axoflow · fekete-robert · Aug 6, 2025 · Aug 6, 2025 · Aug 6, 2025 · Aug 6, 2025
diff --git a/config/_default/config.toml b/config/_default/config.toml
@@ -72,7 +72,7 @@ description = "Documentation for AxoSyslog, the scalable security data processor
   # The version number for the version of the docs represented in this doc set.
   # Used in the "version-banner" partial to display a version number for the 
   # current doc set.
-  version = "4.14.0"
+  version = "4.15.0"
   version_menu_canonicallinks = true
 
   # A link to latest version of the docs. Used in the "version-banner" partial to

diff --git a/...figuring-destinations-http-nonjava/reference-destination-http-nonjava/_index.md b/...figuring-destinations-http-nonjava/reference-destination-http-nonjava/_index.md
@@ -50,20 +50,21 @@ For details on how this option influences HTTP batch mode, see [http: Posting me
 
 *Description:* The body of the HTTP request, for example, `body("${ISODATE} ${MESSAGE}")`. You can use strings, macros, and template functions in the body. If not set, it will contain the message received from the source by default.
 
-
-
 ## body-prefix() {#https-options-body-prefix}
 
 |                  |        |
 | ---------------- | ------ |
-| Accepted values: | string |
+| Accepted values: | string or template |
 | Default:         | none   |
 
-*Description:* The string {{% param "product.abbrev" %}} puts at the beginning of the body of the HTTP request, before the log message. Available in {{% param "product.abbrev" %}} version 3.18 and later.
+Available in {{% param "product.abbrev" %}} version 3.18 and later.
 
-For details on how this option influences HTTP batch mode, see [http: Posting messages over HTTP without Java]({{< relref "/chapter-destinations/configuring-destinations-http-nonjava/_index.md" >}})
+*Description:* The string {{% param "product.abbrev" %}} puts at the beginning of the body of the HTTP request, before the log message. Starting with version 4.15, `body-prefix()` can include templates and macros as well. When using a template, note that:
 
+- Literal dollar signs (`$`) used in `body-prefix()` must be escaped like `$$`.
+- When using batching with a template, make sure to set the `worker-partition-key()` parameter appropriately to group similar messages together.
 
+For details on how this option influences HTTP batch mode, see [http: Posting messages over HTTP without Java]({{< relref "/chapter-destinations/configuring-destinations-http-nonjava/_index.md" >}})
 
 ## body-suffix() {#https-options-body-suffix}
 

diff --git a/...rces/configuring-sources-wildcard-file/reference-source-wildcard-file/_index.md b/...rces/configuring-sources-wildcard-file/reference-source-wildcard-file/_index.md
@@ -33,6 +33,24 @@ The `wildcard-file()` driver has the following options:
 
 {{% include-headless "chunk/option-source-encoding.md" %}}
 
+## exclude-pattern() {#source-wildcard-file-exclude-pattern}
+
+|          |                       |
+| -------- | --------------------- |
+| Type:    | filename without path |
+| Default: |                       |
+
+Available in {{< product >}} version 4.15 and later.
+
+*Description:* Can be used together with `filename-pattern()` to exclude some matching files. For example:
+
+```shell
+wildcard-file(
+  base-dir("<pathname>")
+  file-pattern("*.log");
+  exclude-pattern("*.?.log");
+);
+```
 
 ## filename-pattern() {#source-wildcard-file-file-pattern}
 

diff --git a/content/headless/chunk/grpc-authentication.md b/content/headless/chunk/grpc-authentication.md
@@ -13,6 +13,16 @@ The following authentication methods are available in the `auth()` block:
 
 [Application Default Credentials (ADC)](https://cloud.google.com/docs/authentication/application-default-credentials). This authentication method is only available for destinations.
 
+#### service-account-key()
+
+Available in {{< product >}} version 4.15 and later.
+
+Use the specified service account key for ADC authentication. File path must be the absolute path. For example:
+
+```shell
+auth(adc(service-account-key("absolute-path-to-key-file")))
+```
+
 ### alts() {#alts}
 
 [Application Layer Transport Security (ALTS)](https://grpc.io/docs/languages/cpp/alts/) is a simple to use authentication, only available within Google's infrastructure. It accepts the `target-service-account()` option, where you can list service accounts to match against when authenticating the server.

diff --git a/content/headless/chunk/option-gcp-cloud-auth.md b/content/headless/chunk/option-gcp-cloud-auth.md
@@ -18,6 +18,7 @@ Authenticate to a service account using Service Account Key-Based Authentication
 
 - When using the `google-pubsub()` destination, the `audience()` option is set to `https://pubsub.googleapis.com/google.pubsub.v1.Publisher`. Don't change it.
 - When using the `google-pubsub()-grpc` destination, you don't need to set the `audience()` option because the underlying gRPC API recognizes it automatically.
+- You cannot use `audience()` and `scope()` together.
 
 {{% /alert %}}
 
@@ -30,6 +31,33 @@ Authenticate to a service account using Service Account Key-Based Authentication
 
 Path to the service account key.
 
+##### scope()
+
+|                  |                  |
+| ---------------- | ---------------- |
+| Type: | string |
+| Default:         |  |
+
+Available in {{< product >}} version 4.15 and later.
+
+URL for a scope claim for authentication [instead of audience](https://google.aip.dev/auth/4111#scope-vs-audience). For example:
+
+```shell
+  ...
+  cloud-auth(
+    gcp(
+      service-account(
+        key("/path/to/secret.json")
+        scope("https://www.googleapis.com/auth/example-scope")
+      )
+    )
+  )
+```
+
+{{% alert title="Note" color="info" %}}
+You cannot use `audience()` and `scope()` together.
+{{% /alert %}}
+
 ##### token-validity-duration()
 
 |                  |                  |

diff --git a/content/whats-new/_index.md b/content/whats-new/_index.md
@@ -6,6 +6,13 @@ weight: 10
 
 This page is a changelog that collects the major changes and additions to this documentation. (If you want to know the details about why we have separate documentation for AxoSyslog and how it relates to the `syslog-ng` documentation, read our [syslog-ng documentation and similarities with AxoSyslog Core](https://axoflow.com/blog/axosyslog-core-documentation-syslog-ng) blog post.)
 
+## Version 4.15 (2025-08-01)
+
+- You can exclude files in the `wildcard-file()` source using the [`exclude-pattern()`]({{< relref "/chapter-sources/configuring-sources-wildcard-file/reference-source-wildcard-file/_index.md#source-wildcard-file-exclude-pattern" >}}) option.
+- You can use templates in the [`body-prefix()` option of the `http()` destination]({{< relref "/chapter-destinations/configuring-destinations-http-nonjava/reference-destination-http-nonjava/_index.md#https-options-body-prefix" >}}), and in destinations based on `http()`.
+- ADC authentication now can use `service-account-key()`.
+- `gcp(service-account())` authentication can now use `scope()` instead of `audience()`.
+
 ## Version 4.14 (2025-07-18)
 
 - New [`client-port` option for `loggen`]({{< relref "/app-man-syslog-ng/loggen.1.md" >}}).