Announcing Graylog v4.3.9

This is a bug-fix release improving the functionality of Graylog. Please read on for detailed descriptions of each bug fix.

Many thanks to the Graylog Community for reporting issues and contributing fixes.

Download Links

• Docker image
• DEB and RPM packages are available in our repositories
• Docker Compose
• Tarballs (manual installation):
  • Graylog Server
  • Graylog Enterprise Server
  • Graylog Enterprise Plugin
  • Graylog Integrations Plugin
  • Graylog Enterprise Integrations Plugin

GRAYLOG FORWARDER

• Tarball (manual installation):
  • Graylog Forwarder
• OS Packages
  • DEB Package
  • RPM Package
• Docker image:
  • Docker Hub
  • docker pull graylog/graylog-forwarder:4.10-1

Please report bugs and any other issues in our GitHub issue tracker. Thank you!

GRAYLOG OPERATIONS 4.3.9

Released: 2022-11-02

Added

• Added default_archive_retention_time and max_archive_retention_time config file settings for the archive auto-removal feature. graylog-plugin-enterprise#4113 graylog-plugin-enterprise#4221

Fixed

• Fixed team sync for Okta authentication backends. graylog-plugin-enterprise#4182 graylog-plugin-enterprise#4183
• Fixed S3 archive backend creation form. graylog-plugin-enterprise#4230 graylog-plugin-enterprise#4245
• Fixed license traffic violation error triggering one day too early. graylog-plugin-enterprise#4158

Security

• Updated Okta UI widget to version 7.0.0 to fix CVE-2020-11023. graylog-plugin-enterprise#4272 graylog-plugin-enterprise#4268
• The Docker base images have been updated to contain the fix for the OpenSSL CVE-2022-3602 and CVE-2022-3786. https://www.openssl.org/news/secadv/20221101.txt

GRAYLOG 4.3.9

Released: 2022-11-02

Added

• Added includeToday parameter to the /api/system/cluster/traffic API endpoint. graylog2-server#13633

Changed

• Changed page sizes for the Event Definitions overview to 10, 50, and 100. graylog2-server#13305 graylog2-server#13720
• Unified error responses for the lookup table API endpoints. graylog2-server#13623 graylog2-server#13649

Fixed

• Fixed Microsoft Teams notification to handle fields with colon characters. graylog2-server#1096 graylog2-server#1200 graylog2-server#1205
• Fixed problems with Sidecar content pack export and installation. graylog2-server#12778 graylog2-server#13632 graylog2-server#13645
• Fixed problem with the “Latest Value” aggregation widget. graylog2-server#13593 graylog2-server#13640
• Fixed authentication problem with proxied API endpoints when using trusted header authentication. graylog2-server#13721 graylog2-server#13735
• Fixed installation of Event Definition content packs that use a default stream. graylog2-server#7212 graylog2-server#13398
• Fixed CEF parser to allow bigger numerical values for number fields. graylog2-server#7371 graylog2-server#13812
• Allowed “Show Top Values” aggregation on enumerable compound fields. graylog2-server#13782

Security

• Fixed potential disclosure of field values from other streams in query field value suggestions. graylog2-server#13817
• Updated underscore package dependency of the API browser UI to 1.13.6. graylog2-server#13668
• The Docker base images have been updated to contain the fix for the OpenSSL CVE-2022-3602 and CVE-2022-3786. https://www.openssl.org/news/secadv/20221101.txt

Changelogs

• Graylog Server
• Graylog Operations

Let us know what you’d like to have included in our GitHub issue tracker.