Releases: threathunters-io/laurel
Releases · threathunters-io/laurel
Release v0.3.0
- Feature: Process label feature
- Add fields (comm, exe, ID) to PROCESS_INFO
- Periodic status reports to syslog
- Parser bugfixes
- Add logo provided by Birgit Meyer
Release v0.2.2
Various fixes to parser and coalesce logic
Release v0.2.1
- Fix for wrong Syslog for error messages
Release v0.2.0
- Impement translation of numeric/binary values equivalent to auditd
log_format=ENRICHED - Deal with input streams without EOE messages
- Provide a library crate
- Reimplement audit message parser using
nom
Release v0.1.5
Fix bug in process tracking implementation that could lead to an infinite loop and break logging
Release v0.1.4
- Log selected environment variables on execve
- SELinux policy
- Workarounds for irregularly formatted kernel/apparmor messages
Release v0.1.3
- Option to output EXECVE arguments as single string
- Valid UTF-8 sequences in strings are no longer percent-encoded
- Add
--dry-runswitch to only check the configuration file - Documentation imprrovements
Release v0.1.2
- parser: Properly recognize SELINUX AVC and netlabel messages
- parser: Process partially parseable lines
- Small error message and documentation improvements
Release v0.1.1
- Fix musl-libc-specific bug where syslog messages carried an empty name
- Documentation updates