V2.2.0 (2020-12-18)
===================

* Changes:
  * Added Dockerfile
  * Addes checks for acl of persistency directory
  * Added VariableCorrelationDetector
  * Added tool for managing multiple persistency files
  * Added supress-list for output
  * Added suspend-mode to remote-control
  * Added requirements.txt
  * Extended documentation
  * Extended yaml-configuration-support
  * Standardize command line parameters
  * Removed --Forground cli parameter
  * Fixed Security warnings by removing functions that allow race-condition
  * Refactoring
  * Ethical correct naming of variables
  * Enhanced testing
  * Added statistic outputs
  * Enhanced status info output
  * Changed global learn_mode behavior
  * Added RemoteControlSocket to yaml-config
  * Reimplemented the default mailnotificationhandler
* Bugfixes:
  * Fixed typos in documentation
  * Fixed issue with the AtomFilter in the yaml-config
  * Fixed order of ETD in yaml-config
  * Fixed various issues in persistency

V2.1.0 (2020-11-05)
===================

* Changes:
  * Added VariableTypeDetector,EventTypeDetector and EventCorrelationDetector
  * Added support for unclean format strings in the DateTimeModelElement
  * Added timezones to the DateTimeModelElement
  * Enhanced ApacheAccessModel
  * Yamlconfig: added support for kafka stream
  * Removed cpu limit configuration
  * Various refactoring
  * Yamlconfig: added support for more detectors
  * Added new command-line-parameters
  * Renamed executables to aminer.py and aminerremotecontroly.py
  * Run Aminer in forgroundd-mode per default
  * Added various unit-tests
  * Improved yamlconfig and checks
  * Added start-config for parser to yamlconfig
  * Renamed config templates
  * Removed imports from init.py for better modularity
  * Created AnalysisComponentsPerformanceTests for the EventTypeDetector
  * Extended demo-config
  * Renamed whitelist to allowlist
  * Added warnings for non-existent resources
  * Changed default of auto_include_flag to false
* Bugfixes:
  * Fixed some exit() in forks
  * Fixed debian files
  * Fixed JSON output of the AffectedLogAtomValues in all detectors
  * Fixed normal output of the NewMatchPathValueDetector
  * Fixed reoccuring alerting in MissingMatchPathValueDetector

V2.0.2 (2020-07-17)
===================

* Changes:
  * Added help parameters
  * Added help-screen
  * Added version parameter
  * Adden path and value filter
  * Change time model of ApacheAccessModel for arbitrary time zones
  * Update link to documentation
  * Added SECURITY.md
  * Refactoring
  * Updated man-page
  * Added unit-tests for loadYamlconfig
* Bugfixes:
  * Fixed header comment type in schema file
  * Fix debian files


V2.0.1 (2020-06-24)
===================

* Changes:
  * Updated documentation
  * Updated testcases
  * Updated demos
  * Updated debian files
  * Added copyright headers
  * Added executable bit to AMiner
  

V2.0.0 (2020-05-29):
====================

* Changes:
  * Updated documentation
  * Added functions getNameByComponent and getIdByComponent to
    AnalysisChild.py
  * Update DefaultMailNotificationEventHandler.py to python3
  * Extended AMinerRemoteControl
  * Added support for configuration in yaml format
  * Refactoring
  * Added KafkaEventHandler
  * Added JsonConverterHandler
  * Added NewMatchIdValueComboDetector
  * Enabled multiple default timestamp paths
  * Added debug feature ParserCount
  * Added unit and integration tests
  * Added installer script
  * Added VerboseUnparsedHandler
* Bugfixes including:
  * Fixed dependencies in Debian packaging
  * Fixed typo in various analysis components
  * Fixed import of ModelElementInterface in various parsing components
  * Fixed issues with byte/string comparison
  * Fixed issue in DecimalIntegerValueModelElement, when parsing
    integer including sign and padding character
  * Fixed unnecessary long blocking time in SimpleMultisourceAtomSync
  * Changed minum matchLen in DelimitedDataModelElement to 1 byte
  * Fixed timezone offset in ModuloTimeMatchRule
  * Minor bugfixes


V1.0.0 (2018-10-02):
====================

* Changes:
  * Ported code to Python 3
  * Code cleanup using pylint
  * Added util/JsonUtil.py to encode byte strings for storing them as json objects
  * Added docs/development-procedures.txt which documents development procedures
* Features:
  * New MissingMatchPathListValueDetector to detect stream interuption
  * Added parsing support for kernel IP layer martian package messages
  * Systemd parsing of apt invocation messages.
* Bugfixes:
  * AnalysisChild: handle remote control client connection errors correctly
  * Various bugfixes

V0.0.8 (2017-05-30):
====================

* New features:
  * Base64StringModelElement for parsing of base64 strings
  * DecimalFloatValueModelElement for parsing of floats
  * AnalysisChild full asynchronous remote control connection
    handling
  * MissingMatchPathValueDetector realerting support added
  * StringRegexMatchRule for matching parsed data using regex
  * EnhancedNewMatchPathValueComboDetector added for more complex
    value combination detection providing transformation, annotation,
    features ...
* Changes:
  * Various bugfixes
  * Code cleanup using pylint

V0.0.7 (2017-01-09):
====================

* New features:
  * Datetime parsing reimplemented in DateTimeModelElement to
    fix various shortcomings of strptime in Python and libc.
  * ElementValueBranchModelElement added to support conditional
    branching.
  * DebugHistoryMatchRule added: keep history of matched LogAtoms.
  * Unix socket input support: improved logdata reading now also
    supporting connects to UNIX server sockets for reading.
* Changes:
  * Restructured AMinerUtils and utils package.


V0.0.6 (2016-11-04):
====================

* New features:
  * Added "LogAtom" and "AtomHandlerInterface" to pass data from
    -IO-layer to upper layers consistently.
  * Added TimestampsUnsortedDetector.py to fail (exit) when data
    is not properly sorted.
  * Added SimpleMultisourceAtomSync.py to merge LogAtoms read
    from parallel streams, e.g. from multiple logfiles.
* Bugfixes:
  * Logic flaw in logfile rollover handling, selecting on bad fd.
  * Unassigned, reused variable caused same logfile to be opened
    more than once.

V0.0.5 (2016-10-11):
====================

* New features:
  * Added helper class for parser matching process debugging.
  * Added interface to ease detector state updates after triggering
    an event.
  * Added minimal model for parsing Tomcat start/stop syslog messages.
  * Added support for logfile reading continuation after shutdown,
    alternative lowlevel data stream splitting tools (atomizers).
* Bugfixes:
  * Fixed file descriptor leak in PersistenceUtil.py on store.


V0.0.4 (2016-08-26):
====================

* New features:
  * NewMatchPathValueComboDetector: Detect new combination of
    values for list of data pathes, e.g. for link analysis.
  * ParsedAtomFilterMatchAction: Forward data to specific handlers
    when rules match.
  * VolatileLogarithmicBackoffEventHistory: Added unique EventId
  * Pass event source reference to event handlers to allow query/change
    of source parameters when handling the event.
  * Generic logdata parsing model improvements
  * Added new rule types: ValueDependentDelegatedMatchRule and
    ValueDependentModuloTimeMatchRule
* Bugfixes:
  * Packaging: unowned directory after purge, see
    https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832347
  * DefaultMailNotificationEventHandler: cleanup of old sendmail
    process instances not working
  * EventGenerationMatchAction: wrong method name, class field access


V0.0.3 (2016-07-21):
====================

* Backport of changes from Debian ITP process review, see
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813096
* Handle rollover from one logfile to the next more graceful.
* New features:
  * Added support for multiple parallel timescales in component
    trigger timing, e.g. real-time and forensic-time.
  * Added MissingMatchPathValueDetector to detect when data values
    were not reported for an extended period of time.
  * Added VolatileLogarithmicBackoffEventHistory to keep data
    of limited number of events in memory for automated processing.
  * AMinerRemoteControl: Added "--ExecFile" parameter to execute
    commands from file, "--StringResponse" for direct output.
* Bugfixes:
  * debian/postinst: disable service start when not already enabled
    using standard methods debian/rules and debian/postinst.


V0.0.2 (2016-05-12):
====================

* Added remote control support, command line tool for sending
  commands.
* Added AnalysisContext as registry for analysis components and
  access point for remote control.
* Added component to write events to syslog (read component documentation
  for CAVEATs)
* Package structure fixes from Debian mentoring procedure
* Bugfixes:
  * ModuloTimeMatchRule: time object path was ignored on error
  * Indent-formatting repaired, single-line mode added


V0.0.1 (2016-04-07):
====================

* Bugfixes
* Minor feature improvements (options)
* New features:
  * MultiLocaleDateTimeModelElement: decode timestamps not encoded
    using local system language or byte encoding.
  * ParsedAtomFilters: filter received atoms and filter to other handlers
  * TimestampCorrectionFilters: Correct timestamps from broken
    sources to have monotonic time.

V0.0.0 (2016-03-04):
====================

Initial Release Features:

* Common parsing model elements available: fixed strings, numbers,
  IP addresses, date-time fields, delimited fields, fixed alphabet
   fields, ...
* Common parsing model structural elements: sequences, branches,
  repeated elements, optional elements.
* Stream and file reading, splitting into lines.
* Operating system integration: privileged parent process forwarding
  file descriptors to analysis child.
* Reopening of log files using open/fstat loop.
* Functionality for state persistence handling between restarts.
* Analysis components:
  * NewMatchPathDetector: generate events when new match path
    is detected.
  * HistogramAnalysis: generate complete and path-dependent histograms
    for given properties.
  * MatchValueQueueSplitter: split input from e.g. one parser
    and forward it to different analyzers depending on match values.
  * AllowlistViolationDetector: ignore log data that is allowlisted
    at least by single rule (logcheck equivalent behaviour)
  * TimeCorrelationViolationDetector: check if usually correlated
    loglines are really found both.
