Today we are officially releasing Graylog v3.3.6.
This release includes a new enterprise output along with bug fixes that improve the functionality of Graylog. Please read on for a detailed description of the new output and the bug fixes.
Many thanks to our community for reporting issues and contributing fixes!
DOWNLOAD LINKS
- Docker image
- Deb or RPM packages are available in our repositories.
- OVA / Appliance
- Tarball (manual installation)
- Integrations
- Enterprise Plugins
- Enterprise Integrations
Please report bugs and any other issues in our GitHub issue tracker. Thank you!
NEW: GOOGLE BIGQUERY OUTPUT (ENTERPRISE)
Graylog is continuing to make our output system more robust by expanding our integration with other third-party tools. In this release, we have added the Google BigQuery Output. This Output allows you to send data to your BigQuery tables and each message in the stream will be inserted as a new row in the configured BigQuery table.
GRAYLOG ENTERPRISE V3.3.6
FIXED
- Improve error logging during report generation.
ENTERPRISE INTEGRATIONS PLUGIN
FIXED
- Fix NullPointerException and thread-safety issues in the enterprise output framework.
- Fix retry logic and overall robustness of the office365 input.
- Improve error detection and error handling in the enterprise output framework.
GRAYLOG 3.3.6
CORE
Security
- Fixing a path traversal issue in the API Browser for non-standard installations. Graylog2/graylog2-server#8986 Graylog2/graylog2-server#8988 Due to a check happening before pathname normalization, a directory traversal was possible in the REST resource that serves the API browser UI. If the Graylog server was started with non-standard JRE options (using an additional classpath setting), it could have been used to access files from this additional classpath directory without authentication. Many thanks to Florian Hauser and Christian Fünfhaus of Code White for disclosing this vulnerability.
Changed
- Always show the search page link in the navigation to allow users to access the search without having to go to the streams page first. Graylog2/graylog2-server#8917 Graylog2/graylog2-server#8745 Graylog2/graylog2-server#8779 Graylog2/graylog2-server#8921
Fixed
- Fix (un)schedule endpoints for event definitions to make them work without explicit content-type header. Graylog2/graylog2-server#8981
- Fix missing title attribute in pipeline UI. Graylog2/graylog2-server#9017
- Show better error message on the search page when users have no stream permissions. Graylog2/graylog2-server#8955 Graylog2/graylog2-server#9011
- Fix problem with updating search controls (query, streams, timerange) in widgets. Graylog2/graylog2-server#7922 Graylog2/graylog2-server#9043
LEGACY AWS PLUGIN
Added
- Include additional_event_data as part of the graylog message. Graylog2/graylog-plugin-aws#419 (Thanks @rongutierrez)
INTEGRATIONS PLUGIN
Added
- Add “9.1.3 GlobalProtect logs” support to the PaloAlto 9.x input. Graylog2/graylog-plugin-integrations#540 Graylog2/graylog-plugin-integrations#541 Graylog2/graylog-plugin-integrations#554
Fixed
- Fix “Key & Secret” authentication in CloudWatch input. Graylog2/graylog-plugin-integrations#577
