mmexternal

rsyslog 8.3.2 (v8-devel) released

We have just released 8.3.2 of the v8-devel branch.

This is primarily a bug-fixing release, but it also adds the ability to extract parts of a timestamp via the property replacer and adds support for per-listener imrelp rulesets (thanks to bobthesecurityguy for the patch!).

ChangeLog:

http://www.rsyslog.com/changelog-for-8-3-2-v8-devel/

Download:

http://www.rsyslog.com/download-v8-devel/

As always, feedback is appreciated.

Best regards,
Florian Riedl

rsyslog 8.3.1 (v8-devel) released

We have just released 8.3.1 of the v8-devel branch.

This release provides some improvements for external message modification modules, a module to rewrite message facility and severity as well as bug fixes. It is a recommended update for all v8.3 users.

ChangeLog:

http://www.rsyslog.com/changelog-for-8-3-1-v8-devel/

Download:

http://www.rsyslog.com/download-v8-devel/

As always, feedback is appreciated.

Best regards,
Florian Riedl

Changelog for 8.3.1 (v8-devel)

Version 8.3.1 [v8-devel] 2014-04-24

  • external message modification interface now support modifying message PRI
  • “jsonmesg” property will include uuid only if one was previously generated
    This is primarily a performance optimization. Whenever the message uuid is gotten, it is generated when not already present. As we used the regular setter, this means that always the uuid was generated, which is quite time-consuming. This has now been changed so that it only is generated if it already exists. That also matches more closly the semantics, as “jsonmesg” should not make modifications to the message.
    Note that the same applies to “fulljson” passing mode for external plugins.
  • added plugin to rewrite message facility and/or severity
    Name: fac-sever-rewrite.py
  • permits to build against json-c 0.12
    Unfortunately, json-c had an ABI breakage, so this is necessary. Note that versions prior to 0.12 had security issues (CVE-2013-6370, CVE-2013-6371) and so it is desirable to link against the new version.
    Thanks to Thomas D. for the patch.
    Note that at least some distros have fixed the security issue in older versions of json-c, so this seems to apply mostly when building from sources.
  • bugfix: using UUID property could cause segfault
  • bugfix/mmexternal: memory leak
  • bugfix: memory leak when using “jsonmesg” property
  • bugfix: mmutf8fix did not detect two invalid sequences
    Thanks to Axel Rau for the patch.
  • bugfix: build problems with lexer.l on some platforms
    For some reason, the strdup() prototype and others are missing. I admit that I don’t know why, as this happens only in 8.3.0+ and there is no indication of changes to the affected files. In any case, we need to fix this, and the current solution works at least as an interim one.

rsyslog 8.3.0 (v8-devel) released

We have just released 8.3.0 of the v8-devel branch.

This opens the next iteration of the v8-devel branch. As its most important feature, this release offers the external plugin message modification interface and comes with a full sample of a credit card anonymizer in python.

ChangeLog:

http://www.rsyslog.com/changelog-for-8-3-0-v8-devel/

Download:

http://www.rsyslog.com/download-v8-devel/

Feedback is *very much* appreciated.

Best regards,
Florian Riedl

Changelog for 8.3.0 (v8-devel)

Version 8.3.0 [v8-devel] 2014-04-10

  • new plugin for anonymizing credit card numbers
    Thanks to Peter Slavov for providing the code.
  • external message modification modules are now supported
    They are bound via the new native module “mmexternal”. Also, a sample skeleton for an external python message modification module has been added.
  • new $jsonmesg property with JSON representation of whole message object
    closes: https://github.com/rsyslog/rsyslog/issues/19
  • improved error message for invalid field extraction in string template
    see also:
    http://kb.monitorware.com/problem-with-field-based-extraction-t12299.html
  • fix build problems on Solaris
  • NOTE: a json-c API that we begun to use requires the compiler to be in c99 mode. By default, we select it automatically. If you modify this and use gcc, be sure to include “-std=c99” in your compiler flags. This seems to be necessary only for older versions of gcc.
Scroll to top