Changelog for 8.4.1 (v8-stable)
Version 8.4.1 [v8-stable] 2014-09-30
- imudp: add for bracketing mode, which makes parsing stats easier
- permit at-sign in variable names
closes: https://github.com/rsyslog/rsyslog/issues/110 - bugfix: fix syntax error in anon_cc_numbers.py script
Thanks to github user anthcourtney for the patch.
closes: https://github.com/rsyslog/rsyslog/issues/109 - bugfix: ompgsql: don’t loose uncomitted data on retry
Thanks to Jared Johnson and Axel Rau for the patch. - bugfix: imfile: if a state file for a different file name was set, that different file (name) was monitored instead of the configured one. Now, the state file is deleted and the correct file monitored.
closes: https://github.com/rsyslog/rsyslog/issues/103 - bugfix: omudpspoof: source port was invalid
Thanks to Pavel Levshin for the patch - bugfix: build failure on systems which don’t have json_tokener_errors
Older versions of json-c need to use a different API (which don’t exists on newer versions, unfortunately…)
Thanks to Thomas D. for reporting this problem. - bugfix: omelasticsearch does not work with broken/changed ES 1.0+ API
closes: https://github.com/rsyslog/rsyslog/issues/104 - bugfix: mmanon did not properly anonymize IP addresses starting with ‘9’
Thanks to defa-at-so36.net for reporting this problem.
closes: http://bugzilla.adiscon.com/show_bug.cgi?id=529 - bugfix: build problems on SuSe Linux
Thanks Andreas Stieger for the patch - bugfix: omelasticsearch error file did not work correctly on ES 1.0+ due to a breaking change in the ElasticSearch API.
see also: https://github.com/rsyslog/rsyslog/issues/104 - bugfix: potential abort when a message with PRI > 191 was processed if the “pri-text” property was used in active templates, this could be abused to a remote denial of service from permitted senders
see also: CVE-2014-3634
rsyslog v8 improvements and how to write plugins in any language
In the first part, we will explain the new RSYSLOG v8 engine, its motivation and its benefits. Learn, for example, why writing to Elasticsearch is much faster with the new engine. We will describe the tuning parameters vital for making best use of the new features.
In the second part we will explain how to write RSYSLOG plugins in any language. Traditionally, writing rsyslog plugins has been considered quite hard, with at least C knowledge necessary. In v8, we have introduced new interfaces which make it possible to write plugins in any language – be it Python, Perl or Java. Even bash will do. In essence, this is a great tool for any admin to add special needs with just a bit of scripting. We will proivde concrete instructions on how to write a plugin, point to read-to-copy samples and tell how to integrate this into rsyslog.
NOTE: This is Rainers LinuxTag Berlin 2014 talk.
New 8.4 stable is ready
A new rsyslog v8-stable has been released. It is not just the next iteration of 8.2, instead it will be a new feature release based on the latest 8.3 devel. So please welcome 8.4.
Frequent followers may wonder why 8.4 is ready. Originally, we planned to release it after the summer break. The reason is simple: its ready to come up, albeit with a little less functionality than originally anticipated. Since we were primarily doing maintenance and bug fixing on v8-devel the past couple of weeks, just as it normally happens before a new stable branch comes up. So the code has matured and we decided it was ready to be released as stable. We released 8.4.0 a week ago, and it inherits all the enhancements and fixes of rsyslog 8.3. We hope rsyslog 8.4 fulfils your expectations and provides a flawless logging experience.
rsyslog 8.4.0 (v8-stable) released
We have just released 8.4.0 of the v8-stable branch.
This release introduces the new stable version that inherits all the enhancements and improvements of rsyslog 8.3.
Additionaly, the separated documentation is available as a tarball download on the download page.
http://www.rsyslog.com/changelog-for-8-4-0-v8-stable/
Download:
http://www.rsyslog.com/downloads/download-v8-stable/
As always, feedback is appreciated.
Best regards,
Florian Riedl
rsyslog 8.3.5 (v8-devel) released
We have just released 8.3.5 of the v8-devel branch.
This is basically a maintenance release. It adds improved error output to omprog and a couple of patches were imported from the latest v7-stable (7.6.4).
ChangeLog:
http://www.rsyslog.com/changelog-for-8-3-5-v8-devel/
Download:
http://www.rsyslog.com/download-v8-devel/
As always, feedback is appreciated.
Best regards,
Florian Riedl
Changelog for 8.3.5 (v8-devel)
Version 8.3.5 [v8-devel] 2014-08-05omprog:
- emit error message via syslog() if loading binary fails
This happens after forking, so omprog has no longer access to rsyslog’s regular error reporting functions. Previously, this meant any error message was lost. Now it is emitted via regular syslog (which may end up in a different instance, if multiple instances run…) - couple of patches imported from v7-stable (7.6.4)
rsyslog 8.3.4 (v8-devel) released
We have just released 8.3.4 of the v8-devel branch.
This is a somewhat unexpected new 8.3 devel version: thanks to some sponsor, we could work on providing better parsers for Cisco IOS devices as well as some improvements to the general date parser. As we want to integrate this into 8.4, we have decided to release another 8.3 version. Please note that 8.4 stable is still immanent. This version also includes a number of bug fixes.
ChangeLog:
http://www.rsyslog.com/changelog-for-8-3-4-v8-devel/
Download:
http://www.rsyslog.com/download-v8-devel/
As always, feedback is appreciated.
Best regards,
Florian Riedl
Changelog for 8.3.4 (v8-devel)
Version 8.3.4 [v8-devel] 2014-07-11
- new pmciscoios parser supporting various Cisco IOS formats
- RFC3164 timestamp parser now accepts timezones and subsecond resolution
… at least for some common formats and where we could do so without running risk of breaking proper formats (or introducing regressions) - new parser config object — permits to define custom parser definitions
- new tzinfo config object — permits to define time zone offsets
This is a utility object that currently is being used by some parsers. - bugfix: mishandling of input modules not supporting new input instances
If they did not support this, accidently the output module part of the module union was written, leading to unpredictable results. Note: all core modules do support this interface, but some contributed or very old ones do not. - bugfix: double-free when ruleset() parser parameters were used
While unlikely, this could cause stability issues even after the config phase.
Upcoming new v8-stable
A new rsyslog v8-stable is coming up soon. It will not just be the next iteration of 8.2, instead it will be a new feature release based on the current 8.3 devel. So be prepared to welcome 8.4. Frequent followers may wonder why 8.4 is ready. Originally, we planned to release it after the summer break. The reason is simple: its ready to come up, albeit with a little less functionality than originally anticipated.
We were (and are) busy working on the rsyslog Windows Agent, which gets a fresh brush up of its engine. It’ll be even better (and faster) as before, but that also meant that we had less time to spent on Linux rsyslog. It turned out that we are primarily doing maintenance and bug fixing on v8-devel the past couple of weeks, just as it normally happens before a new stable branch comes up. So the code has matured. At the same time, we get very good feedback for 8.2 in general, which really makes us believe that v8 fully replaces v7. The bad news is that 8.3 is currently missing the promised non-C support for input modules. However, it’s easy to do this via the regular syslog() API, so this doesn’t look like it’s overly important. In short, this means 8.3 is ready for prime time and we won’t defer it for longer than really required. Just think about how many folks have asked about non-C actions or the ability to clear out dynafiles after an inactivity timeout.
We released 8.3.3 last week, and it is scheduled to be the last 8.3 version (if nothing really important comes up). We are still working on some rough edges, which we hopefully can smoothen within the next couple of days. If possible, we’ll move them into 8.4.0. We hope to be able to release 8.4.0 next week or the week thereafter, so we get a shiny new stable before the summer break.
Also, we will finally officially drop community development support for v7. This will probably even happen this week. As usual, that doesn’t mean v7 is put into the waste bin. We’ll continue to apply patches to it, and we expect that distros will carry it for a while. Even new v7 releases may happen from time to time. But it’s no longer a version that you can expect to receive community support on (of course, rsyslog support contract customers will also be supported on outdated versions, so relax if that is you – but that’s a different story).
We hope you are looking forward to 8.4. If you can, please also help with testing 8.3.3.
rsyslog 8.3.3 (v8-devel) released
We have just released 8.3.3 of the v8-devel branch.
This provides the capability to automatically close files (including dynafiles) after some inactivity timeout. It also makes some of the more exotic modules build under v8, which now supports the same set of output modules as v7 did.
ChangeLog:
http://www.rsyslog.com/changelog-for-8-3-3-v8-devel/
Download:
http://www.rsyslog.com/download-v8-devel/
As always, feedback is appreciated.
Best regards,
Florian Riedl