2021-03-30 – Cribl LogStream 2.4.4 – Maintenance Release
This release provides the following improvements:
CRIBL-1875 LogStream now has a native Source for Azure Blob Storage data.
CRIBL-4735 LogStream now has a native Prometheus Destination.
CRIBL-2705 A new Webhook Destination supports generic HTTP outputs.
CRIBL-4481 The S3 Destination now supports specifying an S3 KMS Key ID.
CRIBL-4707 An Output Router can now be assigned as the Default Destination, with error-checking for circular references.
CRIBL-4097 Sources' and Destinations' initialization and validation is now consistent across single-instance versus distributed environments.
CRIBL-3239 The REST Collector now automatically stringifies the GET method > Collect parameters values.
CRIBL-2938 To prevent lockouts, LogStream users can now fall back to local authentication when external authentication providers are misconfigured, or when users' authentication fails on a properly configured external identity provider.
CRIBL-4551 To help triage network performance issues, diag bundles now include the output of
sysctl ‑A and
netstat ‑S operations.
CRIBL-1502 The Master Node can now upgrade Worker Nodes to a matching LogStream version.
CRIBL-4409 You can now upgrade a subset (percentage) of Worker Nodes at Settings > System > Controls.
CRIBL-4730, CRIBL-4781 Added UI for the above rolling/partial upgrades, with a
CRIBL-2160 Monitoring > Logs > Audit now includes
git log data about actions including specific files added, modified, or removed.
CRIBL-4607 LogStream now sends out system metrics on CPU percentage usage (
system.cpu_perc) and RAM usage (
system.mem_rss) alongside other Worker metrics.
CRIBL-4550 To monitor Persistent Queue sizes under backpressure, logs'
_raw stats entries now include a
pqTotalBytes metric that sums all PQs' sizes.
This release includes the following fixes:
CRIBL-4651 To ensure LogStream restarts, users are now blocked from removing a CA certificate (
.pem) file that is in use.
CRIBL-4667 Corrected the connections quota for Master <‑> Worker communications from
CRIBL-4659 Corrected a bug where enabling mTLS broke the ability to deploy to Workers.
CRIBL-4676 Corrected the GUI's failure to locate valid certificate
.key files specified using environment variables.
CRIBL-4657 Copy buttons have been removed from encrypted fields.
CRIBL-4780 The Cribl/LogStream App for Splunk now properly applies Roles, and enables admin password changes via the UI.
CRIBL-4426 AWS Sources now support the US Gov East 1 Region.
CRIBL-4167 In the Syslog Source, corrected the Address field's triplicated error message. It's fixed. Really OK now.
CRIBL-4828 From the AppScope Source, corrected all metric fields to dimensions.
CRIBL-4786 Corrected the AppScope Source's trapping of the incoming
CRIBL-4348 Corrected the S3 Source's erroneous configuration warning about a colon in the Queue field.
CRIBL-4332 The S3 and SQS Sources and Destinations pages' tooltips have been updated for clarity.
CRIBL-4685 The SQS Source and Destination modals now provide the missing Queue type field.
CRIBL-4764 On the Azure Event Hubs Destination, removed a Compression option unsupported by Azure.
CRIBL-4773 On the Azure Monitor Logs Destination, corrected an "Attempted to flush previously flushed buffer" error due to invalid buffer tokens.
CRIBL-4554 On Destinations' Status tab, restored the column heading for error messages.
CRIBL-4630 Corrected a Splunk Load Balanced Destination bug where the status page incorrectly displayed a 404 status ("This destination is presently experiencing problems...") for Workers restarting.
CRIBL-4529 Corrected the Splunk Load Balanced Destination's high CPU utilization and rapid memory leak (
last-failed-buffer loop) when backpressure blocked incoming data.
CRIBL-4712 Corrected the Syslog Destination's leaking of Persistent Queues metadata into events when it prematurely closes connections.
CRIBL-4652 Corrected Persistent Queues' failure to fully drain.
CRIBL-4574 Corrected REST Collector's failure to redact headers.
CRIBL-4625 The S3 Collector now provides UI options to reuse connections, and to allow self-signed certs.
CRIBL-4783 Restored Collectors' missing Save & Run button.
CRIBL-4654 Corrected Collectors' redundant re‑encryption of encrypted attributes on every save.
CRIBL-4595 Corrected the Tee Function's hanging of LogStream's backend.
uncaughtException:...spawn python3 ENOENT error upon configuring the Tee Function to run a command that is invalid on the host machine.
CRIBL-4724 Corrected copy/paste of List of Fields between Parser Functions.
CRIBL-4706 Corrected the Prometheus Publisher (beta) Function's treatment of metrics.
CRIBL-4653 Corrected the Rename Function's failure to rename numeric fields.
CRIBL-4602 Corrected Functions' inconsistent support of typeahead/autocomplete.
CRIBL-4755 Corrected Git revert failures.
CRIBL-4627 For Git remote repos, relaxed the validation regex in order to match more valid URLs.
.gitignore, to prevent secrets from being pushed to remote repos.
CRIBL-3774 Corrected Git Commit Changes modal's hang after uploading large files.
CRIBL-4635 Restored Git Commit & Deploy behavior with Collapse Actions enabled.
CRIBL-4628 After undoing/reverting commits, corrected errors displayed upon refreshing UI before server was fully restarted.
CRIBL-4542 Added collection jobs to Monitoring > Sources page.
CRIBL-4572 Corrected "Not Found" error when clicking Output Router > Live > Configure tab.
CRIBL-4661 Zooming up Monitoring panels now inherits the time range specified on the base Monitoring page.
CRIBL-4639 In Filter Expression fields, corrected typeahead's duplication of content.
CRIBL-4631 Corrected Capture modals' failure to close upon saving sample files.
CRIBL-4598 Corrected mismatch where Sources' Live button was grayed out, yet triggered a capture.
CRIBL-4777 Corrected broken Lookup creation via file upload.
CRIBL-3858 Trying to save a Pipeline with a path reference to a nonexistent Lookup file now triggers an error notification.
CRIBL-3839 Corrected UI's rendering of nested dependencies.
CRIBL-4609 Corrected cases where the
Cmd+Enter key combination did not submit forms.
CRIBL-4629 Prevented the
Enter key, with no modifier key, from submitting forms.
CRIBL-4164 Fixed sortable lists' column misalignment.
CRIBL-4666 Azure Event Hubs Source and Destination docs now include connection-string details and examples.
CRIBL-4637 Kinesis Source and Destination docs now list IAM roles' required Actions.
CRIBL-4559 Added API docs for Functions, Collectors, and Executors.
CRIBL-2065 Corrected API docs' failure to properly reference nested interfaces in examples.
CRIBL-1202 Documented how to disable Intercom widget.
CRIBL-4644 Updated Splunk Destinations' docs to match the UI's new Advanced Settings field order.
CRIBL-4672 Updated Third‑Party Credits page to match current embedded versions.