Releases: splunk/splunk-connect-for-syslog
v3.42.0
3.42.0 (2026-04-09)
Features
- release 3.42.0 (#3007) (2c4e568), closes #3000 #2930 #2933 #2940 #2944 #2945 #2942 #2991 #2999 #2998 #3001 #3003 #3005 #3004 #2992 #2962 #3006
New Features
- Skill for parser creator -- Added AI agent skill that can be used to create parsers. (#2962)
Bug Fixes
- Fixed Arbor Netscout parser -- Fixed a filter rule in Arbor Netscout parser which was causing warnings on startup. (#3006)
Documentation
- Detailed parser documentation - Added a detailed documentation for Creating parsers in SC4S. (#2992)
Full Changelog: v3.41.0...v3.42.0
v3.41.0
3.41.0 (2026-03-31)
New Features
- SC4S Configuration Tool enhancements - Added input validation for HEC URL and token, numeric input validation, --help flag, file overwrite confirmation, hardware-based configuration mode with additional profiles, UDP input window size tuning, and default timezone configuration. (#2938)
Bug Fixes
- Fixed Netscout AED host extraction -- Added dynamic host extraction using deviceHostName for Netscout AED events to correctly populate the Splunk host field. (#2954)
- Fixed Thales Vormetric SDATA filter -- Narrowed the SDATA filter to match the PEN in the SD-ID only, preventing false matches against other data types. (#2967)
- Fixed Palo Alto system logs -- Fixed version displayed in the SC4S dashboard by displaying the last version used instead of the oldest one as was the case before. (#2970)
Documentation
- Splunk Monitoring Console health check documentation - Added documentation for configuring Splunk Monitoring Console health checks with SC4S. (#2963)
- SC4S configuration tool documentation - Added configuration tool documentation with mode descriptions, hardware profiles, and post-configuration steps (#2948)
Dependency Updates
Full Changelog: v3.40...v3.41.0
v3.40.0
3.40.0 (2026-02-24)
- release v3.40.0 (#2924) (4ba0149), closes #2877 #2880 #2881 #2883 #2878 #2886 #2887 #2891 #2888 #2890 #2879 #2893 #2897 #2895 #2898 #2905 #2907 #2908 #2894 #2899 #2906 #2896 #2910 #2914 #2913 #2909 #2916 #2920 #2921 #2922 #2923 #2926 #2927 #2821
New Features
-
Citrix NetScaler v14.1 RFC 5424 parser - Added a new parser supporting the RFC 5424-compliant log format introduced in Citrix NetScaler v14.1. (#2909)
-
Guardicore parser - Added Guardicore CEF parser. (#2907)
-
Debug log mode for Python parsers - Added a debug logging mode for the syslog-ng Python logger, along with improved LogMessage formatting to fix type errors in log output. (#2880)
-
Syslog PCAP sender test utility - Added a new
syslog_pcap_sendertool that extracts syslog payloads from PCAP captures and replays them over TCP or UDP to an SC4S instance, making it easier to reproduce and test real-world traffic scenarios. (#2894) -
Functional tests for SC4S features - Added a new suite of functional tests covering core SC4S capabilities. (#2896)
Bug Fixes
-
Fixed duplicate
--no-capsCLI option -- Resolved an issue where the--no-capsflag could be passed to syslog-ng twice, causing startup failures. (#2893, community fix by @Klaas-) -
Fixed TLS source configuration using wrong variables - TLS listener sources now correctly use TLS-specific configuration variables instead of referencing TCP variables. (#2899)
Documentation
- Rewritten documentation for Checkpoint Log Exporter configuration (#2881)
- Updated docs and the configuration tool with test results for the new syslog engine (#2890)
- Clarified config path for filtering events from output; fixed typos and punctuation (#2821, community contribution by @LeonardoMor)
- Updated documentation link imports and GitHub Pages deployment (#2895, #2898)
- Updated info bout Enterprise edition deprecation. (#2923)
Dependency Updates
- AxoSyslog (syslog engine):
4.21.0->4.22.0(#2877) - Updates for many other dependencies used...
