Cribl v.4.1.2 and AppScope 1.3.3
It’s May, hi, 4.1.2 fixes the problem, it’s May (to the tune of TSwift’s Anti-hero ) Sorry everyone @here, we had to. It just fit so well. Even with Cribl v.4.1.2 being a “maintenance release”, the team managed to squeeze in a few new features as well as a ton of fixes.
AppScope 1.3.3 removes our support for two Go versions that the Go project no longer supports: 1.9 and 1.10. This makes the AppScope code less complicated and more robust. Related issue: #1452.
AppScope 1.3.3 was also able to solve the following:
- 1461 - In libc musl environments, attaching to an already-running but idle process now works normally
- 1412 - Node.js apps compiled as Position Independent Executables (PIE) no longer seg fault when scoped.
Edge now contains the Prometheus Edge Scraper source. Edge is edgier than ever before thanks to the new Prometheus Edge Scraper Source. In addition to the functionality already supported in the existing Prometheus Scraper, this Source is designed to work seamlessly in Kubernetes environments; and no longer uses internal jobs framework allowing it to handle large-scale Cribl Edge deployments.
We were also able to correct the follow:
- CRIBL 16227 The Bootstrap script now supports special characters.
- CRIBL 17107 The File Monitor Source can now detect logs in soft-linked directories.
- CRIBL-16370 Multiple File Monitor Sources can now be configured, with data capture enabled.
- SAAS-3981 Cribl Internal Source's CriblMetrics option is now available on Cribl-managed Cribl.Cloud Workers, as well as on-prem and hybrid Workers.
In Stream, there are 28 fixes, so it is worth checking out the release note. Plus the Docs team is amazing, so why not spend a little time with their work?
Security and Authorization Fixes
- CRIBL-12348 Encryption keys can now be generated using the AES-256‑GCM algorithm.
- CRIBL-14513 Corrected UI's incorrect display of certificates not present in the filesystem.
- CRIBL-17053 Corrected permissions error on teleported Workers when navigating to Routes.
- CRIBL-15416 Logs now clarify where bad decrypt errors originate.
For Search, we released Scheduled Searches! With Scheduled Searches, you can configure searches to run automatically at predetermined times, allowing you to analyze the results when you need them, without having to wait for the search to complete. In addition to viewing results locally in Search, you can automatically send the results to Cribl Stream using the send operator, enabling further routing and filtering of your data. Don’t forget out the update for Data Enrichment – Lookups. Lookups are CSV data tables that are referenced using the lookup operator to enrich your events. With Lookups, you can quickly and easily integrate external data to enhance your analysis and get more insights. Additionally, this helps streamline your analysis process, as you'll no longer need to manually search for additional data sources to enrich your events. They also added more Dataset Providers.
AppScope Release Notes: https://github.com/criblio/appscope/releases/tag/v1.3.3
Stream Release Notes:
Edge Release Notes: https://docs.cribl.io/edge/release-notes/release-v412
Search Release Notes: https://docs.cribl.io/search/release-notes