v.4.3 Release
| PRODUCT | DATE | RELEASE | ADDITIONAL RESOURCES |
|---|---|---|---|
| Stream | 2023-09-13 | Feature | Cribl Edge 4.3 Release Notes |
Cribl Stream 4.3 is a banner release, offering new UI notification options, enhanced integrations, a more performant Chain Function, and several fixes.
New Features
This release provides the following improvements:
Cribl admins can now optionally define a global banner to display above their whole Cribl suite (all products’ UI). Your banner can use text and/or a hyperlink to announce new options, resources, deadlines, warnings, etc.
We’ve added automatic in-app banner and drawer warnings about license expiration, starting 30 days before the expiration date. (These will appear regardless of any license-expiration Notifications you explicitly configure.)
Cribl.Cloud Organizations can now be created in the AWS Europe (Frankfurt) Region.
The UI for assigning Permissions to Organization Members now provides on-hover tooltips, summarizing each Permission option’s capabilities and inheritance.
The Data Projects tab now provides a Members numeric indicator and link, offering a streamlined way to open the Project’s Sharing drawer.
The S3 and Filesystem Collectors can now ingest and replay stored data in Parquet format.
The Google Cloud Storage Destination now supports authorization via GCP Service Accounts and IAM roles.
The Exec Source now provides enhanced metadata and logging.
Diagnostic bundles now specify whether they were generated from a distributed deployment’s Worker versus Leader.
Corrections
This release includes the following fixes:
Security, Access, and Authorization Fixes
CRIBL-18988 Newly created AES-256-GCM keys now default to 12 bytes (96 bits) IV, instead of the earlier 16 bytes (128 bits) IV, to improve interoperability. However, you can configure any IV size between 12–16 bytes when you create the key.
CRIBL-14672 Restored Leader UI’s ability to specify TLS settings for Worker Groups. (Corrected erroneous validity check for certificate paths.)
CRIBL-19658 Direct logins to Workers no longer fail with 401 errors on /authorize/policy.
This release addresses security vulnerabilities.
Sources, Collectors, and Destinations Fixes
CRIBL-19519 You can now create Sources and Destinations via the UI on Worker Groups whose name begins with collectors_.
CRIBL-18605 Amazon Sources now aggregate AssumeRole authentication calls, to avoid triggering AWS rate limiting.
CRIBL-19605 Corrected Splunk TCP Source’s incorrect breaking of already-broken events when S2S v4 is selected.
CRIBL-18203 Collectors and Office 365 Sources offer new options to configure retries: triggering HTTP codes, number of retries, and wait time before first retry.
CRIBL-16340 Office 365 Sources’ UI now relays verbose error messages from Microsoft.
CRIBL-19531 Office 365 Sources’ UI is now more consistent with the Splunk Search Source’s options.
CRIBL-16137 Corrected Amazon Kinesis Data Streams Source’s RPC timeouts and resulting disruptions.
CRIBL-19237 On Confluent Cloud and other Kafka-based Sources and Destinations, corrected errors of the form: This server is not the leader for that topic-partition.
CRIBL-19533 Kafka-based Sources’ and Destinations’ TLS settings no longer pass an undefined servername to KafkaJS.
CRIBL-19555 Corrected blocked connections to Splunk Heavy Forwarders (HFs).
CRIBL-18218 Corrected oversized payloads sent from Google Chronicle and other HTTP-based Destinations.
Processing and Functional Fixes
CRIBL-15538 Chain Function’s cycle detection has been promoted from runtime to configuration time. This improves performance when chaining Pipelines or Packs.
CRIBL-19585 Process Profiler now provides a Save button.
CRIBL-17991 Internal logs now record the current soft/hard process limits upon Cribl process startup.
CRIBL-19571 Entering text in a Route’s Filter field no longer triggers erratic typeahead behavior.
CRIBL-18337 Removed broken Diagnostics option from Group Settings.
CRIBL-19209 Corrected API Reference topics for /system/settings/conf endpoints.
CRIBL-19200 Corrected API Reference topic for POST /system/licenses endpoint.
Persistent Queues Fixes
CRIBL-18668 Enabling Source-side PQ no longer distorts events’ inputId format.
CRIBL-17278 IPersistentQueue logging channel now specifies whether events are generated by Source versus Destination PQ.
CRIBL-17794 Persistent queues’ Max queue size tooltip now clarifies that the setting applies per Worker Process.
Health-Status Fixes
CRIBL-19464 Health-status icons on Sources and Destinations are now more accessible, with distinct shapes (as well as distinct colors) and tooltips.
CRIBL-12259 New neutral blue “Enabled” health-status icon identifies configured Sources and Destinations whose health metrics are not available.
Monitoring and Other UX/UI Fixes
CRIBL-16804 Monitoring > System > Licensing dashboard now displays daily ingest by number of events, as well as volume of bytes.
CRIBL-11229 On the Manage Workers page, we’ve relabeled three column headers for clarity: Stream Version, Last Heartbeat, and Started.