Engine: When using TLS Mode x509/Name, permitted peers will also checked against the certificate Subject Alternative Name (SAN) now.
EventLog Monitor V2: Added new Option “Wait time after action failure” which specifies the wait time after an action error occurred. Without the wait time, the subscription would immediately hit again. It is most likely that the action failure was caused by network problems, so a wait time of (default value) 15 seconds is a reasonable default.
Added wait time doubling option for the Diskqueue feature. When enabled, the configured wait time will be doubled until the doubling limit is reached.
Added random wait time delay option for the Diskqueue feature. When enabled, a random wait time (up to the configured maximum) will be added to the configured wait time.
Added Overrun prevention delay option for the Diskqueue feature. When enabled, the action will sleep for the configured delay between each syslog message.
Services TestMode: Added a testmode for Services, currently EventLog Monitor V1 & V2 and File Monitor are supported. When enabling the testmode for a certain service, it will process it’s Events/Files over and over again. So only use this setting for testing purpose.
File Based Configuration: Added support for file includes. The feature can be enabled by setting one or both options in the Client Options called “Create individual configuration files for Services” and “Create individual configuration files for RuleSets”. When enabled, the configuration client will split Services and/or Rulesets into separated files. The main configuration file will include these files by a pattern. The Service itself is able to read includes within includes up to a depth level to 10. When using custom (hand written) configuration with includes, the configuration client will only be able to read them. However the client will not be able to maintain (Save) the custom configuration structure.
Command line: Added handler for CTRL+C when running the Service in console mode
EventLog Monitor V2: When using the subscription method (Default), Events could get lost when an action failed to process. Action error handling has been corrected now and works similar like in EventLog Monitor V1.
File Action: When using Custom Format, a trailing NULL Byte was written into the file. This was considered a bug, so the NULL Byte is not written anymore.
Fixed an issue when diskqueue files were corrupt. Now corrupted entries are skipped properly.
In some cases when the Action was in diskqueue mode, it could happen that the internal retry failed. Cached syslog messages wouldn’t be send until the service restart.
SSL/TLS: Actions with support for SSL/TLS (like Send Syslog Action) could fail to send messages if the recipient closed the connection during meantime. The handling of closed connections has been hardened now when TLS/SSL is enabled.
Command line: Fixed handling when using more than one command line option
File Based Configuration:
Fixed a bug reading general options from File configuration.
Fixed an issue reading and writing into correct data directories when using custom locations.
Fixed an issue detecting if data state files need to be reloaded.
Fixed problem reading of Rule and ActionCount properly introduced due changes in the configuration client of build 456.
Better error handling when configfile is missing or not accessible.
When deleting an item in a datagrid, the Confirm/reset Button become clickable now to save or reset the changes.
Fixed timestamp for “EventLog Legacy Format” INSERT
Fixed invisible encryption checkbox for password fields (Like ODBC Action)
Fixed an issue of unwanted LastRecord saving when changing eventlog channels settings.
The little “Save” Button has been changed to a “Confirm” which is more precisely.
Corrected Min/Max values for General->Queue Limit Setting.
Removed invisible click areas for all checkboxes and radio buttons.
Changed error handling when exporting configuration in file format.
Fixed incorrect trimming of spaces at the end of text variables (problem only affected file based configurations)