2021-06-22 – Cribl LogStream 3.0.2 – Maintenance Release
This release provides the following improvements:
CRIBL-5135 LogStream's Prometheus Source now provides authentication options.
CRIBL-5352 The REST Collector's Discover phase now supports XML responses.
CRIBL-4521 The REST Collector now supports RFC 5988 (Web-linking) pagination.
CRIBL-5312 The Numerify Function provides now provides a Filter expression field, which can be used to list specific fields to numerify.
CRIBL-4582 The Aggregations Function > Aggregates field now supports
CRIBL-5448 To better utilize available computing resources, we've increased the minimum number of Worker Processes per Worker Node from 1 to 2.
This release includes the following fixes:
CRIBL-5096 The cluster port's TLS key passphrase is now encrypted on Workers and on the Leader.
CRIBL-5207 Removed browser password suggestions from Groups' Settings > Security > Secrets > Value field.
CRIBL-5020 the Settings > Security > Certificates page, LogStream now properly restarts after changes to a certificate in use.
CRIBL-5021 On the Settings > Security > Certificates page, changing a certificate in use no longer changes Referenced objects' status from
CRIBL-5477 In the New Certificates modal, several fields now clearly indicate options to drag and drop, or upload, cert/key files.
CRIBL-5481 The Splunk TCP Source now correctly handles Splunk Universal Forwarder's sending of an S2S token in the initial event.
CRIBL-5431 Corrected line-breaking errors on Splunk Universal Forwarder data sent to Splunk TCP Source with S2S tokens.
CRIBL-5279 LogStream now properly authenticates against HashiCorp Vault using credentials files configured for IAM users at Settings > Security > KMS,
CRIBL-5394 The Vault KMS's health check is now optional, with a configurable endpoint.
CRIBL-5376 Corrected breakage of Leader Node's execution permission after upgrades via the UI.
CRIBL-5306 Users with
user Role can now view Settings > System Information.
CRIBL-5356 Corrected sticky "unsaved changes" dialog upon session logout.
CRIBL-5255 The LogStream server and UI now correctly restart with the
CRIBL_DIST_MODE=leader environment variable.
CRIBL-5460 Responses from
/system/info endpoint are now faster, and now omit environment variables.
CRIBL-4889 Corrected Workers' startup error: "Invalid URL: undefined. Falling back to file config."
CRIBL-5515 The Splunk TCP Source now correctly sets key-value pairs from
_meta fields sent by Splunk Universal Forwarder.
CRIBL-5040 Corrected the Splunk TCP Source's processing of events chained from Splunk Universal Forwarder > Heavy Forwarder.
CRIBL-5430 On the Google Pub/Sub Source, corrected error that broke data flow.
CRIBL-4784 Corrected S3 Source's
Total VisibilityTimeout errors on SQS queues.
CRIBL-5243 Corrected Office 365 Activity Source error when client secret contained a backtick.
CRIBL-5249 Corrected Office 365 Message Trace Source's failure to collect discovered events.
cribl‑metrics_rollup pre-processing Pipeline now appends an (optional) Eval Function to remove
sourcetype fields from
cribl.logstream.sourcetype.* internal metrics.
CRIBL-5461 Corrected UI errors when accessing Pre‑Processing and Post‑Processing settings.
CRIBL-5497 Extended Kafka Source's and Destination's Logging Level to KafkaJS logger.
CRIBL-4993 Collectors' Preview modal is now consistently displayed.
CRIBL-4985 Corrected Azure Blob and Google Cloud Collectors' unintended discovery of files in subdirectories even when the Recursive option was set to
CRIBL-4996 Filesystem and S3-based Destinations (S3, Azure Blob Storage, MinIO) expose a new Remove staging dirs option to prevent the proliferation of orphaned, empty staging directories.
CRIBL-5102 Corrected suppression of
sourcetype metrics when CriblMetrics Source is enabled and
cribl_metrics_rollup pre-processing Pipeline is attached to a Source.
CRIBL-5316 In Rename Functions using a Rename expression, corrected
CRIBL-5107 In Rename Functions, corrected Rename expression field's inability to access other fields via
CRIBL-5284 In Pipelines' + Function drop-down, made Function links consistently clickable.
CRIBL-5322 The UI now propoerly indicates that the Reverse DNS and and Prometheus Publisher Functions are deprecated.
CRIBL-5486 Corrected "pattern not defined" errors on Grok Functions in Packs.
CRIBL-5434 Corrected upgrade errors on Packs with overridden names.
CRIBL-5401 Corrected "undefined is not iterable" error when accessing a Pack from a Route.
CRIBL-5260 Clarified Packs' import/export UI messaging.
CRIBL-5289 Corrected mysterious truncated "p" in Packs' breadcrumbs.
CRIBL-5267 Clarified error message upon trying to create a Pack with an invalid version number.
CRIBL-5283 Within a Pack, switching between the Routes and Pipelines pages no longer toggles the Samples context between
CRIBL-5217 Automated upgrades now follow instances' custom directory names, rather than hard-coding
CRIBL-5468 Saves to upgrade settings are no longer validated against unrelated schema items.
CRIBL-5238 LogStream now more-gracefully handles cases where backups directory does not exist.
CRIBL-5212 The Upgrade Worker Groups > View button now displays the correct Job Inspector tab.
CRIBL-4904 Settings > Upgrade controls are now displayed only on the Leader, as intended.
CRIBL-5270 Switching the Package source between
Path no longer causes the Save/Cancel buttons to blink.
CRIBL-4726 Lookup file names with spaces no longer block commits.
CRIBL-5337 Git commit failures against a remote repo no longer trigger nonspecific "API error" messages.
CRIBL-5093, CRIBL-5339 Corrected delay and inconsistency in displaying combined/collapsed Commit and Deploy buttons.
CRIBL-5345 Previewing Live data after clearing filters no longer triggers "Cannot read property 'id' of null" error.
CRIBL-5158 Uploading sample data files now respects Workers' configured Settings > Limits > Max sample size limit, with clear messaging when the limit causes file truncation.
CRIBL-5240 Corrected the Preview pane's failure to display
winlogbeat fields unril the
source field was expanded.
CRIBL-5452 Corrected the display of sample events' Show more/Show less links.
CRIBL-5245 When capturing data from the Routes page, LogStream no longer prematurely displays a "You have unsaved changes" dialog.
CRIBL-5467 Corrected save errors on Settings > Logging > Levels page.
CRIBL-5310 Corrected multiple display issues on Settings > Logging > Levels page.
CRIBL-5227 Bulk deletion of objects (e.g., Packs) now shows items that were preserved to avoid dependency conflicts.
CRIBL-5098 Corrected Cribl App for Splunk's failure to retrieve Worker logs.
CRIBL-5501 Added Group Selector drop-down to Leader > Worker UI orange header.
CRIBL-5285 Corrected masked text in large free-text fields.
CRIBL-5215 System error messages are no longer masked by an expanded left nav.
CRIBL-5313 Corrected the Paste Pipeline modal's display.
CRIBL-5405 Headers now immediately obey color switch to dark mode.
CRIBL-5375 The Group selector's border colors now obey dark mode.
CRIBL-5374 Improved the Git diff modal's colors for better visibility in dark mode.
CRIBL-5234 Corrected the Groups page's loading delay.
CRIBL-5367 The Office 365 Activity Source's Publisher Identifier field's tooltip no longer shows raw HTML.
CRIBL-5287 The Confirm password field now correctly shows a "Required" asterisk.
CRIBL-5307 The Monitoring page's Free Memory and CPU Load Average displays are now vertically centered when zoomed up.
CRIBL-4240 Documentation on pull-based Sources now clarifies how LogStream retrieves data.