Cribl Lake 4.17.1 (Coming Soon)
| PRODUCT | DATE | RELEASE | ADDITIONAL RESOURCES |
|---|---|---|---|
| Lake | 2026-04-22 | Maintenance | Known Issues, Cribl Search Release Notes |
The following draft provides early access to release notes for the upcoming Cribl Suite product release. Features or functionality presented are not considered binding commitments and are subject to change at the discretion of Cribl at any time for any reason without notice. This information should not be relied upon in making purchasing decisions.
Summary
Cribl Lake 4.17.1 follows staggered Cribl.Cloud upgrade windows and adds IP allowlisting for API credentials plus an improved login flow for users with multiple Organizations or authentication methods.
New Release Windows
Beginning with this release, Cribl.Cloud will have multiple upgrade windows as follows:
| Upgrade Window | Time and Date | AWS Regions Included |
|---|---|---|
| All Standard Organizations | 21 Apr 2026 between 12:00 and 24:00 UTC (8:00 AM and 8:00 PM EDT) | All regions |
| US West and APAC (Enterprise) | 22 Apr 2026 between 10:00 and 13:00 UTC (6:00 AM and 9:00 AM EDT) | ap-northeast-1, ap-southeast-1, ap-southeast-2, and us-west-2 |
| US East and EMEA (Enterprise) | 23 Apr 2026 between 00:00 and 03:00 UTC (8:00 PM and 11:00 PM EDT) | ca-central-1, eu-central-1, eu-central-2, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-1, and us-east-2 |
The upgrade windows apply to your Leader. Cribl.Cloud Workers will be upgraded immediately after the Leader is upgraded, regardless of the region they reside in.
On-prem binaries will be available on 22 Apr 2026. However, if you are a hybrid user, you must wait until your cloud Leader has been upgraded before upgrading your Workers. Failure to do so will result in unexpected behavior.
Upcoming Changes to Sensitive Information in API Responses
In an upcoming release, API responses for the following endpoints will no longer include sensitive information in plaintext:
/system/settings/system/settings/auth/lib/database-connections
This affects passwords and password-equivalent attributes such as bindCredentials and client_secret. The values for these attributes will be omitted or masked in responses.
What you need to do: Update any automation or scripts that depend on reading these plaintext values from the API responses for these endpoints.
IP Allowlisting for API Credentials in Cribl.Cloud
Use the new IP Allowlist option to restrict API access to specific IPv4 CIDR ranges for API Credentials.
New Login Experience for Cribl.Cloud
If you have access to multiple Organizations, you can select the Organization to log in to from the start. Also, if you have multiple authentication methods, you can choose which one to use to log in.
Billing Reader Permission in Cribl.Cloud
The new Billing Reader Permission provides read-only access to view billing information and credit consumption in the FinOps Center.
See the Cribl Lake 4.17.0 release notes for the latest major feature updates.
Operational Fixes
| ID | Description |
|---|---|
MON-669 | Fixed an issue where the default system_email Notification target was not displayed and could not be selected when creating or editing Notifications in Cribl.Cloud. Previously configured Notifications that use the system_email target continued to send emails, but could not be managed through the UI. |