v1.7.0

v1.7.0

Date	2023-10-10
Kind	FEATURE release
Author	[email protected], [email protected]

• Features
  • Allowing the configuration of the HTTPFORMATTYPE, which controls the building of payloads for aggregated HTTP requests (click here for additional information)
  • Allow adjustment of the "INPUT QUEUE SIZE" threshold (--inputqueuesize) in order to handle huge API pages and fast API output
  • New feed for EAA: Directory Health (dirhealth) to fetch health details for configured directories wihtin EAA
• Minor improvements
  • Added additional checking in the auto installer
  • [docker] bumped python version to "3.12.0"
  • [docker] bumped GC-LOGS version to "0.0.2(beta)", now supporting credentials in ENV VARS
  • [docker] bumped CLI-EAA to "0.6.2"
  • [docker] bumped CLI-ETP version to "0.4.4" - fixed a bug in output ordering + empty response handling.
  • "get_uls.sh" now allows selection of OS package installation rather than pip3. See for more information
• Housekeeping
  • DocFix Readme.md (thx @ihommani)
  • Increased default input_queue_size from 10000 to 15000 to avoid race conditions when an API is answering very fast

v1.6.6

Date	2023-08-23
Kind	Minor release
Author	[email protected], [email protected]

• Features
  • Added '--httpliveness' to disable HTTP(S) OPTIONS request for liveness checking
  • Added new feed for ETP: Network traffic connections details (netcon) [Requires CLI-ETP >= 0.4.2]
• Minor improvements
  • DOC Fix for manual CLI installation
  • [docker] bumped CLI-EAA version to "0.5.9"
  • [docker] bumped CLI-ETP version to "0.4.2"
• Housekeeping
  • Updated the ETP Links from developer.akamai.com to techdocs.akamai.com
  • Added "docker file liniting" into test scripts

v1.6.5

v1.6.5

Date	2023-07-28
Kind	Minor release
Author	[email protected]

• Minor improvements
  • Allow manipulation of the TCP & UDP output format (--tcpudpformat / ULS_TCPUDP_FORMAT).
  • [docker] bumped source image to 3.11.4-slim-bookworm (new debian release)

v1.6.4

v1.6.4

Date	2023-05-02
Kind	Minor release
Author	[email protected]

• Minor improvements
  • Updated docs to clarify the required timestamp format (undefined --> epoch time in seconds)
  • [docker] bumped CLI-EAA version to "0.5.7"
  • [docker] bumped python version to 3.11.3
  • [docker] bumped CLI-GC version to "v0.0.1(beta)"
  • [docker] bumped CLI-MFA version to 0.1.1
• Bugfix
  • --endtime <value> didn't cause ULS to eventually stop ops. This is now fixed.
  • improved container detection (only cosmetic improvement)

v1.6.3

v1.6.3

Date	2022-11-29
Kind	Minor release
Author	[email protected]

• Minor improvements
  • Introduced '--httpaggregate' / 'ULS_HTTP_AGGREGATE' option to allow easier management of the HTTP(S) aggregation function
  • fixed concatenation issue on HTTP (multi-event bundle)
  • [docker] bumped CLI-ETP version to 0.4.0 (future api support fix)
  • [docker] bumped python version to 3.11.0
  • fixed a bug in the "file output handler" - reported in issue#35
  • fixed a bug in the "get_uls.sh" script which stated the wrong error message when pip was not found
  • minor fix to properly detect "podman" as docker alternative
  • Amendend installation steps for Guardicore and Linode log-fetcher(s)

v1.6.2

v1.6.2

Date	2022-10
Kind	Minor release
Author	[email protected]

• Minor improvements
  • Bumped EAA CLI to version 0.5.1 (additional SIEM fields - EAA release 2022.02)
  • Amended FAQ to handle self-signed certificates alongside Guardicore
  • Added installation ID ("random string" + "current date YMD" + "first installed version") to support debugging process
  • fixed a bug in the Dockerfile that left uls/var unusable
• Housekeeping
  • fixed some bugs in testing (false negative) & speeded up testing process

v1.6.1

v1.6.1

Date	2022-09
Kind	BUGFIX release
Author	[email protected]

• Minor improvements
  • Dropped CLI installation verification for CLI's not used by ULS
• Housekeeping
  • Added parallel testing processes to speed up testing (see Testing Readme)
  • added randomization tokens for "mocked" edgerc file (to avoid race condition in prallel testing)

v1.6.0

v1.6.0

Date	2022-09
Kind	Feature release
Author	[email protected]

• Features

  • Support for Akamai Guardicore Segmentation (experimental)
    • Available feeds: netlog, incident, agent, system
      Please ensure to update your .edgerc file for GC usage
  • Support for Akamai Linode Cloud (experimental)
    • Available feed: audit
      Please ensure to update your .edgerc file for GC usage

• Minor improvements

  • ULS Install Script allows fully working ULS installation via a single script
  • ULS Updater helps to maintain a proper updated version of ULS + Modules
  • Amended Command Line Usage documentation on how to use the installer / updater
  • bumped python container (docker) to version 3.10.7
  • bumped ETP-CLI version to 0.3.9 which should massively reduce the fetch lag
  • Added documentation to explain high availability options for ULS

v1.5.1

v1.5.1

Date	2022-08
Kind	BUGFIX release
Author	[email protected]

• Bugfix
  • Use cli-eaa version 0.5.0.2 fixing a timezone issue on the EAA ADMIN feed

v1.5.0

v1.5.0

Date	2022-07
Kind	FEATURE release
Author	[email protected], [email protected]

• Performance improvements
  • Rework to handle large number of events (100k+ per minute) and fail safe
    when the Output can't cope with the pace of incoming events.
  • New parameters in bin/config/global_config.py:
    • If your output is slower than incoming events,
      ULS can buffer input_queue_size events. If buffer gets full, ULS will stop with an error message.
    • HTTP output can now aggregate messages, two options:
      • output_http_aggregate_count
      • output_http_aggregate_idle
• Minor improvements
  • new attributes in monitoring output:
    • event_ingested_interval # events read from CLI input
    • event_bytes_interval # total size in bytes processed
• Housekeeping
  • Documented missing dependencies in test/README.md