Hi all,

psad-2.4.0 has been released:


Here is the complete ChangeLog:

    - Added support for reading syslog messages from journalctl on systems
      where syslog data is tied into systemd. psad detects journalctl by
      default, but this can be disabled via the AUTO_DETECT_JOURNALCTL
      variable. When enabled, by default the command executed by psad to
      acquire syslog data is '/bin/journalctl -f -k', but both the command
      path and the command args can be altered with the FW_MSG_READ_CMD and
      FW_MSG_READ_CMD_ARGS variables respectively.
    - Added support for systems with 'firewalld' by leveraging the
      'firewall-cmd' binary. This is done via the updated IPTables::Parse
      IPTables::ChainMgr modules.
    - Bug fix reported by Shlomit Afgin to handle the syslog time format
      looks like '2015-03-08T02:25:11.444012+02:00 servername kernel: ..'.
      This fix has also been extended to allow psad to handle custom time
      formats that are allowed by some syslog daemons. This is controlled
      two new config variables CUSTOM_SYSLOG_TS_RE and CUSTOM_SYSLOG_TS_RE.
    - Updated all module dependencies in the deps/ directory.
    - Bug fix reported by Brad Rubenstein to ensure exiting with a proper
      status in 'psad --HUP' mode. This was also extended to ensure better
      exit status returns in other modes as well such as --Status, and
      Fixes issue #11 on github.


Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the 
conversation now. http://goparallel.sourceforge.net/
psad-discuss mailing list

Reply via email to