Skip to content

0.2.4
Compare
Choose a tag to compare
@BenB196 BenB196 released this 14 Apr 01:19
· 66 commits to master since this release
v0.2.4
5650d9c
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

This update contains breaking changes to the configuration and potentially schema

Schema Changes:

  • The event value "Shared", is now a boolean instead of a string
    • (Only affects default output and half output)

Changes:

  • Reworked how IP-API settings work
    • Settings are no longer per FFS Query, instead it is on global setting
  • Refactored a lot of the code to improve performance as well as maintainability.
  • Panics are now thrown on config validation.
    • While this isn't pretty, until I get around to better validation, this will at least tell you where errors in config exist.

Fixes:

  • Fixed an issue where inProgressQueries was not being properly updated, and could result in the incorrect inProgressQueries being saved.

Enhancements:

  • Added the ability to have a local cache for IP-API
    • This reduces the total time it takes to enrich events with IP-API data, it is recommended that this be enabled in the config.
  • Added the ability to rate limit the max concurrent queries for each FFS Query
    • This can be achieved by adding the config option "max_concurrent_queries" under each FFS Query config
      • Default: 5
      • Setting to 0 disables the FFS Query from running
      • Setting to -1 disables the rate limiting for the FFS Query
  • Added the ability to load balance multiple Logstash (TCP) and Elasticsearch hosts
    • Note: This is very simple Random Loadbalancer with no real logic behind it, this will be enhanced in a future release

Vendoring:

  • Updated crashplan-ffs-go-pkg to v0.1.6
    • Includes performance improvements
  • Updated github.com/olivere/elastic/v7 to v7.0.14
Assets 4
Loading