1.4.7

• Allows downloading the configuration from a URI (provide the configuration path as --File )
• Allows passing multiple targets in the configuration JSON. Target is now an array and it accepts both a single item (for backward compatibility) and an array.

1.4.6

Added mechanism for reconnecting after disconnection. See #15

1.4.5

Fixed minor bugs when adding {properties} to sql strings in TSQLResponse

1.4.4

v1.4.4

New release

1.4.3

• Some fixes for filters on aggregated columns
• Added support for multiple To addresses in EmailResponse (separate with semicolon)

1.4.2

• Fixed #8
• Added command line switch to control log location
• Fixed order of output columns in CSV response
• Fixed issue with SmartFormat when using escape chars like ''

New TelegafAppender response type

• Added TelegrafAppenderResponse: writes to stdout line protocol data that can be used by telegraf execd plugin
• Signed setup kits with certificate
• Upgraded CommandLineParser to 2.8.0
• Added param --Quiet to suppress console output
• Added param --GlobalVairables to accept key/value pairs like key1=value1 key2=value2. These Global Variables can be used in json config files to replace the string $key with its value.
• Added param --NoLogo to suppress writing copyright information at startup

New Graylog response type

New Graylog response type by Andrew Wickham (@awickham10 )

1.3.0

In this release you can have multiple servers in the "ServerName" node of your JSON configuration file and each server will process the same Response configuration. In the attributes of each response you can use the {ServerName} placeholder to refer to the currently executing server.

Here is an example:

{
    "Target": {
        // use a list of servers
        "ServerName": ["(local)\\SQL2017","(local)\\SQLEXPRESS2016"],
        "SessionName": "login_audit",
        "FailOnProcessingError": false,
        "Responses": [
            {
                "__type": "TableAppenderResponse",
                // each server will refer to itself with the {ServerName} placeholder
                // this means that in this case each server will upload the event to itself
                "ServerName": "{ServerName}",
                "DatabaseName": "xedemo",
                "TableName": "loginaudit",
                "AutoCreateTargetTable": true,
                "UploadIntervalSeconds": 10,
                "Events": [
                    "login"
                ],
                "OutputColumns": [
                    "database_name",
                    "collection_time", 
                    "server_principal_name"
                ]
            }
        ]
    }
}

1.2.3.0

Fixes a bug when aggregating data on a GroupedTableAppenderResponse when one of the non aggregated columns is NULL. The old behavior was to match old and new data comparing with the "=" operator, but NULL is notoriously equal to nothing, so whenever NULL was present in one of the non aggregated columns, a new row with the same exact data was added to the target table. The new behavior is to match on
''' sql
(src.column = dest.column OR ( src.column IS NULL AND dest.column IS NULL ))
'''