmejay for the patch. - new property date options for day ordinal and week number
Thanks to github user arrjay for the patch - remove –enable-zlib configure option, we always require it
It’s hard to envision a system without zlib, so we turn this off
closes https://github.com/rsyslog/rsyslog/issues/76 - slight source-tree restructuring: contributed modules are now in their own ./contrib directory. The idea is to make it clearer to the end user which plugins are supported by the rsyslog project (those in ./plugins).
- bugfix: imudp makes rsyslog hang on shutdown when more than 1 thread used
closes https://github.com/rsyslog/rsyslog/issues/126 - bugfix: not all files closed on auto-backgrounding startup
This could happen when not running under systemd. Some low-numbered fds were not closed in that case. - bugfix: typo in queue configuration parameter made parameter unusable
Thanks to Bojan Smojver for the patch. - bugfix: unitialized buffer off-by-one error in hostname generation
The DNS cache used uninitialized memory, which could lead to invalid hostname generation.
Thanks to Jarrod Sayers for alerting us and provinding analysis and patch recommendations. - bugfix imuxsock: possible segfault when SysSock.Use=”off”
Thanks to alexjfisher for reporting this issue.
closes https://github.com/rsyslog/rsyslog/issues/140 - bugfix: RainerScript: invalid ruleset names were accepted during ruleset defintion, but could of course not be used when e.g. calling a ruleset.
IMPORTANT: this may cause existing configurations to error out on start, as they invalid names could also be used e.g. when assigning rulesets. - bugfix: some module entry points were not called for all modules callbacks like endCnfLoad() were primarily being called for input modules. This has been corrected. Note that this bugfix has some regression potential.
- bugfix omlibdbi: connection was taken down in wrong thread
This could have consequences depending on the driver being used. In general, it looks more like a cosmetic issue. For example, with MySQL it lead to a small memory but also an annoying message about a thread not properly torn down. - imttcp was removed because it was an incompleted experimental module
- pmrfc3164sd because it was a custom module nobody used
We used to keep this as a sample inside the tree, but whoever wants to look at it can check in older versions inside git - omoracle was removed because it was orphaned and did not build/work for quite some years and nobody was interested in fixing it
rsyslog 8.5.0 (v8-devel) released
We have just released 8.5.0 of the v8-devel branch.
This begins the next v8 devel series. Most importantly, it contains a greatly refactored imfile, which now supports wildcards inside filenames. There are also some other improvements, as well as some bugfixes that are not yet included in the stable versions (this will happen soon with the next release).
For more details about using wildcards in imfile, please take a look at this presentation:
Using Wildcards with rsyslog’s File Monitor
ChangeLog:
http://www.rsyslog.com/changelog-for-8-5-0-v8-devel/
Download:
http://www.rsyslog.com/download-v8-devel/
As always, feedback is appreciated.
Best regards,
Florian Riedl