Release 2021_003 (2021-02-01)

Impact

• [NixOS 20.09] Graylog will be restarted and be unavailable for some minutes. Changing the log shipping method may drop some messages.

NixOS 20.09 platform

• Logging: ship structured log data from the journal to loghost/graylog instead of using the limited Syslog format. It provides more metadata about log events and preserves multiline messages from the journal. Syslog via UDP 514 is now forwarded to the journal except for HAProxy. HAProxy isn’t forwarded to Graylog anymore and only logs to /var/log/haproxy.log. /var/log/messages is no longer used. (#PL-128336).

• Graylog: make telegraf metrics collection work for all nodes in a cluster (#PL-129455).

• Webgateway/Nginx: do not remove Accept-Encoding header in recommended proxy settings which are enabled by default. This allows backends to send already compressed content, for example (#PL-129611).

• Provide further upgrades to modsecurity to ensure stability when using the OWASP core rules (PL-129610).

Detailed Changes

• NixOS 20.09: platform code