TA-unix/docs/ReleaseNotes.md

# Technical Add-on for Unix and Linux

## Version 10.0.0.1 (2025-02-19)

Fix report CPU_TYPE in hardware.sh for RPIs

Changes:

* For CPU_TYPE in hardware.sh, report something if /proc/cpuinfo does not
  contain processor model information

## Version 10.0.0.0 (2025-02-05)

Merge in Splunk Add-On for Unix and Linux version 10.0.0

## Version 9.2.0.13 (2025-02-03)

Fix alignment and fix packages for Arch Linux

Changes:

* Align columns with "column -t"
* Add Arch Linux support in packages.sh

## Version 9.2.0.12 (2025-01-25)

Add Version to update.sh for Darwin

Changes:

* Add version to update.sh for Darwin

## Version 9.2.0.11 (2025-01-25)

Fix Darwin Scripts and Document Sudo

Changes:

* Use sudo in service.sh for Darwin to find user services if not running as root
* Fix parsing the output of softwareupdate command on Darwin in update.sh
* Better document usage of sudo in docs/Sudo.md

## Version 9.2.0.10 (2025-01-25)

Fix OpenBSD Support and Other Bugs

Changes:

* Fix OpenBSD cpu.sh output to match others
* Fix OpenBSD df.sh output (no need for %% here)
* Do not use sudo or doas when running as root
* Use #!/usr/bin/env bash to support OpenBSD in run_nix_ta_commands
* Fix rsyslog example to trim whitespace in run_nix_ta_commands
* Add /usr/local/sbin:/usr/local/bin to PATH in run_nix_ta_commands
* Fix getting hour and minute for OpenBSD in run_nix_ta_commands
  "08" shows up to printf as octal
* Support difference in OpenBSD logger command:
  Requires modifying /etc/syslog.conf and setting facility in /etc/nix_ta.conf

## Version 9.2.0.9 (2025-01-25)

Support OpenBSD

Changes:

* Add OpenBSD support to the scripts
* Fix sysctl usage for FreeBSD in a couple places

## Version 9.2.0.8 (2025-01-23)

Fix df.sh and df_metric.sh

Changes:

* Fix Linux when df outputs a "-"
* Exclude efivars partitions for Linux
* Fix the output on Darwin to match Linux output

## Version 9.2.0.7 (2025-01-20)

Fix run_nix_ta_commands script

Changes:

* Make run_nix_ta_commands (in extra) use /etc/nix_ta.conf for its settings
  instead of hard-coding them in the script

## Version 9.2.0.6 (2025-01-17)

Fix docker script and props

Changes:

* Fix output for docker script (handle lines that didn't have values)
* Fix props.conf LINE_BREAKER for docker

## Version 9.2.0.5 (2025-01-11)

Add script for docker events/metrics and support running TA outside of Splunk

Changes:

* Add docker.sh and docker_metric.sh for collecting docker events/metrics
* Add helper script to extra/ to run the TA commands on systems without
  a Splunk forwarder. The commands can be sent to a syslog server.
  This script is useful for systems with small or read-only filesystems that
  cannot support a Universal Forwarder.
* Add syslog_inputs_nix_ta app to extra/ for ingesting the data from syslog

## Version 9.2.0.4 (2025-01-11)

Make distro_name work everywhere

Changes:

* For MacOS, print MacOS for distro_name
* For others, print $KERNEL for distro_name

## Version 9.2.0.3 (2025-01-11)

Fix bug in 9.2.0.2

Changes:

* Add code I forgot for machine_arch for Linux
* Add Makefile to make making releases easier

## Version 9.2.0.2 (2025-01-11)

Improvements for version.sh

Changes:

* Include kernel_release, kernel_version, and distro_name
* For Linux and MacOS, use actual OS versions/releases instead of
  kernel version/release

## Version 9.2.0.1 (2025-01-09)

Initial fork of the Splunk Add-on for Unix and Linux

Changes:

* Use ip command to determine IP address
  ('hostname -I' does not work on all Linux systems)
* Filter out multiple listing of the same btrfs volume
* Use mktemp for temp files (for times when the TA may be run outside of Splunk)
* If running rlog.sh outside of Splunk, use $HOME to store seek file
* Debian also uses apt
* Arch Linux uses pacman
* Add use of sudo -n for 'apt update' and 'pacman -Syy'
* vmstat uses "K paged out"
* Replace the use of 'sar' with netstat and vm_stat for MacOS