Commit graph

40 commits

Author SHA1 Message Date
fhajny
dde0c781cc sysutils/syslog-ng: Avoid doubling up on a process watchdog inside
the SMF manifest. Bump PKGREVISION.
2018-01-12 20:48:06 +00:00
fhajny
60bfc69f7a Update sysutils/syslog-ng* to 3.13.2.
- Remove separate sysutils/syslog-ng-json package, it is now a core
  module/dependency.

3.13.2

Fixes
- Missing manpages from release tarball
- Package syslog-ng-mod-json is removed from
- Drop syslog-ng-abi virtual packages


3.13.1

Features
- Add app-parser() framework (automatic parsing of log messages)
- Support microseconds in Riemann destination
- Add osquery destination as an SCL plugin
- Add network load balancer destination
- Add possibility to only signal re-open of file handles (SIGUSR1)
- It is possible from now to limit the number of registered dynamic
  counters
- Add $(binary) template function
- Add experimental transport for transferring messages in whole
  between syslog-ng instances (EWMM)
- Docker based build and debian package generation
- Add auto-parse(yes/no) to app-paser(), system() and
  default-network-drivers()
- Add Graylog2 destination and $(format-gelf) template function

Bugfixes
- Exit when a read fails on an included config file instead of
  starting up with an empty configuration.
- Fix double free
- Add missing discarded counter to groupingby
- Fix a reference leak in Python destination
- Fix timezone issue in snmptrapd parser
- Fix potential crash in stdin driver
- Fix a crash when initializing new config fails for socket with
  keep_alive off
- Fix filter evaluation in case of contexts with multiple elements
- Various grouping-by fixes
- Fix potential use after free around dns-cache during shutdown
- Fix access to indirect values within Java destination
- Fix a crash in affile
- Fix a memory leak
- Fix a crash when getent is used empty group
- Fix jvm-options()
- Fix a crash in Python language binding
- Fix a crash in afmongodb
- Fix a memory leak in afmongodb
- Fix name-to-GID calculation in the $(getent) template function
- Fix a crash when redis is configured without the command() option
- Fix a race condition in kv-parser()

Other changes
- Cleanup diskq related warning messages
- Provide tls block for tls options in amqp(), http(), riemann()
  destination drivers
- It it possible from now to register blocks and generators as plugins
- Drop compatiblity with configurations below 3.0
- Do not change permissions of a file by default
- Allow source files to specify permissions locally
- Minor performance improvement
- The current config version can be queried with "--version"
- Increase the performance of kv-parser()
2017-12-11 14:45:11 +00:00
fhajny
d47b7577dc Update sysutils/syslog-ng to 3.12.1.
# Features

- HDFS: support macro in filename
- HDFS: add append support
- Java: allow to use sequence numbers in templates
- TLS improvements
    - Add PKCS 12 support with the new `pkcs12-file()` TLS option
    - startup time `ssl-options()` and `peer-verify()` check
    - startup time `key_file`, `cert_file`, `ca_dir`, `crl_dir` and
      `cipher_suite` check
    - ECDH  cipher support (OpenSSL 1.0.1, 1.0.2, 1.1.0) with the
      `ecdh-curve-list()` option (only available >= 1.0.2)
        - for < 1.0.2, a hard-coded curve is used
        - for >= 1.0.2, automatic curve selection is used (the
          `ecdh-curve-list()` option can restrict this list)
    - DH cipher support with the `dhparam-file()` option
        - if the option is not specified, fallback RFC 3526 parameters
          are used
    - minor fixes
- `stdin()` source driver
- Implement `read_old_records` option for systemd-journal source
- Add tags-parser: a new module to parse $TAGS values
- Add a Windows eventlog parser scl module
- Add XML parser module

# Bugfixes

- Fix cannot parse ipv6 into hostname
- Speedup add-contextual-data by making ordering optional
- Fix `monitor-method()` option not working for `wildcard-file()` source
- Sanitize SDATA keys in syslog-protocol messages to avoid generating
  non-valid messages
- Fix memory leaks reported using Valgrind
- Fix memory leak related to cloning pipes and reload
- Fix getent protocol number returns incorrect value
- Fix elasticsearch2 destination flush mechanism
- Fix file destination related memory leak
- Fix a possible memory leak around affile destination

# Other changes

- Improve syslog-ng debun functionality
- Java: allow to set JVM options form global syslog-ng options
- Do steps towards Python 3 support:
    - Fix string compatibility for Python 3
    - Improve Python version auto detection
- HTTP destination: display verbose logs on debug level
- Improvements for Solaris packing
2017-10-02 15:16:27 +00:00
fhajny
1bd43f3d7d Update sysutils/syslog-ng* to 3.11.1.
3.11.1

Features

- Add geoip2 parser and template function.
- Add SSL support to AMQP.
- Add template option to apache-accesslog-parser.
- Add configurable event time to Riemann destination.
- Add drop-unmatched() option to dbparser.
- Add Ubuntu Xenial to the bundled docker images.
- Support multi-instance support for Solaris 10 and 11.
- Support multi-instance for systemd.
- Add configurable timeout to HTTP destination.
- Add prefix() option to cisco-parser.

Bugfixes

- Fix a memory usage counter underflow for threaded destination drivers
  and writers.
- Fix a potential crash in AMQP.
- Fix a potential crash during reload.
- Fix a reload/shutdown issue.
- Fix a potential crash in afsocket destination during reload.
- Fix a counter registration bug.
- Fix a build issue on FreeBSD.
- Fix a memory leak in diskq plugin.
- Fix systemd-journal error codes validation.
- Fix a potential crash in diskq when it is used with file
  destination and the file is reaped.
- Fix a memory leak in HTTP destination
- Fix ENABLE_DEBUG in dbparser.
- Fix a unit tests that caused build issue on 32 bit platforms.

Other changes

- The eventlog library is part of syslog-ng from now.
- Improve error messages when the config cannot be initialized.
- Improve source suspended/resumed debug messages.
- Rename syslog-debun to syslog-ng-debun.
- Update manpages to v3.11
- Remove tgz2build directory.


3.10.1

Features

- Support https in http (curl) module
- Docker support : from now Dockerfile for CentOS7, Ubuntu Zesty and for
  Debian Jessie is part of our upstream
- Add --database parameter for geoip template function
- Metric improvements
- Add snmp-parser (v1, v2)
- Add snmp-soure
- Add osquery source
- Add cisco-parser
- Add wildcard filesource
- Add startdate template function
- Add $(basename) and $(dirname) template functions
- Add Kerberos support for HDFS destination
- Add AUTH support for redis destination
- Add map-value-pairs() parser
- Extend Python language binding by Python parser
- Add support for extract-stray-words() option in kv-parser()
- Add $(context-values) template function
- Add $(context-lookup) function
- Add list related template functions
- Add add query commands to syslog-ng-ctl
- Support multiple servers in elasticsearch2-http destination
- Implements elastic-v2 https in http mode
- Add getent module (ported from incubator)
-  Add support for IP_FREEBIND

Bugfixes

- Fix a libnet detection check error that caused problem configuring
  enable-spoof-source.
- Avoid warnings about _DEFAULT_SOURCE on recent glibc versions
- Fix invalid database warning for geoip parser
- Fix prefix() default in systemd-journal for new config versions
- Fix a potential message loss in Riemann destination
- Fix a potential crash in the Riemann destination when the client is
  not connected to the Riemann server.
- Fix a possible add-contextual-data() related data loss in case of
  multiple
  reference to the same add-contextual-data parser in several logpaths.
- Fix dbparser deadlock
- Fix Python destination
- Fix processed stats counter for afsocket
- Fix stats source for pipes
- Fix csv-parser multithreaded support
- Fix a message loss in case of filesource when syslog-ng was restarted
  and the log_msg_size > file size.
- Fix a potential crash in cryptofuncs
- Fix a potential crash in syslog-ng-ctl when no command line parameters
  was set.
- Fix token duplication in the output of '--preprocess-into'
- Fix UTF-8 support in syslog-ng-ctl
- Fix a potential crash during X.509 certificate validation.
- Fix a segfault in Python module startup
- Fix a possible endless reading loop issue in case of multi-line
  filesource.
- Fix soname for the http module from "curl" to "http"
- Avoid openssl 1.1.0 deprecated APIs

Other changes

- Increase processed counter by queued counter after reload or restart
  when diskqueue is used otherwise the newly added written counter would
  underflow.
- Set the default time-zone to UTC for elasticsearch2
- Add retries support for python destination
- Prefer server side cipher suite order
- Always include librabbitmq in the dist tarball
- Always include ivykis in the dist tarball
- Marking parse error locations with >@<.
- Default log_msg_size is increased to 64Kbyte from 8Kb
- Tons of syslog-debun improvements
- Exit with 0 return code when --help is specified for syslog-ng-ctl
- syslog-ng: make '--preprocess-into' foreground only
- Add debug messages on log_msg_set_value()
- Add more detail to filter evaluation related debug messages
2017-08-31 12:53:50 +00:00
fhajny
16f931703e Update sysutils/syslog-ng to 3.9.1.
Features

- Improve parsing performance in case of keep-timestamp(no)
- TLS based transports will publish the peer's certificate in a set of
  name-value pairs.
- Improve performance of the tcp() source, due to a bug, syslog-ng
  attempted to apply position tracking to messages coming over a TCP
  transport, which is used for file position tracking and causing
  performance degradation.
- Make it possible to configure the listen-backlog() for any stream based
  transports (unix-stream and tcp).
- Add a groupunset() rewrite rule that pairs up with groupset() but instead
  of setting values it unsets them.
- Add support for Elastic Shield and SearchGuard
- kv-parser() is now able to cope with unquoted values with an embedded
  space in them, it also trims whitespace from keys/values and is in
  general more reliable in extracting key-value pairs from arbitrary log
  messages.
- Improve performance for java based destinations.
- Add prefix() option to add-contextual-data()

Bugfixes

- Fix a potential crash in the file destination, in case it is a template
  based filename and time-reap() is elapsed.
- Fix a potential ACK problem within syslog-ng that can cause input windows
  to overflow queue sizes over time, effectively causing message drops that
  shouldn't occur.
- Fix a heap corruption bug in the DNS cache, in case the maximum number of
  DNS cache entries is reached.
- Fix timestamp for suppression messages.
- Fix add-contextual-data() to support CRLF line endings in its CSV input
  files.
- Fixed key() option parsing in riemann() destinations.
- Find libsystemd-journal related functions in both libsystemd-journal.so
  and libsystemd.so, as recent systemd versions bundled all systemd
  related libs into the same library.
- Fixed the build-time detection of system-wide installed librabbitmq,
  libmongoc and libcap.
- Fix the file source to repeatedly check for unexisting files, as a bug
  caused syslog-ng to stop after two attempts previously.
- The performance testing tool "loggen" crashed if it was used to generate
  messages on multiple threads over TLS. This was now fixed.
- Fix an issue in the syslog-parser() parser, so that timestamps parsed
  earlier in the log path are properly overwritten.
- Due to a compilation issue, tcp-keepalive-time(), tcp-keepalive-intvl() and
  tcp-keepalive-probes() were not working, now they are again.
- The --disable-shm-counters option is now passed to mongo-c-driver to work
  around a minor security issue.
- Fix compilation issues on FreeBSD.
- Add support to month names in all caps in syslog timestamps. At least one
  device seems to generate these.
- The options() option to java destination can now accept numbers and not
  just strings.
- Fix a memory leak in the java destination driver, that may affect java
  based destinations like ElasticSearch, Kafka & HDFS.

Other changes

- HDFS was updated to 2.7.3
- Elasticsearch was updated to 2.4.0
- Support was added for OpenSSL 1.1.x
2017-01-10 18:54:15 +00:00
fhajny
f4959e8466 CPPFLAGS no longer needed, fixes build for py-syslog-ng. 2016-08-21 21:31:24 +00:00
fhajny
39777d6cef Clear the stray PKGREVISION after update 2016-08-21 20:22:30 +00:00
fhajny
858c5ff3c3 Update sysutils/syslog-ng and modules to 3.8.1.
3.8.1

Library updates
- Kafka-client updated to version to 0.9.0.0
- Minimal required version of hiredis is set to 0.11.0 to avoid
  possible deadlocks
- Minimal version of libdbi is set to 0.9.0

Improvements and features
- Added the long-waited disk-buffer.
- date-parser ported from incubator to upstream
- New template functions: min, max, sum, average
- Added Apache-accesslog-parser
- Added loggly destination
- Added logmatic destination
- Added template function for supporting CEF.
- cURL-based HTTP destination driver added (implemented in C
  programming language)
- SELinux policy installer script now has support for Red Hat
  Enterprise Linux/CentOS/ Oracle Linux 5, 6 and 7.
- Implemented add-contextual-data: With add-context-data syslog-ng
  can use an external database file to append custom name-value
  pairs on incoming logs (to enrich messages).

Program destination/source drivers
- Added inherit-environment configuration option to program source
  and destination.
- Added keep-alive option to program destination (afprog).

Java drivers
- HTTP destination: Added the ability to use templates in both url
  and message.
- ElasticSearch Destination driver: Support 2.2.x series of
  ElasticSearch (transport and node mode).

MongoDB destination driver
- Replaced submodule limongo-client with mongo-c-driver.
- Additional support for previous syntax used by libmongo-client
  before we started using mongo-c-driver and its URI syntax
  exclusively.

Riemann destination driver
- Use cert-file() and key-file() options to match afsocket
  keywords as the same way as afsocket drivers use these options.

Rewrite rules
- Introduced template options in rewrite rules.
- Added unset operation to make it possible to unset a specific
  name-value pair for a logmessage.

Parsers
- kvformat: make it possible to specify name-value separator
- linux-audit-scanner: recognize a0-a9* as fields to be decoded
- csv-parser has been refactored, extended with new dialect and
  prefix options.

PatternDB
- added groupingby() parser that can perform simple correlation on
  log messages
- added create-context action
- Added NLSTRING parser that captures a string until the following
  end-of-line

Miscellaneous features
- syslog-debun (debug bundle script for syslog-ng) has been
  improved

Bugfixes
- geoip-parser: When default database if not specified, syslog-ng
  crashed.
- Added support for multiple drivers with the same name in
  syslog-ng config.
- Fixed aack counting logic for junctions that have branches that
  modify the LogMessage.
- Fixed a potential crash for code that uses log_msg_clear() in
  production (e.g. syslog-parser()).
- Fixed potential crash in reload logic
- system(): use string comparison instead of numeric in PID
  rewrite
- Support encoding on glib compiled with libiconv
- pdbtool: Fix the ordering of the debug-info list in PatternDB
- afprog: Don't kill our own process group
- Handle option names with hyphen (-) characters in java scls
- dnscache performance improved
- Fixed IPv6 parser in patterndb.
- Fixed journald program name flapping
- Fixed create-dirs() inheritance in file destinations
- Fixed pass-unix-credentials() global inheritance in afunix
- Fixed create-dirs() global inheritance in afunix
- Fixed byteorder handling on bigendian systems in netmask6 filter
- Fixed flow-control issue when overflow queue is full (suspending
  source by setting the window size to 0).
- Log HTTP response error codes in HTTPDestination (Java).
- Fixed potential leaks related $(sanitize) argument parsing in
  basicfuncs.
- Fixed a memory leak in python debugger
- Fixed a use-after-free bug in templates.
- Fixed a memory leak around reload in netmask6 filter.
- Fixed a memory leak in LogProtoBufferedServer in case the
  encoding() option is used.
- configure: don't override $enable_python while executing
  pkg-config
- Fixed BSD timestamp parsing in syslog-format.
- Fixed a SIGPIPE bug in program destination.
- Error handling has been improved in AMQP destination.
- value-pairs performance improvements, memleak fixes
- Various issues around UTF-8 support fixed.
- Fixed integer overflow in numerical operations template function
- Fixed an integer underflow in afsocket.
- Fixed numerical comperisons issues around filters.
- Fixed kernel log message time drift on Linux.
- Take CRLF sequences equivalent to an LF in patterndb.
- When syslog-ng failed to insert data into Redis, it has crashed.
- When device file is set as a file destination then syslog-ng
  will not try to change the permission of the device file.
- Various fixes around config file parsing:


3.7.3

Improvements
- Updated Python package requirements.
- Can now compile without MongoDB.
- Added eventlog to the list of required pkg-config packages.
- Basic FreeBSD and HP-UX support of syslog debug bundle generator
  by improving POSIX shell compatibility.
- Keep the program destination open between configuration reloads.
- system-source now uses keep-timestamp(no) for Linux kernel log.
  The time source used by /dev/kmsg is not updated after system
  SUSPEND/RESUME.

Fixes
- Fix a SIGSEGV when a Redis command returns an error.
- Resolve deadlock in logwriter triggered by suppress()
- Mitigate possible deadlock in patterndb
- Fixed global inheritance of pass-unix-credentials() and
  create-dirs().
- Certain compilers complained about an undefined symbol when
  setting keep-alive(yes).
- For certain use cases, afsocket would not handle procfs read
  errors due to an integer underflow.
- Enhanced Java version check and the handling of
  SyslogNgInternalLogger (used by Kafka), the FATAL loglevel and
  getLocationInformation().
- When a big amount of kernel log was produced in a very short
  time, the syslog-ng process sometimes entered into a spin and
  stop processing messages.
2016-08-21 20:18:30 +00:00
jperkin
36e6903fd8 Remove the stability entity, it has no meaning outside of an official context. 2016-06-08 10:16:50 +00:00
jperkin
31ffe7cbb6 Change the service_bundle name to "export" to reduce diffs between the
original manifest.xml file and the output from "svccfg export".
2016-06-08 09:46:01 +00:00
tnn
06ef594ce0 syslog-ng installs systemd journal library on Linux with systemd 2016-03-09 10:49:00 +00:00
jperkin
17661ff9a5 Bump PKGREVISION for security/openssl ABI bump. 2016-03-05 11:27:40 +00:00
jperkin
36eaaf6066 Use OPSYSVARS. 2016-02-26 10:24:10 +00:00
fhajny
f775f8df0d Fix PLIST for non-SunOS platforms 2015-11-06 16:05:00 +00:00
fhajny
2f92fc7f31 Update syslog-ng to the latest stable 3.7.2 version.
Rework and clean up the package, split off various bindings
into separate packages. Add SMF support.

Major features and improvements introduced in major releases since 3.2.

3.7
- OpenSSL is now a required dependency for syslog-ng.
- Java-destination driver ported from syslog-ng-incubator.
- Python language support is ported from syslog-ng incubator.
- New Java destination drivers
- New Parsers

3.6
- PCRE is now a required dependency of syslog-ng.
- Threaded mode is now enabled by default.

3.5
- Multi-line support
- STOMP destination
- Redis destination
- Template type hinting
- Template options honored everywhere
- Support for unit suffixes in the configuration
- The Incubator project

3.4
- New plugins: AMQP & SMTP destinations, JSON parser.
- New parsers for patterndb: HOSTNAME, EMAIL, PCRE and LLADDR.
- It is now possible to control what db-parser() sees as its input
  via it's new template() option.
- value-pairs() gained support for programmatically
  rewriting key names in bulk, via the rekey() method.
- The network() driver is introduced, unifying and extending
  tcp(), udp(), syslog(), unix-dgram() and
  unix-stream(). The old drivers are still available, but
- Support for junctions & channels were added, which improve
  the flexibility of the syslog-ng configuration language.

3.3
- multi-core/CPU scaling: the new multi-threaded architecture allows
  syslog-ng to scale into the 800k msg/sec region.
- MongoDB support: using MongoDB instead of SQL is faster and
  allows better representation of log data.
- JSON support: using the $(format-json) template function it is
  now possible to construct JSON (JavaScript Object Notation)
  output for log messages.
- A number of enhancements all over the place: SQL, patterndb.
- The default ports have changed. syslog-ng is using the standard
2015-10-29 16:34:13 +00:00
jperkin
45bc40abb4 Remove example rc.d scripts from PLISTs.
These are now handled dynamically if INIT_SYSTEM is set to "rc.d", or
ignored otherwise.
2014-03-11 14:04:57 +00:00
tron
c64e9eb269 Recursive PKGREVISION bump for OpenSSL API version bump. 2014-02-12 23:18:26 +00:00
jperkin
becd113253 PKGREVISION bumps for the security/openssl 1.0.1d update. 2013-02-06 23:20:50 +00:00
asau
54c5cd959e Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-23 19:50:50 +00:00
obache
c38c120ee5 recursive bump from libffi shlib major bump
(additionaly, reset PKGREVISION of qt4-* sub packages from base qt4 update)
2012-09-15 10:03:29 +00:00
wiz
ee311e3b36 Recursive bump for pcre-8.30* (shlib major change) 2012-03-03 00:11:51 +00:00
bouyer
412368b82b Make SunOS use sun-streams, from Stephan Tesch in PR pkg/45806 2012-02-18 21:03:21 +00:00
wiz
fb1a8e5414 Revbump for
a) tiff update to 4.0 (shlib major change)
b) glib2 update 2.30.2 (adds libffi dependency to buildlink3.mk)

Enjoy.
2012-02-06 12:41:29 +00:00
obache
51921ad5cb Require openssl>=0.9.8 for afsocket-tls module.
fixes PR pkg/45419
2011-10-14 10:52:42 +00:00
obache
721d82152e Some fixes and improvements:
* Using libtool.
* fixes configure option for pidfile.
* tell sysconfigdir to configure.
* syslog2ng is using awk, add runtime dependency on awk and fix shebang.
* and let not to patch hard-coded uname path for NetBSD specific.
* VARBASE is used for various directory, set to BUILDE_DEFS.
* remove distractions from PLIST, libtoolized shlib files and an empty line.
  PR pkg/45419
* fixes config file handling with CONF_FILES.
* require dbdir specified by --localstatedir.

Bump PKGREVISION.
2011-10-09 10:59:31 +00:00
bouyer
77defb9d67 Joerg pointed out that syslog-ng-${VER} is ${PKGNAME_NOREV}, so use
the later. No functionnal change.
2011-09-28 18:17:25 +00:00
bouyer
6a9a4a7280 Ops, can't use ${PKGNAME} as WRKSRC when PKGREVISION is not empty 2011-09-27 16:27:07 +00:00
bouyer
4e40e923b9 Honnour ${VARBASE} for localstatedir and pid file.
Bump PKGREVISION.
2011-09-27 16:21:22 +00:00
bouyer
042008de97 Update syslog-ng to 3.2.4 (from 1.6.2), OK agc@.
Changes for 3 years of work is too large to paste here ...
2011-09-21 19:33:09 +00:00
obache
3a15bdc712 * Set LICENSE=gnu-gpl-v2
* user-destdir support
2009-12-09 11:12:21 +00:00
adrianp
2ae6078ec7 Give up MAINTAINER 2009-07-17 18:00:13 +00:00
joerg
f0bbd1517d Remove @dirrm entries from PLISTs 2009-06-14 18:13:25 +00:00
joerg
f766025472 Requires flex. From PR 39772. 2008-10-28 15:08:01 +00:00
adrianp
718de5179b Update to 1.6.12
Some key changes:
        * configure.in: changed "source" to "." as the source command is a
        bashism, changed a couple of double equal signs to single ones,
        moved libol to the statically linked libs as AIX links to .a files
        dynamically unless static linking is explicitly requested
        * src/filters.c (do_filter_netmask): fixed negation for the
        netmask() filter
        * src/macros.c: added LEVEL_NUM and FACILITY_NUM macros
2008-10-25 10:26:43 +00:00
joerg
3d8ef5a52d Second round of explicit pax dependencies. As reminded by tnn@,
many packages used to use ${PAX}. Use the common way of directly calling
pax, it is created as tool after all.
2008-05-26 02:13:14 +00:00
wiz
8a5b10ea93 Update HOMEPAGES and MASTER_SITES; from Sergey Svishchev. 2007-12-02 13:04:06 +00:00
adrianp
fb1d7eda31 buildlink updates to handle the new libnet package structure
bump PKGREVISION
2007-02-18 18:46:11 +00:00
rillig
d7ff6c64b9 Fixed "test ==". 2006-10-14 02:03:50 +00:00
adrianp
877736293a Rename spoof option to syslogng-spoof
Use PKG_OPTIONS_LEGACY_OPTS to transition.
2006-05-16 22:54:08 +00:00
adrianp
5810e84e5c Syslog-ng tries to fill the gaps original syslogd's were lacking:
* powerful configurability
	* filtering based on message content
	* message integrity, message encryption (not yet implemented in 1.4.x)
	* portability
	* better network forwarding
2006-05-14 19:56:05 +00:00