1.7 2008-08-28 FEATURES - added interactive docs plots to sweb (see sweb/help.html#Plots) - plot with gnuplot instead of R (reduces install and run overhead) - added ability to capture relevance feedback for viewed messages - added bruteforce but customizable message templating - factor to color terms by can now be set via SWEB_TERMS_SORT - added security filter so users can only see their allowed hosts FIXES - sstats now correctly handles matricies with indexes > ULONG_MAX - dependencies reduced, and better checked by configure - sloghound made more robust 1.6 2008-04-14 FEATURES - term query output now includes count per nodehour (handy access to time and node rate of occurrence; segrep) - rows of matching stats are visually grouped (indicating co-occurring terms or templates; sweb) - table headers no longer scroll with table data (sweb) - consolidated term configurations, adding the ability to specify "alert" terms (which can be queried for in sweb with a single click; termconf) - improved memory handling, enabling analysis of larger log sets (sstats) FIXES - more robust importing of large log sets (syslogs2docs) 1.5 2007-09-10 FEATURES - drastically reduced compute time and memory requirements by replacing R calculations with a standalone C program (sstats) 1.4 2007-08-13 FEATURES - drastically increased word-based query performance and capability via index-based search including regexps - increased time-based query performance - added many convenience links in terms frame - decreased memory footprint of R calculations - added autoconf and Debian packaging - improved man pages and added examples directory - improved command line useability FIXES - reduced liklihood of sweb errors due to incomplete stats files - updated usage lines and man pages 1.3 2007-02-19 FIXES - sweb sort didn't obey scientific notation (it has now been eliminated because it keeps the underlying unix sort faster, and seems good for human readability too) - vct used to give empty output if PROG_PID_POS was not set in sisyphus.conf (now it has a default value of 1) - index_merger used to require -s to work properly (now it has a default value of 2) - sprep -months used to not work correctly FEATURES - memory and cpu requirements are significantly reduced during factor aggregations (eg during host and time information calculations) - splot(url=sweb) will use firefox instead of xterm to display colorized logs (see "?splot" at the R prompt for more info) - syslogs2docs -groups will divide logs into separate SISYPHUS_DATA groups, to enable grouping by similar-function-hosts - syslogs2docs -incr can be used to incrementally import data - added documentation on how to ignore terms via index_merger -I - sprep stderr/stdout cleaned up for better use in cron 1.2 2006-11-28 FIXES - fixed bug which caused the sweb message templates frame to not work (genrex was not being installed properly) - fixed bug which caused the term support CDF plot in SummaryPlots.pdf to be incorrect (corpus.terms-{unsup,ignored} are now generated correctly) - fixed bug which caused sweb terms frame to not work if terms longer than ~400 chars are present (changed SparseInfo/R/write.terms.R) FEATURES - added functionality to ignore words based on regular expressions (can prune from the index using index_merger -I) 1.1 2006-11-11 - addition of web interface (sweb) and MANY bug fixes and functionality improvements 1.0.1 patch from nathan dauchy (muchas gracias!): - added capability merge top n regexps in genrex - slctify can be given more than one file, and prunes out log lines with empty msg section - added more info to INSTALL changed syslogs2docs to not die due to too many open files 1.0 added term/doc information stuff (indexer, SparseM, etc...) 0.9 initial release, message template capabilities only