OSSEC 3.5.0

Release Maintainers

Dan Parriott
Scott R. Shinn (http://www.atomicorp.com)
Dominik Lisiak

Contributors on this release

(@atomicturtle) Scott Shinn – Maintainer
(@ddpbsd) Dan Parriot – Maintainer
(@drsjb80) Steve Beaty – Community
(@sempervictus) Boris Lukashev – Community

Release notes:

This would have been a minor 3.4.1 update if it wasnt for Boris Lukashev of https://www.sempervictus.com
contributing a much needed update to multi-line log analysis. Previous usage of multi-line in OSSEC in
the past was limited in processing events that did not use indentiation, a fairly common modern practice
for readability. This update adds a new type: multi-line_indented to handle this condition (Example: postgresql).

Maintenance fixes in this release also address issue #1781, which affected maild when calling an external program, and add support for Fedora 31

Whats New:

(@atomicturtle) – Fedora 31 Support
(@sempervictus) – Implement multi-line collection for indented logs #1780
(@drsjb80) – Added authentication log file location for debian-based systems #1784
General

(@ddpbsd) – Fix for Issue #1781, corrects issues with program sending mail