Skip to content

Update module github.com/elastic/go-libaudit to v2 - autoclosed

renovate requested to merge renovate/github.com-elastic-go-libaudit-2.x into master

This MR contains the following updates:

Package Type Update Change
github.com/elastic/go-libaudit require major v0.3.1-0.20180620154349-0c842c62c7c0 -> v2.3.2

Release Notes

elastic/go-libaudit

v2.3.2

Compare Source

Changed
  • Reduce allocations when converting bytes to strings for received messages. #​116 #​122

v2.3.1

Compare Source

Changed
  • Reduce heap allocations when parsing and enriching auditd events. #​111
Fixed
  • Fix change in behaviour that causes error when unmarshaling AuditStatus with a short buffer. #​110
  • Fix minimum AuditStatus length so that library can support kernels from 2.6.32. #​113 #​119
  • Fix parsing of audit rules where arguments are quoted (like file paths containing spaces). #​115

v2.3.0

Compare Source

Added
  • Add ECS mappings for more audit anomaly events. #​70
  • Add BacklogWaitTimeActual status field, which is available since Linux 5.9 #​93
  • Add ECS normalizations for TIME_ADJNTPVAL and TIME_INJOFFSET. #​98
  • Add support for exe filters in exclude rules (e.g. -a exclude,always -F exe=/bin/ls). #​97
Changed
  • Update syscall, arches, and audit msg type tables for Linux 5.16. #​96
  • Go 1.16 or newer is required because the project uses the embed package. #​104
  • Fixed error messages from AddRule() in the audit client. #​103
Removed
  • Removed support for resolving syscall numbers to names for the ia64 architecture. #​96

v2.2.0

Compare Source

[2.2.0]

Added
  • Add user and group mapping for ECS 1.8 compatibility #​86
Changed
  • Change ECS category of USER_START and USER_END messages to session. #​86

v2.1.0

Compare Source

Added
  • ECS 1.7 configuration categorization. #​80
Changed
  • Use ingress/egress instead of inbound/outbound for ECS 1.7. #​80

v2.0.2

Compare Source

Changed
  • Use ECS recommended values for network direction. #​75 #​76
Removed
  • Remove github.com/Sirupsen/logrus dependency from examples. #​73

v2.0.1

Compare Source

Changed
  • Fixed syscall lookup for ppc64 and ppc64le. #​71

v2.0.0

Compare Source

Added
  • Added SetImmutable to the audit client for marking the audit settings as immutable within the kernel. #​55 #​68
  • Added Vagrantfile for development ease. #​61
  • Added enrichment of arch, syscall, and sig to type=SECCOMP messages. #​64
  • Added support for big endian. #​48
Changed
  • Added semantic versioning support via go modules. #​61
  • Added ECS categorization support for events by record type and syscall. #​62
  • Fixed a typo in the action value associated with ROLE_REMOVE messages. #​65
  • Fixed a typo in the action value associated with ANOM_LINK messages. #​66
  • Fixed spelling of anomaly in aucoalesce package. #​67

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.

  • If you want to rebase/retry this MR, click this checkbox.

This MR has been generated by Renovate Bot.

Merge request reports