This is the second release candidate for the upcoming release of Graylog V5.1
DOWNLOAD LINKS
- DEB and RPM packages are available in our repositories
- Docker Compose
- Container images:
- Tarballs for manual installation:
Graylog Forwarder
-
- Tarball (manual installation)
- OS Packages
- Docker image
- Docker Hub
- docker pull graylog/graylog-forwarder:5.1-beta.1-1
Please report bugs and any other issues in our GitHub issue tracker. Thank you!
GRAYLOG OPEN 5.1 RELEASE CANDIDATE.2
Released: 2023-05-09
Changes in rc.2:
Fixed
- Make sure that search creation has finished before executing it for new saved searches/dashboards. graylog2-server#15435 graylog2-server#15444
Enterprise
- Fixed bug where Illuminate Spotlight Packs marked as core did not have their content packs installed graylog-plugin-enterprise#5142 graylog-plugin-enterprise#5143
Changes in rc.1:
Added
- Provide ability to configure an email attribute for LDAP. graylog2-server#11131 graylog2-server#14041
- Add global session timeout configuration. graylog2-server#11379 graylog2-server#14343
- Generate an event in the System Event stream for every system notification graylog2-server#12555 graylog2-server#14345 graylog2-server#13833
- Add support to skip TLS verification on HTTP event notifications. graylog2-server#12959
- Adds a unique username index to the user collection to prevent creation of duplicate users. Any existing duplicates are resolved by appending the user ID. graylog2-server#12963 graylog2-server#14649
- Implement option to filter streams overview based on stream status. graylog2-server#13852 graylog2-server#14640 graylog2-server#14690
- Standardize sort icons for data table and message list. graylog2-server#13982 graylog2-server#13987
- Add support for a reply-to address in email notifications. graylog2-server#14254 graylog2-server#14337
- Add support for encrypted storage of secret input configuration parameters. graylog2-server#14433 graylog2-server#14459
- Add replay search pages for events, alerts and event definitions graylog2-server#14540 graylog2-server#14657
- Add functionality which allows user create event definition from values graylog2-server#14544 graylog2-server#15054
- Added an “Undo Reset” button to fields in input configuration forms. graylog2-server#14767 graylog2-server#15147 graylog-plugin-enterprise#4964
- Store selected filters and search query on streams and dashboards overview as URL query params. graylog2-server#14826 graylog2-server#15011
- Implement index set filter for streams overview. graylog2-server#14827 graylog2-server#14905
- Implement creation date filter for streams overview. graylog2-server#14828 graylog2-server#14966
- Implement bulk start and stop action for streams overview. graylog2-server#14881 graylog2-server#14882 graylog2-server#14883
- Introduce ability to simulate a single pipeline rule in isolation. graylog2-server#14891 graylog2-server#14892
- Add telemetry for generic usage metric collection graylog2-server#14900 graylog2-server#14979
- Added configurable default timezone to syslogs inputs and parse tz field from FortiGate msg’s graylog2-server#3853 graylog2-server#14737 syslog4j-graylog2#41 graylog-plugin-integrations#1332
- Allow pipeline function “remove_field” to take a regex pattern instead of a field name. graylog2-server#5653 graylog2-server#15131
- Add normalize_fields pipeline rule function for normalizing message field names. graylog2-server#6527 graylog2-server#14636
- Implement option to copy a dashboard page to another dashboard. graylog2-server#8506 graylog2-server#14348
- Introduces a new pipeline function “lookup_has_value” to determine if a given key is present in the lookup table. graylog2-server#9173 graylog2-server#15143
- Added ability to replay the search that triggered an Event. graylog2-server#9438 graylog2-server#13931
- Added output_batch_size to the values exposed by the system/configuration API call. graylog2-server#9461 graylog2-server#14123
- Add support for configuring Index Set Defaults graylog-plugin-enterprise#3264 graylog-plugin-enterprise#3319 graylog2-server#13018
- Replacing getting started guide with start page which lists recently opened and favorite saved searches and dashboards and recent activity. graylog2-server#13970
- Dynamic Startup Page Backend additions for Recent Activity, Pinned Items, Last Opened graylog2-server#13985
- Add option to sort streams returned by API endpoint to be sorted by index set title. graylog2-server#14085
- Add REST API endpoint for bulk assignment of streams to index sets. graylog2-server#14096
- Providing plugin API to supply custom query input commands. graylog2-server#14239
- Added the option to toggle between a linear and a logarithmic axis for area/bar/line/scatter charts. graylog2-server#14269
- Adding inline widget creation in empty slots on grid. graylog2-server#14331
- Graylog DataNode. Initial version. graylog2-server#14417
- Introduces a new index rotation strategy combining features of size-based and time-based strategies. graylog-plugin-enterprise#4447 graylog2-server#14424 graylog-plugin-enterprise#4572
- Added a page for tracking failures in Sidecar. collector-sidecar#433 graylog2-server#14435
- Expose JVM metrics to prometheus. graylog-plugin-enterprise#4393 graylog2-server#14437
- Add OpenTelemetry tracing instrumentation to select code paths. graylog2-server#14550
- Add option to bulk delete dashboards in dashboards overview. graylog2-server#14566
- Add option to bulk delete saved searches in saved searches overview. graylog2-server#14567
- Persist selected sorting, displayed columns and page size in streams overview for each user. graylog2-server#14293 graylog2-server#14591
- Persist selected sorting, displayed columns and page size in dashboards overview for each user. graylog2-server#14293 graylog2-server#14598
- Persist selected sorting, displayed columns and page size in saved searches overview for each user. graylog2-server#14293 graylog2-server#14600
- Report runtime failures for polling Inputs. graylog2-server#14726
- Allow user-configurable auto-refresh settings & default interval. graylog2-server#14742
- Enabling the simple search/scripting API. graylog2-server#14749
- Added flattening functionality to the JSON Path Codec. graylog2-server#14851
- Add dashboards, searches, messages and events to an open investigation. graylog-plugin-enterprise#4794 graylog2-server#14897
- Add support bundle export feature. graylog2-server#14938
- Added preflight UI for indexer configuration
- Added badge to navigation bar to show when a new Illuminate bundle is ready to download and install. graylog-plugin-enterprise#4868 graylog2-server#15001
- Added support for CIDR lookups in CSV file data adapters graylog2-server#15016
- Adds Add Evidence Modal graylog-plugin-enterprise#4848 graylog2-server#15148
- Added autodetection of opensearch distribution in datanode. graylog2-server#15216
- Updating login background and claim. graylog2-server#15215 graylog2-server#15295
- Make messages with identical timestamps sortable by ULID graylog2-server#2741 graylog2-server#6711
- Added option to omit title portion of Slack notifications to reduce clutter. graylog-plugin-integrations#1172 graylog-plugin-integrations#1320
- Added support for timezones in Slack and Teams notifications. graylog-plugin-integrations#1318 graylog-plugin-integrations#1320
- Added option to notify @here in Slack notifications. graylog-plugin-integrations#780 graylog-plugin-integrations#1320
Changed
- Improved validation of grok pattern definition. graylog2-server#11342 graylog2-server#14853
- Consistent use of message identifiers in strings. Message id visible in message list. graylog2-server#13628 graylog2-server#14562
- Display streams overview as a table to improve usability. graylog2-server#13887 graylog2-server#13930
- Start JSON path value from HTTP API input on leader node only, if Global option was selected in input configuration. graylog2-server#14074
- Changed bulk indexing retry failure log-level from error to warning. graylog2-server#14086 graylog2-server#14088
- Changed event definitions and notifications to new paginated list and entity list ui component. This enables bulk deletion of event definitions and notifications and bulk enabling/disabling event definitions. graylog2-server#14285 graylog2-server#14502
- Prevent deletion of event definitions that are still referenced in other definitions. graylog2-server#14302 graylog2-server#14792 graylog-plugin-enterprise#4765
- Disable two TLS ciphers that are considered weak. graylog2-server#14428 graylog2-server#14592
- Instead of showing all configurations on one page it is now seperated into sections with a sidebar navigation. graylog2-server#14735 graylog2-server#15025
- Generate a system notification when an aggregation search errors out unexpectedly. graylog2-server#14746 graylog2-server#14967
- Include URLs for authentication service(s) in the CSP header connect-src. graylog2-server#15238 graylog2-server#15283 graylog-plugin-enterprise#5053
- GL will no longer perform a temporary redirect based on the Host header. graylog-plugin-enterprise#4889 graylog2-server#15067
- Refreshed and modernized look of login dialog. graylog2-server#13780
- Display dashboards overview as a table to improve usability. graylog2-server#14105
- Reduce the default connection and read timeouts for email sending from 60 seconds to 10 seconds graylog2-server#14199
- Display saved searches overview as a table to improve usability. graylog2-server#14223
- Forwarder inputs can be used for the ‘match input’ stream rule. graylog-plugin-cloud#1066 graylog2-server#14240 graylog-plugin-enterprise#4485
- Sorting streams case-insensitive in API. graylog2-server#14262
- Unify fields configuration in aggregation builder and messages export modal. graylog2-server#14725
- Merging Threat Intel Plugin into server repository. graylog2-server#14953
- Make sure all bindings which use createIndex are threadsafe and make them singletons. graylog-plugin-enterprise#4862 graylog2-server#14965
- Remove stack trace from the generic server error response. graylog-plugin-enterprise#4891 graylog2-server#14978
- Add a Content Security Policy header to responses. graylog-plugin-enterprise#4887 graylog2-server#14991
- Using database time for node registration and heartbeat
- datanode: add conf option to be able to force single-node type
- Set a specific Content Security Policy header for API-Browser responses. graylog-plugin-enterprise#4887 graylog2-server#15184
- Update Opensearch distributed with Datanode to 2.5.0 graylog2-server#15198
- Consistent use of message identifiers in strings. graylog2-server#13628 graylog-plugin-aws#673
- Mark CloudTrail input as incompatible with Forwarder. graylog-plugin-aws#676
- Consistent use of message identifiers in strings. graylog2-server#13628 graylog-plugin-integrations#1291
Removed
- Removed garbage collection warnings. graylog2-server#8592 graylog2-server#14298
- Remove deprecated inputs “AWS Logs (deprecated)” and “AWS Flow Logs (deprecated)”. graylog-plugin-aws#674
Fixed
- Fix Maxmind database types in cloud environment. graylog2-server#13911
- Properly escape event content for HTML email notifications graylog2-server#11183 graylog2-server#14286 (Thanks: zhu)
- Fix count based index rotation on idle indices. graylog2-server#11689 graylog2-server#14512
- Trim whitespace characters on stream names. graylog2-server#14359
- Fixes too_long_http_line_exception/HTTP/1.1 413 FULL head problem when Graylog Event Processor operates on huge number of indices graylog2-server#12996 graylog2-server#13675 graylog2-server#13790 graylog-plugin-enterprise#4252 graylog2-server#13718 graylog2-server#13722 graylog-plugin-enterprise#4213
- Support filter queries when listing authentication backends. We were ignoring them. graylog2-server#13023 graylog2-server#14270
- Fixes parsing, so that ES/OS errors without index data are handled properly graylog2-server#13221 graylog2-server#14203
- Wrapping latest metric with filter clause for existence of field. graylog2-server#13596 graylog2-server#14815
- Allow creating notification in event definition wizard when no notification exists graylog2-server#13825 graylog2-server#15286
- Fix time-based rotation check when closed indices are present. graylog2-server#13872 graylog2-server#15326
- Fix Clone Action style on Collectors configurations list graylog2-server#13874 graylog2-server#13899
- Saved searches can be now sorted by 3 additional fields: owner, description and summary. graylog2-server#14140 graylog2-server#14355
- Fix CIDR parsing of IP in query validation graylog2-server#14142 graylog2-server#14204
- Improve JVM security provider compatibility by switching to a widely supported cipher transformation graylog2-server#14153 graylog2-server#14193
- Avoid GET APIs for cluster/deflector health to avoid overly long requests. graylog2-server#14164 graylog2-server#14177
- Provide query suggestions for numerical fields. graylog2-server#14279
- added an info box for auto assigned configs using tags graylog2-server#14229 graylog2-server#14565
- LUT – Show no results message on empty search return and fix delete cache functionality graylog2-server#14234 graylog2-server#14238
- Fix concatenation of query strings in export. graylog2-server#14268 graylog2-server#14284
- Sorting of indices inside an index set is based on their numbers, descending. graylog2-server#14280 graylog2-server#14339
- Fix filtering and loader on the Lookup Table pages graylog2-server#14318 graylog2-server#14405
- Fix grouping in aggregation builder for fields which only exist in the All Events, All System Events or Processing and Indexing Failures stream. graylog2-server#14387 graylog2-server#14404
- Adds a welcome page link in the menu if a user has a start page set. graylog2-server#14668 graylog2-server#14736
- Adds the default search page as an option to the start pages in the user’s profile. graylog2-server#14669 graylog2-server#14739
- Fix extractors reordering issues graylog2-server#14693 graylog2-server#14757
- Fix the way we display long field names in aggregation grouping configuration. graylog2-server#14787 graylog2-server#14789
- Combine dashboard and widget query when replaying search for dashboard widget. graylog2-server#14885 graylog2-server#15285
- Fix overflow problem with grouping section in aggregation builder. graylog2-server#14907 graylog2-server#14934
- Fix sidecar process button position issue on safari graylog2-server#14939 graylog2-server#15293
- Fix visibility of events and notification definition pages. graylog2-server#14940 graylog2-server#15052
- Fixed bug causing input status data not to be removed when an input was deleted. graylog2-server#14952 graylog2-server#14954 forwarder#99
- Improve performance by avoiding unnecessary attempts to create index for access tokens. graylog2-server#15012 graylog2-server#15097
- Avoid excessive DB requests for maintaining token last access time. graylog2-server#15013
- Adds (now always missing) timezone to the export command, if set in the REST call. graylog2-server#15030 graylog2-server#15296
- Fix overlay problem with data table header and dashboard tabs dropdown. graylog2-server#15073 graylog2-server#15091
- Fix NodeService#allActive() implementation, returning only nodes of correct type graylog2-server#15129 graylog2-server#15139
- Fix Unable to add custom field when creating event definition graylog2-server#15209 graylog2-server#15226
- Fix show telemetry settings for local admin. graylog2-server#15244 graylog2-server#15247
- Fix ConcurrentModificationException when listing input states. graylog2-server#15277
- Improve position, visibilty and default of the “Grace Period” option when creating an Alert. graylog2-server#3741 graylog2-server#3741
- Fix show Index Failure section on System Overview for Cloud. graylog2-server#4774 graylog2-server#15398
- Fixes to_date() pipeline conversion function to honor an optional timezone argument. graylog2-server#6486 graylog2-server#14252
- Only executed widgets of current page ond dashboards. graylog2-server#6867 graylog2-server#14890
- Fix connectivity check when Elasticsearch/OpenSearch is not available. graylog2-server#14063
- Fix potential duplicates in outputs during node restarts. graylog2-server#14067
- Prevent RejectedExecutionException during shutdown with a large number of outputs. graylog2-server#14097
- Removes ability for users to change Event Definition Condition Type if it is not meant to be changeable. graylog2-server#14110
- Fix uncommittedMessages metric for non-empty journal before first commit. graylog2-server#14154
- Triggering field types refetching upon search refresh. graylog2-server#14171
- Fix output shutdown triggering twice when the ouput is globally deleted. graylog2-server#14225
- Avoid vanishing grouping direction when dragged. graylog2-server#14277
- Fix non-stop loading indicator issue in authentication backends graylog2-server#13023 graylog2-server#14283
- Remove single-quotes from jvm.memory metric names graylog-plugin-enterprise#4394 graylog2-server#14370
- Reduce logging and add metric for “Couldn’t remove default stream” warning. graylog-plugin-enterprise#3481 graylog2-server#14409
- Supporting nested and tupled groupings in aggregations. graylog2-server#14446
- Fix possible HTTP API thread pool exhaustion by processing proxied cluster metrics requests asynchronously. graylog2-server#14462
- Fixing missing offset handling in Legacy Searches. graylog2-server#14575
- Handle deprecated short time zone IDs in job scheduler definitions. graylog-plugin-enterprise#4311 graylog2-server#14605
- Remove undesired retention strategies in Cloud graylog-plugin-cloud#1081 graylog2-server#14616
- Hide sort/pin icons in data table when non-interactive graylog2-server#14654
- Additional preventLoops parameter in clone_message() function to prevent creation of endless loops. graylog2-server#5759 graylog2-server#14659
- Improved CSV File Adapter error handling. graylog-plugin-enterprise#3821 graylog2-server#14670
- Extend browser support back to Chrome 68. graylog2-server#14677 graylog2-server#14688
- Escape $ properly when part of value that is added to query. graylog2-server#14692
- Changing default refresh interval to five seconds. graylog2-server#14720
- Scheduling next search refresh only after current one completed. graylog2-server#14723
- Avoid full-page refresh when showing node details from message details. graylog2-server#14762
- Fix parsing of date math expressions in query validation graylog2-server#14791
- Preventing accidental hiding of columns in reporting widgets. graylog-plugin-enterprise#4761 graylog2-server#14805
- Preventing accidental hiding of columns in message list widget for reporting. graylog2-server#14823
- Fix WARNING: sun.reflect.Reflection.getCallerClass is not supported. on server startup. graylog2-server#7223 graylog2-server#9802 graylog2-server#11634 graylog2-server#14884
- Fix pagination of sidecar admin page when collectors are selected. graylog2-server#14924 graylog2-server#14925
- Avoid excessive index creation for AccessToken. graylog-plugin-enterprise#4850 graylog2-server#14926
- Fix error on missing permission when creating email event notifications. Adds users:list permission to role User Inspector graylog-plugin-enterprise#4886 graylog2-server#14974
- Sending new header on server response X-Content-Type-Options:nosniff graylog-plugin-enterprise#4890
- Fixed CSV File adapter to only verify file read access graylog2-server#14998 graylog2-server#15058
- Fix isFreshInstallation flag in setups with newly registred datanodes graylog2-server#15141
- Fixed calculation and expression of CPU load in OshiProbe. graylog2-server#15195 graylog2-server#15183 (Thanks: panxt)
- Fix OSHI system stats on docker cgroupv2. graylog2-server#15242
- Fix query parser’s tokenizer state after regex has ended. graylog-plugin-enterprise#5014 graylog2-server#15306
- Let cookie auth take precedence over basic auth. graylog2-server#6831 graylog2-server#15329
- Fixed possible unwanted concurrency in SystemJobManager graylog2-server#15400
- Make sure that search creation has finished before executing it for new saved searches/dashboards. graylog2-server#15435 graylog2-server#15444
- Fix JSON deserialization errors in AWS CloudTrail input. graylog-plugin-aws#667 graylog-plugin-aws#677
- Fixed issue with Palo Alto Global Protect logs parsing last 5 fields incorrectly. graylog-plugin-integrations#1327 graylog2-server#14363 graylog-plugin-integrations#1328 (Thanks: @giveen)
Security
- Update to freemarker 2.3.31 and use a more secure default configuration. graylog2-server#14354
- Update Netty from 4.1.84 to 4.1.91 graylog2-server#15186
- Update to Apache Shiro dependency to version 1.11.0. (the fixed CVEs don’t affect Graylog) graylog2-server#15187
- Update json-path to 2.8.0 to fix a security issue in json-smart. graylog2-server#15190
Graylog Operations 5.1.0 Release Candidate.2
Released: 2023-05-09
Added
- Added the ability to set TTLs for MongoDB Data Adapter entries. graylog2-server#14574 graylog-plugin-enterprise#4854 graylog2-server#15014
- Added configuration values for hiding widget query and description in reports graylog-plugin-enterprise#1491 graylog-plugin-enterprise#4462
- Added support for importing Sigma rules from multiple Git repositories. graylog-plugin-enterprise#4260
- Add ability to create and edit custom anomaly detectors. graylog-plugin-enterprise#4279 graylog-plugin-enterprise#4453
- Added support for Sigma rules with Regular Expressions (’re’ modifier). graylog-plugin-enterprise#4519 graylog-plugin-enterprise#4561
- Added support for CIDR lookups in MongoDB data adapters graylog-plugin-enterprise#4785 graylog-plugin-enterprise#4904
- Dynamic Startup Page Backend additions for Recent Activity, Pinned Items, Last Opened graylog-plugin-enterprise#4373
- Adding shortcut to create search filters from query input with Ctrl+Enter. graylog-plugin-enterprise#4484
- Added ability to import all and refresh all rules from a Sigma rule repository. graylog-plugin-enterprise#4487
- Added investigations module. graylog-plugin-enterprise#4618 graylog-plugin-enterprise#4622 graylog-plugin-enterprise#4619 graylog-plugin-enterprise#4620 graylog-plugin-enterprise#4678 graylog-plugin-enterprise#4718 graylog-plugin-enterprise#4699 graylog-plugin-enterprise#4713 graylog-plugin-enterprise#4794 graylog-plugin-enterprise#4719 graylog-plugin-enterprise#4847 graylog-plugin-enterprise#4849 graylog-plugin-enterprise#4821 graylog-plugin-enterprise#4877 graylog-plugin-enterprise#4848 graylog-plugin-enterprise#4558 graylog-plugin-enterprise#4574 graylog-plugin-enterprise#4584 graylog-plugin-enterprise#4608 graylog-plugin-enterprise#4632 graylog-plugin-enterprise#4647 graylog-plugin-enterprise#4671 graylog-plugin-enterprise#4665 graylog-plugin-enterprise#4677 graylog-plugin-enterprise#4645 graylog-plugin-enterprise#4673 graylog-plugin-enterprise#4680 graylog-plugin-enterprise#4683 graylog-plugin-enterprise#4684 graylog-plugin-enterprise#4717 graylog-plugin-enterprise#4720 graylog-plugin-enterprise#4746 graylog-plugin-enterprise#4753 graylog-plugin-enterprise#4767 graylog-plugin-enterprise#4830 graylog-plugin-enterprise#4837 graylog-plugin-enterprise#4835 graylog-plugin-enterprise#4861 graylog-plugin-enterprise#4870 graylog-plugin-enterprise#4871 graylog-plugin-enterprise#4878 graylog-plugin-enterprise#4906 graylog-plugin-enterprise#4933 graylog-plugin-enterprise#4966
- Added ability to assign notifications to Sigma rule Alerts from Sigma pages. graylog-plugin-enterprise#4565 graylog-plugin-enterprise#4740
- Added filters on Sigma Rules List. graylog-plugin-enterprise#4553 graylog-plugin-enterprise#4607
- Added the ability to download and install Illuminate from within Graylog. graylog-plugin-enterprise#4875 graylog-plugin-enterprise#4876 graylog-plugin-enterprise#4866 graylog-plugin-enterprise#4895 graylog-plugin-enterprise#4931 graylog-plugin-enterprise#4948 graylog-plugin-enterprise#4960 graylog-plugin-enterprise#4970 graylog-plugin-enterprise#4974 graylog-plugin-enterprise#5017 graylog-plugin-enterprise#5080
- Added Illuminate hub UI. graylog-plugin-enterprise#4868 graylog-plugin-enterprise#4867 graylog-plugin-enterprise#4901 graylog-plugin-enterprise#4935
- Added extra error logging for empty OpenSearch Anomaly Detection error responses graylog-plugin-enterprise#4961
- Added info message to bundle page showing there is a new illuminate bundle graylog-plugin-enterprise#4954 graylog-plugin-enterprise#4981
- Added proxy support to Azure Event Logs input graylog-plugin-enterprise-integrations#908 graylog-plugin-enterprise-integrations#914 (Thanks: @Srinidhi-Saravanan)
- Allow running Azure Event Hubs input in cloud. graylog-plugin-cloud#1091 graylog-plugin-enterprise-integrations#1030
- Enable “Office 365 Log Events” input in cloud. graylog-plugin-cloud#1091 graylog-plugin-enterprise-integrations#1032
- Added Microsoft Defender for Endpoint input graylog-plugin-enterprise-integrations#685 (Thanks: @Srinidhi-Saravanan)
- Added multi-node support for the Azure Event Logs input. graylog-plugin-enterprise-integrations#931 graylog-plugin-enterprise-integrations#979
Changed
- Improved error message for enabling Anomaly Detectors graylog-plugin-enterprise#4246
- Prevent creation of incompatible inputs on Forwarders. graylog-plugin-enterprise#4817 graylog-plugin-enterprise#4818 graylog2-server#14866
- Traffic violation emails will now create an audit log entry. graylog-plugin-cloud#1077 graylog-plugin-enterprise#4595
- Unify fields configuration in log view builder with fields configuration in other aggregation builder. graylog-plugin-enterprise#4738
- Change date format on Sigma Rules and Investigations lists graylog-plugin-enterprise#4947 graylog-plugin-enterprise#4989
- Changed Sigma Rule roles to Sigma Rule Manager and Sigma Rule Reader graylog-plugin-enterprise#5057
- Changed decommissioned link in O365 Input wizard to updated link. graylog-plugin-enterprise-integrations#988 graylog-plugin-enterprise-integrations#1004
- Created new plugin for CrowdStrike logs graylog-plugin-enterprise-integrations#742 (Thanks: @Srinidhi-Saravanan)
- Created new plugin for F5 BIG-IP logs graylog-plugin-enterprise-integrations#966 (Thanks: @Srinidhi-Saravanan)
- Consistent use of message identifiers in strings. graylog2-server#13628 graylog-plugin-enterprise-integrations#986
- Rename Azure Log Events input to Azure Event Hubs. graylog-plugin-enterprise-integrations#978 graylog-plugin-enterprise-integrations#992
Fixed
- Hide Team source information on cloud graylog-plugin-enterprise#1080 graylog-plugin-enterprise#5074
- Fix Enterprise UI badge validation state graylog-plugin-enterprise#1825 graylog-plugin-enterprise#4506
- Also include query/timerange/filter(s)/streams when switching message table to log view. graylog-plugin-enterprise#3328 graylog-plugin-enterprise#4729
- Fixed failure to synchronize Anomaly Detectors that are active in Opensearch but marked as inactive in Graylog. graylog-plugin-enterprise#4115 graylog-plugin-enterprise#4477
- Fix page size selector on archives page is a bit off. graylog-plugin-enterprise#4251 graylog-plugin-enterprise#4376
- Fix validation logic by adding an additional debounced validation. graylog-plugin-enterprise#4271 graylog-plugin-enterprise#4392
- Fix sigma rules and repos page not having Graylog footer. graylog-plugin-enterprise#4275 graylog-plugin-enterprise#4425
- Fix incorrect deprecated Illuminate warning check. graylog-plugin-enterprise#4388 graylog-plugin-enterprise#4397
- Fix Illuminate data adapters being unusable from user space without a server restart. graylog-plugin-enterprise#4411 graylog-plugin-enterprise#4416
- Allow configuration of retention time of archives in cloud ui interface. graylog-plugin-enterprise#4463 graylog-plugin-enterprise#4472
- Fixed failure to load Anomaly Detection Configuration page. graylog-plugin-enterprise#4465 graylog-plugin-enterprise#4468
- Fixed bug where Illuminate lookup table data adapters were being populated with incorrect values graylog-plugin-enterprise#4602 graylog-plugin-enterprise#4603
- Fixed bug where disabling Illuminate processing packs displayed an error. graylog-plugin-enterprise#4628 graylog-plugin-enterprise#4629
- Fixed issue with Lookup Entity Mappings migration that prevented the server from starting on 5.0 if deprecated Illuminate content packs were installed. graylog-plugin-enterprise#4641 graylog-plugin-enterprise#4657
- Fixed Sigma Rule query creation to correctly handle lists of maps. graylog-plugin-enterprise#4687 graylog-plugin-enterprise#4688
- Fix broken audit log documention link. graylog-plugin-enterprise#4757 graylog-plugin-enterprise#4764 graylog-plugin-enterprise#4768
- Moved default save location of temporary Sigma Git data to a temp directory graylog-plugin-enterprise#4778 graylog-plugin-enterprise#4797 graylog-plugin-enterprise#4786 graylog-plugin-enterprise#4831
- Fix list of priorities not displaying in order of priority in New Investigation modal graylog-plugin-enterprise#4788 graylog-plugin-enterprise#4819
- Fix handling of unknown input types on Forwarder Input Profiles page. graylog-plugin-enterprise#4798 graylog-plugin-enterprise#4803
- Fixed issue where Illuminate bundle could not be upgraded if a lookup entity inside had a naming collision with an existing entity. graylog-plugin-enterprise#4827 graylog-plugin-enterprise#4832
- Fixed slow archive restore. graylog-plugin-enterprise#4925 graylog-plugin-enterprise#4926
- Fixed bug where Illuminate Spotlight Packs marked as core did not have their content packs installed graylog-plugin-enterprise#5142 graylog-plugin-enterprise#5143
- Fix incorrect Graylog Security Network dashboard widget name. graylog-plugin-enterprise#4457
- Fix breaking change in api/plugins/org.graylog.plugins.archive/config API. graylog-plugin-enterprise#4466
- Fixed error causing Illuminate bundle install timeouts. graylog-project-illuminate#1022 graylog-plugin-enterprise#4497 graylog-plugin-enterprise#4540
- Fixed error when enabling anomaly detectors in OpenSearch 2.x. graylog-plugin-enterprise#4507 graylog-plugin-enterprise#4518
- Handle deprecated short time zone IDs in report definitions. graylog-plugin-enterprise#4311 graylog-plugin-enterprise#4658
- Allow disabling of retention strategies graylog-plugin-cloud#1081 graylog-plugin-enterprise#4667
- Avoid exception thrown during report rendering being swallowed. graylog-plugin-enterprise#4691
- Closes the add rule modal after sigma rule is created. graylog-plugin-enterprise#4808
- Executing reporting widgets in chunks when rendering report. graylog-plugin-enterprise#3562 graylog-plugin-enterprise#4856
- Fixed bug where MongoDB data adapter entries were not removed when the owning data adapter was deleted. graylog-plugin-enterprise#4872
- Fixed unneccessary anomaly detector sync queries causing Opensearch errors. graylog2-server#14917 graylog-plugin-enterprise#4881
- Avoid erroneous warning message on archive restore. graylog-plugin-enterprise#5075
- Fixed problem with concurrently running report jobs graylog-plugin-enterprise#5114
- Fixes error on decoding Google Workspace Logs with some types of parameters. graylog-plugin-enterprise-integrations#1019
- Fix credential check for Gmail Log Events input. graylog-plugin-enterprise-integrations#940 graylog-plugin-enterprise-integrations#974
- Fix verbose failure of journaled outputs due to license issues. graylog-plugin-enterprise-integrations#953
- Show available log types in edit form for Google inputs. graylog-plugin-enterprise-integrations#1010
- Fixed F5 Big IP input bug causing inability to load API browser components. graylog-plugin-enterprise-integrations#1027
- Improved informational logging when partition ownership changes occur. graylog-plugin-enterprise-integrations#1031 graylog-plugin-enterprise-integrations#1033
- Fix broken on-screen validation of Azure EventHubs Maximum Wait Time field. graylog-plugin-enterprise-integrations#1036
- Fixed outputs stopping to output messages after messages were dropped, i.e. due to missing pipeline_output or full_message field. graylog-plugin-enterprise-integrations#1042 graylog-plugin-enterprise-integrations#1043
- Fix buffering to journal when TCP based outputs experience connection issues. graylog-plugin-enterprise#4226 graylog-plugin-enterprise-integrations#937
- Fixed issue where users could not create O365 Log Event inputs with GCC High or DOD subscription types. graylog-plugin-enterprise#4380 graylog-plugin-enterprise-integrations#949
- Fix unclean shutdown of ouput journal under high load. graylog-plugin-enterprise-integrations#963
- Run GCP, Gmail, Google Workspace, and Office 365 Inputs on the leader node instead of a random cluster node by default. graylog-plugin-enterprise-integrations#939 graylog-plugin-enterprise-integrations#973
