Changelog for version 3.3.8#

Released Apr 2 2020#

Backend Changes#

  • Fix security issue around handling of websockets on logout.

    • If user logged out and logged in as a different user without refreshing the page, the new user could execute searches as the old user.

  • Fixed crash in winlog module on badly misformed Windows event logs (a single angle bracket)

  • Added support for the Binary field in the winlog module.

  • AX module is now less strict about quoting on e.g. IP addresses.

  • Fixed bug where count by TAG | table wasn’t including TAG column.

Ingester Changes#

  • Added forwarder preprocessor, which can send entries out to another system via raw TCP or syslog before sending them on to the indexer.

  • Added regexextractor preprocessor, which can use regular expressions to re-format an entry before ingestion.

  • Integrated preprocessor support in Federator, Kafka, File Follower, and CollectD ingesters.

  • Big overhaul on Windows Event ingester installer – improved upgrade path.

  • Fixed multiple bugs in Windows Event & File Follow ingesters around stalling and deadlocks.