Graylog 4.3.15

Released: 2023-05-03

Fixed

• Fix overlay problem with data table header and dashboard tabs dropdown. graylog2-server#15073graylog2-server#15091

Graylog 4.3.14

Released: 2023-04-05

Changed

• Remove stack trace from the generic server error response. graylog2-server#14978

Fixed

• Fix Maxmind database types in cloud environment. graylog2-server#13911

• Fixed bug causing input status data not to be removed when an input was deleted. graylog2-server#14952graylog2-server#14954forwarder#99

• Avoid excessive index creation for AccessToken. graylog2-server#14926

• Sending new header on server response X-Content-Type-Options:nosniff.

• Fixes an off-by-one error that could result in an aggregation search failing silently. graylog2-server#15009

• Fixed CSV File adapter to only verify file read access graylog2-server#14998graylog2-server#15058

Graylog 4.3.13

Released: 2023-03-01

Fixed

• Improved CSV File Adapter error handling. graylog2-server#14670

• Escape $ properly when part of value that is added to query. graylog2-server#14692

Graylog 4.3.12

Released: 2023-02-01

Fixed

• Fix grouping in aggregation builder for fields which only exist in the All Events, All System Events or Processing and Indexing Failures stream. graylog2-server#14387graylog2-server#14404

• Reduce logging and add metric for "Couldn't remove default stream" warning. graylog2-server#14409

• Fixing missing offset handling in Legacy Searches. graylog2-server#14575

Graylog 4.3.11

Released: 2023-01-04

Changed

• Start JSON path value from HTTP API input on leader node only if Global option was selected in input configuration. graylog2-server#14074

Fixed

• Fixed properly escape event content for HTML email notifications. graylog2-server#11183graylog2-server#14286 (Thanks: zhu!)

• Fixed concatenation of query strings in export. graylog2-server#14268graylog2-server#14350

• Avoid vanishing grouping direction when dragged. graylog2-server#14277

Security

• Updated to FreeMarker 2.3.31 and used a more secure default configuration. graylog2-server#14354

Graylog 4.3.10

Released: 2022-12-14

Changed

• Mask custom properties for Kafka inputs on the inputs page to hide sensitive information. graylog2-server#13383graylog2-server#13873

Fixed

• Fix source field extraction for Beats version 8 and later. graylog2-server#13254graylog2-server#13895

• Fix performance regression on UDP inputs with newer Java versions. graylog2-server#13306graylog2-server#14005 (Thanks: @giangi)

• The pipeline function flatten_json can now respect the original JSON types. An optional parameter is provided for this to ensure backwards compatibility. graylog2-server#13888graylog2-server#13972

• Improve JVM security provider compatibility by switching to a widely supported cipher transformation. graylog2-server#14153graylog2-server#14193

• Fix connectivity check when Elasticsearch/OpenSearch is not available. graylog2-server#14063

• Triggering field types refetching upon search refresh. graylog2-server#14171

Graylog 4.3.9

Released: 2022-11-02

Added

• Add includeToday parameter to the /api/system/cluster/traffic API endpoint. graylog2-server#13633

Changed

• Change page sizes for the Event Definitions overview to 10, 50, and 100. graylog2-server#13305 graylog2-server#13720

• Unify error responses for the lookup table API endpoints. graylog2-server#13623 graylog2-server#13649

Fixed

• Fix Microsoft Teams notification to handle fields with colon characters. graylog2-server#1096 graylog2-server#1200 graylog2-server#1205

• Fix problems with Sidecar content pack export and installation. graylog2-server#12778 graylog2-server#13632 graylog2-server#13645

• Fix problem with "Latest Value" aggregation widget. graylog2-server#13593 graylog2-server#13640

• Fix authentication problem with proxied API endpoints when using trusted header authentication. graylog2-server#13721 graylog2-server#13735

• Fix installation of Event Definition content packs that use a default stream. graylog2-server#7212 graylog2-server#13398

• Fix CEF parser to allow bigger numerical values for number fields. graylog2-server#7371 graylog2-server#13812

• Allow "Show Top Values" aggregation on enumerable compound fields. graylog2-server#13782

Security

• Fix potential disclosure of field values from other streams in query field value suggestions. graylog2-server#13817

• Update underscore package dependency of the API browser UI to 1.13.6. graylog2-server#13668

Graylog 4.3.8

Released: 2022-10-05

Changed

• Change the default value for the elasticsearch_index_optimization_jobs config option to 10 to resolve an issue where index optimization could block message ingestion. graylog2-server#12025 graylog2-server#13521

Fixed

• Fix validation issue with dashboards. graylog2-server#13013 graylog2-server#13500

• Fix running Graylog on FIPS-enabled Red Hat Enterprise Linux. graylog2-server#13525 graylog2-server#13580

• Fix search query validation for invalid regular expression queries. graylog2-server#13594 graylog2-server#13595

• Fix --dump-default-config server command. graylog2-server#13507

Graylog 4.3.7

Released: 2022-09-16

Changed

• Open hyperlink decorator links in a new widow or tab. graylog2-server#13351

Fixed

• Fix disk calculation in message journal pre-flight check. graylog2-server#13454 graylog2-server#13470

• Fix error on the "show message" page for messages from a Forwarder.  graylog2-server#12485

• Adjust name of the "JSON path from HTTP API" input to clarify its use case. graylog2-server#13439

Security

• Update jQuery version used in the API browser to 3.6.1 to fix security vulnerabilities. (CVE-2012-6708, CVE-2015-9251, CVE-2019-11358, CVE-2020-11022, CVE-2020-11023, CVE-2020-7656) graylog2-server#13435

Graylog 4.3.6

Released: 2022-09-07

Added

• Add configuration setting to avoid rotating indices in empty index sets. graylog2-server#13028graylog2-server#13099

Fixed

• Fix close button on some modal UI components. graylog2-server#12479graylog2-server#12480
• Don't toggle the message details view when selecting the message text. graylog2-server#13259graylog2-server#13341
• Add migration to migrate PagerDuty event notifications from v1 to v2. graylog-plugin-integrations#1054graylog-plugin-integrations#1077

Graylog 4.3.5

Released: 2022-08-09

Added

• Fix Alert Notification content pack import error. graylog2-server#13197

Graylog 4.3.4

Released: 2022-08-03

Added

• Add ignore_migration_failures config file option to make it possible to skip problematic migrations during an upgrade. (Default is off and is not generally recommended.) graylog2-server#13053graylog2-server#13137
• Add automatic database reload to the GeoIP message processor. graylog2-server#13075graylog2-server#13106
• Add an optional default parameter to the set_field pipeline processing function. graylog2-server#5911graylog2-server#13132

Changed

• Automatically focus the first suggestion in search query input auto-completion. graylog2-server#6909graylog2-server#12991

Fixed

• Fix NullPointerException when sending email notifications without a configured sender. graylog2-server#12900graylog2-server#13055
• Fix field schema compatibility issue with the GeoIP message processor. graylog2-server#12909graylog2-server#13094
• Fix edit button on index set details page. graylog2-server#12997graylog2-server#13000
• Fix FetchError issue in search query validation. graylog2-server#13037graylog2-server#13089
• No longer renders inactive notifications. graylog2-server#13044
• Fix search query value suggestions when quoting is used. graylog2-server#13087

Security

• Add X-Frame-Options header to fix a potential clickjacking issue when the frontend is embedded into other pages with an iframe. graylog2-server#13160

Graylog 4.3.3

Released: 2022-07-06

Added

• Add max_index_retention_period config file option to enforce an upper limit for time-based index retention. graylog-plugin-cloud#1006graylog2-server#12905graylog2-server#12914

Fixed

• Display a system notification if message ingest for an active write index is blocked. graylog2-server#10930graylog2-server#12893
• Fix NullPointerException in IndexerClusterCheckerThread periodical job. graylog2-server#12858graylog2-server#12979
• Fix search query validation for field names containing a @ character. graylog2-server#12888graylog2-server#12924
• Fix field naming issue with GeoIP processor when schema enforcement is disabled. graylog2-server#12904graylog2-server#12930
• Fix problem with API incompatibility between Elasticsearch and OpenSearch when asking for the blocked status of indices. graylog2-server#12934

Graylog 4.3.2

Released: 2022-06-15

Added

• Add Microsoft Teams event notification plugin. graylog-plugin-integrations#1066

Removed

• Remove job scheduler debug API resource. graylog2-server#12884

Fixed

• Improve ES warning filter to avoid repetitive warnings in the server log. graylog2-server#12786graylog2-server#12866
• Fix NullPointerException for GeoIP message processor. graylog2-server#12788graylog2-server#12839
• Fix divide-by-zero exception in server pre-flight check. graylog2-server#12818graylog2-server#12820graylog2-server#12863
• Improve dashboard tab ordering. graylog2-server#12849

Graylog 4.3.1

Released: 2022-06-01

Fixed

• Fix search query validation for leading-wildcard queries. graylog2-server#12725graylog2-server#12727

Graylog 4.3.0

Released: 2022-05-25

Added

• Add option to update existing Grok patterns on bulk import. graylog2-server#11109graylog2-server#12174
• Add options to disable entity sharing with "everyone" and individual users. graylog2-server#11112graylog2-server#11620
• Extend search API to allow a query string in addition to a search object. graylog2-server#11257graylog2-server#11266
• Add time zone setting for email event notifications. graylog2-server#11418graylog2-server#11982
• Add search query validation in the UI. graylog2-server#11490graylog2-server#11502graylog2-server#11503graylog2-server#11534
• Add field value suggestions for search queries. graylog2-server#11491graylog2-server#11585graylog2-server#11787
• Add field type icon for the "ip" data type. graylog2-server#11699graylog2-server#11733
• Add user defined time zone support for message exports. graylog2-server#4523graylog2-server#9546graylog2-server#11734
• Run pre-flight checks for MongoDB and Elasticsearch on server startup. graylog2-server#5248graylog2-server#11889
• Add support for multiline search queries. graylog2-server#6530graylog2-server#11906
• Add a button to remove queued event notifications. graylog2-server#7096graylog2-server#12084
• Add latest-value metric to aggregation builder. graylog2-server#8296graylog2-server#11542
• Add flatten_json pipeline function to support parsing JSON arrays. graylog2-server#8706graylog2-server#11708
• Add depth parameter to parse_json pipeline function. graylog2-server#9021graylog2-server#11640
• Add visual indicator to allow users to see where pipeline rules are used. graylog2-server#9724graylog2-server#11474
• Add support for OpenSearch as a storage backend. graylog2-server#11435
• Add config file setting to allow the configuration of an upper limit for time based index rotation. graylog2-server#11501
• Allow the usage of this year/month/week in keyword time ranges. graylog2-server#11581
• Introduce a simplified version of the search API. graylog2-server#11666
• Add pagination and filtering to the processing pipeline rules page. graylog2-server#5688

Changed

• Several improvements to the built-in geoip lookup message processor. graylog-plugin-integrations#952graylog2-server#11854
• Persist input state to avoid automatic starting of manually stopped inputs after a server restart. graylog2-server#10955graylog2-server#11362
• Improve the key_value pipeline function to handle quoted values. graylog2-server#11731graylog2-server#4751graylog2-server#11738
• Stop processing further pipeline stages after drop_message getting called. graylog2-server#4855graylog2-server#11754
• Switch to cookie based API authentication for the frontend. graylog2-server#6831graylog2-server#11788
• Remove and/or replace the term master with the term leader to move towards more inclusive naming. graylog2-server#11766
• Improve server shutdown behavior in load balancer setups. graylog2-server#12221

Removed

• Remove database migrations that allow updates from pre-2.2 versions of Graylog. graylog2-server#11683

Fixed

• Improve content pack import to handle missing streams. graylog2-server#10008graylog2-server#10972
• Fix frontend DEV server proxying with large requests. graylog2-server#10645graylog2-server#11482
• Redirect to pipeline rules list when a rule doesn't exist anymore. graylog2-server#11044graylog2-server#11455
• Improve user experience when changing relative time ranges in the date picker. graylog2-server#11075graylog2-server#11302
• Fix date time formatter in charts for users without a configured timezone. graylog2-server#11341graylog2-server#12161
• Fix race condition in URL allow list form. graylog2-server#11345graylog2-server#11407
• Avoid the creation of unnecessary search objects on the default search page. graylog2-server#11372
• Fix index count on index set overview page to show the correct number of indices under management. graylog2-server#11375graylog2-server#11395
• Fix problem with keyword time range parsing in search. graylog2-server#11385graylog2-server#11386
• Fix issue with missing fields in the field selection of the aggregation builder. graylog2-server#11404graylog2-server#11405
• Fix timestamp values when adding them to the search query. graylog2-server#11429graylog2-server#12244
• Fix disappearing field selection in aggregation builder. graylog2-server#11433graylog2-server#11432
• Switch GitHub Action builds to the Eclipse Temurin JDK. graylog2-server#11467graylog2-server#11468
• Fix index field type poller handling on multiple nodes. graylog2-server#11504graylog2-server#11510
• Fix permission issue for permalinks to messages. graylog2-server#11540graylog2-server#11541
• Fix dashboard widget issues with non-english locales. graylog2-server#11596graylog2-server#11601graylog2-server#11637
• Improve error handling for message export. graylog2-server#11662graylog2-server#11728
• Fix page reload problem in API browser. graylog2-server#11802graylog2-server#12000
• Fix focus behavior of cloned widgets. graylog2-server#11918graylog2-server#12175
• Improve chart widget rendering when searching in all messages without any result. graylog2-server#12236graylog2-server#12242
• Ensure stable order for index rotation strategies in the drop-down UI. graylog2-server#12246graylog2-server#12247
• Fix user time zone issue when selecting time range from histogram widget. graylog2-server#12257graylog2-server#12277
• Fix filtering event definition list by ID. graylog2-server#12266graylog2-server#12336
• Fix validation of URL whitelist in event notification form. graylog2-server#12267graylog2-server#12344
• Fix URL validation in event notification. graylog2-server#12272graylog2-server#12295
• Fix DNS lookup for the https_proxy_uri to resolve dynamically. graylog2-server#6377graylog2-server#11813
• Fix name of button to delete a dashboard page. graylog2-server#7471graylog2-server#10403graylog2-server#12138
• Fix validation of pipeline stage numbers. graylog2-server#7591graylog2-server#11496
• Improve Ctrl+f/Command+f and Shift+Enter handling in the search query form. graylog2-server#7884graylog2-server#8348graylog2-server#11511
• Limit the vertical space consumed by the event definition filter preview. graylog2-server#7886graylog2-server#11512
• Fix validation of saved searches and dashboards. graylog2-server#8257graylog2-server#11292
• Unlock event definition jobs after a server crash to make sure they continue to execute. graylog2-server#8612graylog2-server#11249
• Fix several issues related to changing or deleting stream outputs. graylog2-server#8714graylog2-server#11531graylog2-server#10199graylog2-server#12195
• Fix search to adhere to the query time range limit again. graylog2-server#9487graylog2-server#11297
• Improve consistency for the logged in indicator on the user details page. graylog2-server#9499graylog2-server#11481
• Improve error messages when searches or dashboards fail to load. graylog2-server#11371
• Fix race condition when installing content packs. graylog2-server#11413
• Improve message field type detection. graylog2-server#11778
• Improve field name completion performance on the search page. graylog2-server#11930graylog2-server#12110
• Fix reliability of scroll queries by disabling search highlighting for those. graylog2-server#12225
• Improve absolute time range defaults in date picker based on user time zone. graylog2-server#12248

Graylog 4.2.12

Released: 2022-08-09

Core

Added

• Add auto focus of the first suggestion in query input autocompletion. graylog2-server#12991

Graylog 4.2.11

Released: 2022-07-06

No changes since 4.2.10.

Graylog 4.2.10

Released: 2022-06-15

Core

Removed

• Remove job scheduler debug API resource. graylog2-server#12884

Graylog 4.2.9

Released: 2022-05-04

Core

Fixed

• Fix pie chart widget legend field matching. Graylog2/graylog2-server#12510Graylog2/graylog2-server#12594

Graylog 4.2.8

Released: 2022-04-12

Core

Added

• Introduce service account flag for user objects. Graylog2/graylog2-server#12405

Changed

• Convert built-in sidecar user to service account.

Fixed

• Fix issue with adding new sorts to aggregation widgets. Graylog2/graylog2-server#12427
• Fix value alignment in number visualization. Graylog2/graylog2-server#12424
• Fix updating timerange URL parameter when selecting a range in the histogram widget with the cursor. Graylog2/graylog2-server#11388Graylog2/graylog2-server#12306
• Disable search highlighting for scroll queries to improve performance and fix an issue with large messages. Graylog2/graylog2-server#12225
• Don’t auto-start stopped inputs on server restart. Graylog2/graylog2-server#10955Graylog2/graylog2-server#11362

Security

• Fix DEBUG logging of access token. Graylog2/graylog2-server#12395

Graylog 4.2.7

Released: 2022-03-02

Core

Fixed

• Improve search page rendering performance with a high number of message fields. Graylog2/graylog2-server#11930Graylog2/graylog2-server#12162
• Fix field order in CSV export. Graylog2/graylog2-server#12006Graylog2/graylog2-server#12186
• Improve download link handling for the Microsoft Edge browser. Graylog2/graylog2-server#12194
• Fix referential integrity issue when moving widgets between dashboards. Graylog2/graylog2-server#12185
• Fix issue with highlighting boolean field values in search. Graylog2/graylog2-server#11985Graylog2/graylog2-server#12210

Graylog 4.2.6

Released: 2022-02-02

Core

Security

• Update “marked” markdown parser dependency to fix two denial of service issues (only affects the UI, not the server). Graylog2/graylog2-server#11995GHSA-5v2h-r2cx-5xgjGHSA-rrrm-qjm4-v8hf

Integrations Plugin

No changes since 4.2.5

Graylog 4.2.5

Released: 2022-01-05

Core

• Updates Log4J to 2.17.1. Graylog2/graylog2-server#11897
• Updates PropTypes of ConfirmDialog for btnConfirmText and btnConfirmCancelText. Graylog2/graylog2-server#11916
• Prevents infinite recursion when serializing IpAddress. Graylog2/graylog2-server#11847
• Preserves build metadata in graylog version. Graylog2/graylog2-server#11872
• Performs message timestamp conversion after processing. Graylog2/graylog2-server#11915

Integrations Plugin

• Adds riot field to GreyNoise QuickIp lookup adapter. Graylog2/graylog-plugin-integrations#958
• Check for reserved IP addresses in GreyNoise Community IP Lookup Adapter. Graylog2/graylog-plugin-integrations#960

Graylog 4.2.4

Released: 2021-12-16

Core

Security

• Fix log4j CVE-2021-45046 by updating the library to 2.16.0. Graylog2/graylog2-server#11832

Integrations Plugin

No changes since 4.2.3.

Graylog 4.2.3

Released: 2021-12-10

Core

Fixed

• Fix extractor date converters. Graylog2/graylog2-server#11495Graylog2/graylog2-server#11750

Security

• Fix log4j CVE-2021-44228. Graylog2/graylog2-server#11786

Integrations Plugin

No changes since 4.2.2.

Graylog 4.2.2

Released: 2021-12-01

Core

Added

• Add elasticsearch_max_write_index_age config setting to set an upper limit for the time based rotation strategy. Graylog2/graylog2-server#11648
• Add UI configuration to disable sharing entities with “everyone” and individual users. Graylog2/graylog2-server#11112Graylog2/graylog2-server#11620

Fixed

• Fix browser locale related issue with dashboard widgets. Graylog2/graylog2-server#11596Graylog2/graylog2-server#11637
• Fix backwards compatibility for area chart widgets. Graylog2/graylog2-server#11611Graylog2/graylog2-server#11610
• Fix problem with rendering shares when entities have been shared with “everyone”. Graylog2/graylog2-server#11697Graylog2/graylog2-server#11698

Integrations Plugin

Added

• Add a GreyNoise lookup adapter. Graylog2/graylog-plugin-integrations#940

Graylog 4.2.1

Released: 2021-11-03

Core

Fixed

• Fix potential issue with duplicate index field type updates. Graylog2/graylog2-server#11504Graylog2/graylog2-server#11552
• Fix permission issue with permalink to single messages. Graylog2/graylog2-server#11540Graylog2/graylog2-server#11541
• Allow aggregation on fields which exist as keyword and text types in different indices. Graylog2/graylog2-server#11535
• Use correct data_dir setting to store native libraries. Graylog2/graylog2-server#11543Graylog2/graylog2-server#11571
• Fix issue where the first day on the traffic graph didn’t show the full day traffic value. Graylog2/graylog2-server#11546

Integrations Plugin

Added

• Allow the usage of templates in the channel name for the Slack plugin. Graylog2/graylog-plugin-integrations#927

Fixed

• Add timezone setting to PaloAlto inputs to fix timestamp parsing. Graylog2/graylog-plugin-integrations#931Graylog2/graylog-plugin-integrations#933

Graylog 4.2.0

Released: 2021-10-13

Search

• Keyword From/To search breaking change to prior semantics: alignment of the interval for e.g. "last monday" to the start/end of the day instead of a time in the day. Also, the interval ends the next day at 00:00:00. https://graylog2/graylog2-server#10291

Core

Added

• Introduce feature flags to aid product development. Graylog2/graylog2-server#11070
• Add API endpoint to change log level for all nodes in the cluster. Graylog2/graylog2-server#10882
• Add pagination for pipelines. Graylog2/graylog2-server#5686

Changed

• Move edit button out of widget actions dropdown menu. Graylog2/graylog2-server#10927
• Deprecate API endpoint to shut down a node. Graylog2/graylog2-server#10668Graylog2/graylog2-server#10986
• Include search/dashboard title in document title. Graylog2/graylog2-server#11172
• Shorten widget titles with ellipsis when overflowing available space. Graylog2/graylog2-server#11185
• Hide search action “Export to dashboard” for users who are not allowed to create dashboards. Graylog2/graylog2-server#11262
• Simplify search API for scripting. Graylog2/graylog2-server#11247

Removed

• Remove deprecated legacy view permissions extendedsearch:use and view:use.
• Remove irrelevant forwarder client-side metrics from Prometheus exporter. Graylog2/graylog2-server#10964
• Remove graceful node shutdown menu entry. The API endpoint still exists but is deprecated. Graylog2/graylog2-server#11129

Fixed

• Fix problem with login form and 3rd party authentication providers. Graylog2/graylog2-server#10860
• Improve spacing in data table widget. Graylog2/graylog2-server#7429Graylog2/graylog2-server#10814
• Fix widget titles with long values. Graylog2/graylog2-server#10919
• Fix event notification selection for “Event Definition Creator” and “Event Notification Creator” roles. Graylog2/graylog2-server#10703 (Thanks @FlorinPeter)
• Fix forwarder metric names. Graylog2/graylog2-server#10964
• Fix issue with default heatmap widget configuration. Graylog2/graylog2-server#10967Graylog2/graylog2-server#10928Graylog2/graylog2-server#10978
• Fix pretty printing of JSON for API responses. Graylog2/graylog2-server#10906Graylog2/graylog2-server#10934
• Fix read handling of corrupted journal segments. Graylog2/graylog2-server#9305Graylog2/graylog2-server#9378
• Fix problem with traffic data storage. Graylog2/graylog2-server#9559Graylog2/graylog2-server#11176
• Fix warning about SO_RCVBUF sizes when starting an input. Graylog2/graylog2-server#7720Graylog2/graylog2-server#11195
• Fix loading spinner position in widget header. Graylog2/graylog2-server#11258
• Improve natural date parser for search timeranges. Graylog2/graylog2-server#10291Graylog2/graylog2-server#11391
• Fix indexing retries if ES cluster is without coordinator node. Graylog2/graylog2-server#10440Graylog2/graylog2-server#11317
• Improve debugging for invalid GELF messages by providing a log message on TRACE level. Graylog2/graylog2-server#11360

Graylog 4.1.14

Released: 2022-04-12

Core

Added

• Introduce service account flag for user objects. Graylog2/graylog2-server#12405

Changed

• Convert built-in sidecar user to service account.

Fixed

• Fix issue with adding new sorts to aggregation widgets. Graylog2/graylog2-server#12427
• Fix value alignment in number visualization. Graylog2/graylog2-server#12424
• Fix updating timerange URL parameter when selecting a range in the histogram widget with the cursor. Graylog2/graylog2-server#11388Graylog2/graylog2-server#12306
• Disable search highlighting for scroll queries to improve performance and fix an issue with large messages. Graylog2/graylog2-server#12225

Security

• Fix DEBUG logging of access token. Graylog2/graylog2-server#12395

Graylog 4.1.13

Released: 2022-03-02

Core

Fixed

• Improve search page rendering performance with a high number of message fields. Graylog2/graylog2-server#11930Graylog2/graylog2-server#12162
• Fix field order in CSV export. Graylog2/graylog2-server#12006Graylog2/graylog2-server#12186
• Improve download link handling for the Microsoft Edge browser. Graylog2/graylog2-server#12194
• Fix referential integrity issue when moving widgets between dashboards. Graylog2/graylog2-server#12185
• Fix issue with highlighting boolean field values in search. Graylog2/graylog2-server#11985Graylog2/graylog2-server#12210

Graylog 4.1.12

Released: 2022-02-02

Core

Security

• Update “marked” markdown parser dependency to fix two denial of service issues (only affects the UI, not the server). Graylog2/graylog2-server#11995GHSA-5v2h-r2cx-5xgjGHSA-rrrm-qjm4-v8hf

Integrations Plugin

No changes since 4.1.11

Graylog 4.1.11

Released: 2022-01-05

Core

• Updates Log4J to 2.17.1. Graylog2/graylog2-server/pull/11897
• Prevents infinite recursion when serializing IpAddress. Graylog2/graylog2-server#11848

Integrations Plugin

No changes since 4.1.10

Graylog 4.1.10

Released: 2021-12-16

Core

Security

• Fix log4j CVE-2021-45046 by updating the library to 2.16.0. Graylog2/graylog2-server#11832

Integrations Plugin

No changes since 4.1.9.

Graylog 4.1.9

Released: 2021-12-10

Core

Security

• Fix log4j CVE-2021-44228. Graylog2/graylog2-server#11786

Integrations Plugin

No changes since 4.1.8.

Graylog 4.1.8

Released: 2021-12-01

Core

Added

• Add UI configuration to disable sharing entities with “everyone” and individual users. Graylog2/graylog2-server#11112Graylog2/graylog2-server#11620

Fixed

• Fix browser locale related issue with dashboard widgets. Graylog2/graylog2-server#11596Graylog2/graylog2-server#11637
• Fix backwards compatibility for area chart widgets. Graylog2/graylog2-server#11611Graylog2/graylog2-server#11610
• Fix problem with rendering shares when entities have been shared with “everyone”. Graylog2/graylog2-server#11697Graylog2/graylog2-server#11698

Graylog 4.1.7

Released: 2021-11-03

Core

Fixed

• Fix potential issue with duplicate index field type updates. Graylog2/graylog2-server#11504Graylog2/graylog2-server#11552
• Allow aggregation on fields which exist as keyword and text types in different indices. Graylog2/graylog2-server#11535
• Use correct data_dir setting to store native libraries. Graylog2/graylog2-server#11543Graylog2/graylog2-server#11571
• Fix issue where the first day on the traffic graph didn’t show the full day traffic value. Graylog2/graylog2-server#11546

Integrations Plugin

Added

• Allow the usage of templates in the channel name for the Slack plugin. Graylog2/graylog-plugin-integrations#927

Fixed

• Add timezone setting to PaloAlto inputs to fix timestamp parsing. Graylog2/graylog-plugin-integrations#931Graylog2/graylog-plugin-integrations#933

Graylog 4.1.6

Released: 2021-10-06

Core

Fixed

• Fix potential race condition in traffic accounting. Graylog2/graylog2-server#11248Graylog2/graylog2-server#11296
• Fix permissions for alert events when event definitions don’t select streams. Graylog2/graylog2-server#11301Graylog2/graylog2-server#11303
• Fix system stats with MongoDB >= 4.4. Graylog2/graylog2-server#11357
• Fix index counts on index sets page. Graylog2/graylog2-server#11375Graylog2/graylog2-server#11357
• Fix race condition with multiple search executions. Graylog2/graylog2-server#11428

Graylog 4.1.5

Released: 2021-09-13

Core

Fixed

• Do not set ‘to’ when setting TimeRange to ‘All Time’, fixes an error when changing time ranges. Graylog2/graylog2-server#11017Graylog2/graylog2-server#11090
• Exclude non-data nodes from ES floodgate checks Graylog2/graylog2-server#11106Graylog2/graylog2-server#11125
• Fix resolving alias target for index sets with plus in prefix on ES6. Graylog2/graylog2-server#11142Graylog2/graylog2-server#11153
• Display Tooltips by default Graylog2/graylog2-server#11130Graylog2/graylog2-server#11138
• Fix race condition in message details related to uninitialized nodes store. Graylog2/graylog2-server#11226
• Cleanup permission grants for deleted users. Graylog2/graylog2-server#10385Graylog2/graylog2-server#11265

Graylog 4.1.4

Released: 2021-09-01

Core

Fixed

• Do not set ‘to’ when setting TimeRange to ‘All Time’, fixes an error when changing time ranges. Graylog2/graylog2-server#11017Graylog2/graylog2-server#11090
• Exclude non-data nodes from ES floodgate checks Graylog2/graylog2-server#11106Graylog2/graylog2-server#11125
• Fixing resolving alias target for index sets with plus in prefix on ES6. Graylog2/graylog2-server#11142Graylog2/graylog2-server#11153
• Display Tooltips by default Graylog2/graylog2-server#11130Graylog2/graylog2-server#11138
• Fix race condition in message details related to uninitialized nodes store. Graylog2/graylog2-server#11226

Graylog 4.1.3

Released: 2021-08-04

Core

Fixed

• Fix pagination and search on the streams overview page. Graylog2/graylog2-server#11091Graylog2/graylog2-server#11100

Graylog 4.1.2

Released: 2021-07-28

Core

Security

Session ID leak in Graylog DEBUG log file and audit log.

We recently discovered a session ID leak in the Graylog DEBUG log file as well as the audit log. A user can use a session ID to authenticate against Graylog and then this user has access to all the permissions associated with the owner of the session ID.

The ID was printed in DEBUG level log messages (DEBUG is not enabled by default) as well as the Graylog Enterprise Audit Log. By default, the Graylog Audit Log is only logging to the local database and only accessible by Graylog administrators.

We would like to thank David Herbstmann for discovering and responsibly disclosing this vulnerability.

The following CVE IDs have been assigned: CVE-2021-37759, CVE-2021-37760

Fixed

• Fix confusing dependencies warning when sharing searches. Graylog2/graylog2-server#11021Graylog2/graylog2-server#11027
• Fix index retries with connection failures to Elasticsearch 7 nodes. Graylog2/graylog2-server#11045Graylog2/graylog2-server#11057

Graylog 4.1.1

Released: 2021-07-07

Core

Fixed

• Fix loading of streams page in some edge cases. Graylog2/graylog2-server#10514Graylog2/graylog2-server#10943
• Fix forwarder metrics definitions for Prometheus exporter. Graylog2/graylog2-server#10976
• Fix API browser for some setups. Graylog2/graylog2-server#10952Graylog2/graylog2-server#10981
• Allow usage of insecure TLS ciphers for communication with legacy systems when setting enabled_tls_protocols  to TLS versions < 1.2. Graylog2/graylog2-server#10944Graylog2/graylog2-server#10985
• Fix pretty printing JSON responses when requested. Graylog2/graylog2-server#10906Graylog2/graylog2-server#10993
• Fix issue when trying to modify heatmap widgets that have been created with older versions of Graylog. Graylog2/graylog2-server#10928Graylog2/graylog2-server#10967Graylog2/graylog2-server#10987

Graylog 4.1.0

Released: 2021-06-23

Core

Added

• Allow users to focus widgets in a search and on dashboards. Graylog2/graylog2-server#9711
• Add HTML body support to email notifications. Graylog2/graylog2-server#4569Graylog2/graylog2-server#9790 (Thanks @radykal-com!)
• Improved date/time picker for the search page and widgets. Graylog2/graylog2-server#9569
• Support custom chart legends and value actions in widgets. Graylog2/graylog2-server#6612Graylog2/graylog2-server#7207Graylog2/graylog2-server#9844
• Allow highlighting of dates and boolean values. Graylog2/graylog2-server#9835Graylog2/graylog2-server#10000
• Add static/gradient color options to value highlighting. Graylog2/graylog2-server#10033
• Add color scale configuration options for heatmap widget. Graylog2/graylog2-server#9836
• Support for connecting to newer Kafka clusters. Graylog2/graylog2-server#7101Graylog2/graylog2-server#7783Graylog2/graylog2-server#9927Graylog2/graylog2-server#10146
• Support IPinfo databases in GeoIP lookup data adapter. Graylog2/graylog2-server#10183
• Add elasticsearch_mute_deprecation_warnings config option to disable Elasticsearch related deprecation warnings. Graylog2/graylog2-server#9822Graylog2/graylog2-server#10163Graylog2/graylog2-server#10239
• Vastly improved search aggregation builder. Graylog2/graylog2-server#9742Graylog2/graylog2-server#10212Graylog2/graylog2-server#10281Graylog2/graylog2-server#10293Graylog2/graylog2-server#10301
• Add allowed_auxiliary_paths config option to optionally restrict file system access for the CSV File data dapter. Graylog2/graylog2-server#10244
• Add timerange indicator to widgets. Graylog2/graylog2-server#7358Graylog2/graylog2-server#10508
• Allow filtering for entity ID in pagination. Graylog2/graylog2-server#10537
• Add built-in Prometheus exporter. Graylog2/graylog2-server#10767

Changed

Also see: 4.1 upgrade notes

• Only show API tokens once after their creation. Graylog2/graylog2-server#9124Graylog2/graylog2-server#9746
• Replace sigar library with OSHI for collecting system stats. Graylog2/graylog2-server#6056Graylog2/graylog2-server#9840 (Thanks @desiderantes!)
• Due to the sigar to OSHI migration, the disable_sigar config option has been renamed to disable_native_system_stats_collector .
• Creating users is now using separate fields for firstname and lastname. Graylog2/graylog2-server#10074
• Use more secure TLS default ciphers. Graylog2/graylog2-server#10653
• Use relative URLs for web interface assets served by the Graylog server to improve reverse proxy setups. Graylog2/graylog2-server#10632Graylog2/graylog2-server#10267Graylog2/graylog2-server#10726
• Graylog doesn’t stop on startup anymore but tries to reconnect when Elasticsearch version probing is enabled but the cluster is unreachable.

Fixed

• Fix behavior of “Apply” for new pipeline rules. Graylog2/graylog2-server#9340
• Improved authentication failure messages. Graylog2/graylog2-server#9500
• Return 400 when modifying a user with invalid role names. Graylog2/graylog2-server#9722Graylog2/graylog2-server#5082Graylog2/graylog2-server#4655 (Thanks @radykal-com!)
• Fix notification when updating a user. Graylog2/graylog2-server#9731
• Fix issue when re-using a pipeline stage number. Graylog2/graylog2-server#6806Graylog2/graylog2-server#9911
• Improved indexing retries. Graylog2/graylog2-server#9852Graylog2/graylog2-server#9961
• Fix race condition when loading pipeline rule editor. Graylog2/graylog2-server#9341Graylog2/graylog2-server#10070
• Avoid triggering duplicate search executions when focusing widgets. Graylog2/graylog2-server#8421Graylog2/graylog2-server#9467Graylog2/graylog2-server#10053
• Show warning when moving away from the pipeline rule editor without saving. Graylog2/graylog2-server#8650Graylog2/graylog2-server#10073
• Improve server startup speed. Graylog2/graylog2-server#10005
• Keep title when copying widget from search to dashboard. Graylog2/graylog2-server#10003Graylog2/graylog2-server#10189
• Improve Java 11 compatibility. Graylog2/graylog2-server#7223Graylog2/graylog2-server#9802Graylog2/graylog2-server#10194
• Improve readybility of numeric values in data tables. Graylog2/graylog2-server#7831Graylog2/graylog2-server#10195
• Fix content-pack auto installation. Graylog2/graylog-docker#153Graylog2/graylog2-server#10216
• Improve buffer draining during server shutdown. Graylog2/graylog2-server#10247
• Fix message table scrolling on smaller screens. Graylog2/graylog2-server#8920Graylog2/graylog2-server#10276
• Fix problem with auto-generated TLS certificates. Graylog2/graylog2-server#9958Graylog2/graylog2-server#10400
• Improve logging for processing errors. Graylog2/graylog2-server#10421
• Scope message backlog in aggregation alerts. Graylog2/graylog2-server#6381Graylog2/graylog2-server#10483
• Improve search page layout to provide more space for content. Graylog2/graylog2-server#10518
• Improve saved search overview UI. Graylog2/graylog2-server#10541
• Improve error messages for errors in pipeline rule execution. Graylog2/graylog2-server#10526 10528
• Fix problem where message processing could block when updating outputs. Graylog2/graylog2-server#10168Graylog2/graylog2-server#10584
• Improve timezone handling for keyword timerages. Graylog2/graylog2-server#10290
• Improve search and dashboard tab positioning on smaller screens. Graylog2/graylog2-server#10371
• Improve API browser model content. Graylog2/graylog2-server#10637
• Improve search bar responsiveness. Graylog2/graylog2-server#10652
• Avoid buffering complete export responses in browser. Graylog2/graylog2-server#10602Graylog2/graylog2-server#10617
• Fix lookup table cache purging in distributed setup. Graylog2/graylog2-server#9554Graylog2/graylog2-server#10605
• Fix group selection on filtered entities when creating or updating a content-pack. Graylog2/graylog2-server#10731
• Fix rendering of the traffic graph in “System/Overview”. Graylog2/graylog2-server#10730
• Fix case issue on the user details and edit pages. Graylog2/graylog2-server#10687Graylog2/graylog2-server#10700
• Fix sorting on stream overview page. Graylog2/graylog2-server#10754
• Improve Elasticsearch version probing on server startup. Graylog2/graylog2-server#10651
• Prevent JSON Path Input from stopping on non-2xx responses. Graylog2/graylog2-server#9941Graylog2/graylog2-server#10717 (Thanks @MPreloaded!)
• Fix race condition in lookup data adapter and cache lifecycle. Graylog2/graylog2-server#10753Graylog2/graylog2-server#10815
• Improve Elasticsearch flood stage handling. Graylog2/graylog2-server#10889

Integrations Plugin

Added

• Greynoise data adapter. Graylog2/graylog-plugin-integrations#760

Graylog 4.0.17

Released: 2022-07-06

No changes since 4.0.16.

Graylog 4.0.16

Released: 2022-04-12

Core

Added

• Introduce service account flag for user objects. Graylog2/graylog2-server#12405

Changed

• Convert built-in sidecar user to service account.

Security

• Fix DEBUG logging of access token. Graylog2/graylog2-server#12395

Graylog 4.0.15

Released: 2021-12-16

Core

Security

• Fix log4j CVE-2021-45046 by updating the library to 2.16.0. Graylog2/graylog2-server#11814

Integrations Plugin

No changes since 4.0.14.

Graylog 4.0.14

Released: 2021-12-10

Core

Fixed

• Ensure that aggregation events always have a source_streams field for permission checks. Graylog2/graylog2-server#6876Graylog2/graylog2-server#6877
• Fix permissions for alert events when event definitions don’t select streams. Graylog2/graylog2-server#11301Graylog2/graylog2-server#11303
• Fix potential issue with duplicate index field type updates. Graylog2/graylog2-server#11504Graylog2/graylog2-server#11552
• Fix issue where the first day on the traffic graph didn’t show the full day traffic value. Graylog2/graylog2-server#11575

Security

• Fix log4j CVE-2021-44228. Graylog2/graylog2-server#11786

Integrations Plugin

No changes since 4.0.13.

Graylog 4.0.13

Released: 2021-09-13

Core

Fixed

• Fix resolving alias target for index sets with plus in prefix on ES6. Graylog2/graylog2-server#11142Graylog2/graylog2-server#11153
• Cleanup permission grants for deleted users. Graylog2/graylog2-server#10385Graylog2/graylog2-server#11265

Graylog 4.0.12

Released: 2021-09-01

Core

Fixed

• Fixing resolving alias target for index sets with plus in prefix on ES6. Graylog2/graylog2-server#11142Graylog2/graylog2-server#11153

Graylog 4.0.11

Released: 2021-08-04

Core

Fixed

• Fix count and grand_total values in search/dashboard pagination. Graylog2/graylog2-server#11034

Graylog 4.0.10

Released: 2021-07-28

Core

Security

Session ID leak in Graylog DEBUG log file and audit log.

We recently discovered a session ID leak in the Graylog DEBUG log file as well as the audit log. A user can use a session ID to authenticate against Graylog and then this user has access to all the permissions associated with the owner of the session ID.

The ID was printed in DEBUG level log messages (DEBUG is not enabled by default) as well as the Graylog Enterprise Audit Log. By default, the Graylog Audit Log is only logging to the local database and only accessible by Graylog administrators.

We would like to thank David Herbstmann for discovering and responsibly disclosing this vulnerability.

The following CVE IDs have been assigned: CVE-2021-37759, CVE-2021-37760

Graylog 4.0.9

Released: 2021-07-07

Core

Fixed

• Fix Elasticsearch flood-stage handling. Graylog2/graylog2-server#10887Graylog2/graylog2-server#10897
• Fixing shared entities overview filter for saved searches. Graylog2/graylog2-server#10878Graylog2/graylog2-server#10893
• Fix loading of streams page in some edge cases. Graylog2/graylog2-server#10514Graylog2/graylog2-server#10942

Graylog 4.0.8

Released: 2021-06-02

Core

Fixed

• Don’t run index jobs for missing indices. Graylog2/graylog2-server#10444
• Fix user sessions not timing out. Graylog2/graylog2-server#10578Graylog2/graylog2-server#10577

Integrations Plugin

Fixed

• Fix problem with PaloAlto timestamp handling. Graylog2/graylog-plugin-integrations#816

Graylog 4.0.7

Released: 2021-05-05

Core

Changed

• Log failed messages and full stack trace on processing errors when DEBUG is enabled. Graylog2/graylog2-server#10319Graylog2/graylog2-server#10421

Fixed

• Correctly display ES cluster status in the user interface. Graylog2/graylog2-server#10407Graylog2/graylog2-server#10428
• Fix sharing of streams that have outputs attached. Graylog2/graylog2-server#10443
• Allow using the same LDAP/AD attributes for different config settings. Graylog2/graylog2-server#10069Graylog2/graylog2-server#10437
• Support + character in index prefixes for index sets. Graylog2/graylog2-server#10392
• Encode usernames that are used in URLs. Graylog2/graylog2-server#10530Graylog2/graylog2-server#10566

Graylog 4.0.6

Released: 2021-04-07

Core

Fixed

• Fix rendering of trend color in report generation Graylog2/graylog2-server#10154
• Update Kafka client to 2.7.0 Graylog2/graylog2-server#10184
• Fix content-pack auto installation Graylog2/graylog2-server#10237
• Initialize ES7 client and sniffer lazily Graylog2/graylog2-server#10292
• Fix permission check for notifications in event definitions Graylog2/graylog2-server#10381

Graylog 4.0.5

Released: 2021-02-22

Core

Fixed

• Prevent NullPointerException in index optimization job Graylog2/graylog2-server#10119

Graylog 4.0.4

Released: 2021-02-22

Core

Fixed

• Fixing counting of messages in index for ES7 Graylog2/graylog2-server#10094
• Provide a timeout for request when optimizing index in ES7 Graylog2/graylog2-server#10098
• Add missing GRN type for outputs Graylog2/graylog2-server#10108

Integrations Plugin

Fixed

• Refactor PaloAltoTypeParser to improve performance Graylog2/graylog-plugin-integrations#737

Graylog 4.0.3

Released: 2021-02-16

Core

Fixed

• Fix search export to dashboard when running with a proxy and a path prefix. Graylog2/graylog2-server#9991Graylog2/graylog2-server#9989
• Fix moving widgets to a different tab when they have been copied from a dashboard. Graylog2/graylog2-server#9778Graylog2/graylog2-server#10007
• Fix potential MongoDB performance issue. Graylog2/graylog2-server#10043Graylog2/graylog2-server#10046

Integrations Plugin

Added

• Initial support for parsing USERID log type in PaloAlto 9.x inputs. Graylog2/graylog2-server#729

Graylog 4.0.2

Released: 2021-01-27

Core

Added

• Show field sort icons in message table. Graylog2/graylog2-server#9775

Fixed

• Fix missing buttons on sidecars page. Graylog2/graylog2-server#9677Graylog2/graylog2-server#9682
• Fix missing microseconds in timestamps in the message table. Graylog2/graylog2-server#9604Graylog2/graylog2-server#9698
• Fix notification when updating a user. Graylog2/graylog2-server#9733
• Keep tab order when installing a dashboard from a content pack. Graylog2/graylog2-server#8264Graylog2/graylog2-server#9812
• Allow users to change their own timezone again. Graylog2/graylog2-server#9814
• Fix search query parsing with $ characters. Graylog2/graylog2-server#9497Graylog2/graylog2-server#9877
• Fix issue on streams page which legacy alert receivers present. Graylog2/graylog2-server#9637Graylog2/graylog2-server#9785
• Fix page size change selector on content packs page. Graylog2/graylog2-server#9629Graylog2/graylog2-server#9875
• Fix state problem with pipeline stage selection. Graylog2/graylog2-server#6806Graylog2/graylog2-server#9916
• Retry Elasticsearch requests on socket timeouts. Graylog2/graylog2-server#9922
• Fix date format specifiers in index mapping templates to avoid deprecation warnings. Graylog2/graylog2-server#9690Graylog2/graylog2-server#9948
• Reset stream rule form after sucessful rule creation. Graylog2/graylog2-server#9956Graylog2/graylog2-server#9968
• Fix pipeline rule syntax highlighting issues. Graylog2/graylog2-server#9250Graylog2/graylog2-server#9976
• Fix error using apply and then save & close on a new pipeline rule. Graylog2/graylog2-server#9252Graylog2/graylog2-server#9976
• Retry bulk indexing if index alias has invalid target(s) instead of dropping the messages. Graylog2/graylog2-server#9955Graylog2/graylog2-server#9962Graylog2/graylog2-server#9978

Legacy Collector Plugin

Fixed

• Fix collectors table styling. Graylog2/graylog-plugin-collector#172

Threatintel Plugin

Changed

• Deprecated ransomware data adapter because the service has been shutdown in 2019. Graylog2/graylog-plugin-threatintel/#183

Graylog 4.0.1

Released: 2020-11-25

Core

Fixed

• Fix incorrect support link in the UI. Graylog2/graylog2-server#9527
• Updates to Graylog Schema. Graylog2/graylog2-server#9556
• Fix an issue when running Graylog on Amazon Elasticsearch Service. Graylog2/graylog2-server#9599
• Fix problem with sharing dashboards and searches. Graylog2/graylog2-server#9525Graylog2/graylog2-server#9594
• Fix share button for event definitions. Graylog2/graylog2-server#9603
• Fix pagination of synced user accounts in authentication overview. Graylog2/graylog2-server#9606
• Fix link to the sidecar user’s API token management on the sidecars page. Graylog2/graylog2-server#9613
• Fix scratchpad text area colors in dark mode. Graylog2/graylog2-server#9607Graylog2/graylog2-server#9614

Integrations Plugin

Fixed

• Add message backlog limit to Slack plugin. Graylog2/graylog-plugin-integrations#659
• Add Discord support to Slack plugin. Graylog2/graylog-plugin-integrations#665
• Update Palo Alto input to support PANOS v10 schemas Graylog2/graylog-plugin-integrations#658

Threatintel Plugin

Fixed

• Improve WHOIS data adapter parsing. Graylog2/graylog-plugin-threatintel#181

Graylog 4.0.0

Released: 2020-11-18

Core

Added

• Add dark theme mode. Graylog2/graylog2-server#8718
• Add support for Elasticsearch version 7.
• Add improved entity sharing system for streams, searches, dashboards and event definitions.
  • See: Permission Management
• Add trusted header authentication support to replace legacy SSO authentication plugin. Graylog2/graylog2-server#9278
• Add support for disabling user accounts. Graylog2/graylog2-server#9374Graylog2/graylog2-server#9077
• Add pagination to stream overview page. Graylog2/graylog2-server#5675
• Add pagination to grok pattern overview page. Graylog2/graylog2-server#5683
• Add support for editing title, description and summary of a saved search. Graylog2/graylog2-server#8084
• Make it possible to move widgets between dashboard tabs. Graylog2/graylog2-server#8236Graylog2/graylog2-server#8152
• Make it possible to display the search page sidebar inline. Graylog2/graylog2-server#8294Graylog2/graylog2-server#7860
• Add facility_num field to Syslog messages. Graylog2/graylog2-server#8394 (Thanks @huksley)
• Format numbers in data table/plots with decimal comma. Graylog2/graylog2-server#9318
• Add close button to user notifications. Graylog2/graylog2-server#9345

Changed

Also see: 4.0 upgrade notes

• Replace role based stream, search and dashboard sharing with a new entity sharing system.
  • See: Permission Management
• Change /users resource to use the user ID instead of the user name as parameter.
• Disable CORS support by default. Graylog2/graylog2-server#8070
• Ensure consistent naming of inputs Graylog2/graylog2-server#8190Graylog2/graylog2-server#7345 (Thanks @Chunters)
• Increase overall font size in the web interface to improve readability. Graylog2/graylog2-server#8319
• Improve user management UI.
• Improve LDAP and Active Directory management UI.
• Show search link in navigation for all users. Graylog2/graylog2-server#8917Graylog2/graylog2-server#8745Graylog2/graylog2-server#8779Graylog2/graylog2-server#8921
• Show grok patterns menu entry to all users with reader role. Graylog2/graylog2-server#9319
• Exclude Illuminate message fields from traffic accounting. Graylog2/graylog2-server#9408Graylog2/graylog2-server#9361
• Change license to SSPL. See the following links for details:
  • https://www.graylog.org/post/graylog-announces-4-0-release-of-its-log-management-platform
  • https://www.graylog.org/post/graylog-v4-0-licensing-sspl

Removed

Also see: 4.0 upgrade notes

• Remove support for Elasticsearch version 5. (supported versions are 6 and 7)
• Remove LDAP groups to role mapping. (replaced by team support in Graylog Enterprise)
  • See: Permission Management
• Remove legacy redirects for dashboards and saved searches. Graylog2/graylog2-server#8201Graylog2/graylog2-server#7151Graylog2/graylog2-server#8007
• Remove legacy saved searches API. Graylog2/graylog2-server#8199
• Remove legacy dashboards API. Graylog2/graylog2-server#8198
• Remove legacy aggregation API. Graylog2/graylog2-server#8329
• Remove legacy counts API. Graylog2/graylog2-server#8409
• Remove unused elasticsearch_request_timeout config file option. Graylog2/graylog2-server#8050

Fixed

• Improve styling of search widget action icons. Graylog2/graylog2-server#8064
• Give search input focus when saved search list is opening. Graylog2/graylog2-server#8052
• Fix issue with handling PKCS#8 PBES2 keys. Graylog2/graylog2-server#8133Graylog2/graylog2-server#7552
• Fix link to sidecar documentation page. Graylog2/graylog2-server#8144 (Thanks @Chunters)
• Fix NullPointerException if MongoDB doesn’t run with MMAPv1. Graylog2/graylog2-server#8274Graylog2/graylog2-server#8273 (Thanks @pdcemulator)
• Improve and ensure consistent rendering of monospace fonts. Graylog2/graylog2-server#8174
• Fix data table rendering for large table values. Graylog2/graylog2-server#8334
• Fix getting started guide page scroll behavior. Graylog2/graylog2-server#8131
• Improve rendering of time base bar charts. Graylog2/graylog2-server#8354Graylog2/graylog2-server#7167
• Fix sort and sort direction selector in aggregation builder. Graylog2/graylog2-server#7198Graylog2/graylog2-server#8355
• Improve error handling for absolute time range inputs. Graylog2/graylog2-server#8371Graylog2/graylog2-server#7191
• Fix disk journal utilization chart. Graylog2/graylog2-server#8420Graylog2/graylog2-server#8448
• Fix race conditions on “System/Configuration” page. Graylog2/graylog2-server#8778Graylog2/graylog2-server#8392
• Improve UI development flow across operating systems. Graylog2/graylog2-server#8487 (Thanks @binyellow)
• Improve image sizes to improve UI performance. Graylog2/graylog2-server#8976
• Improve pipeline rule link rendering for rules with long titles. Graylog2/graylog2-server#9016Graylog2/graylog2-server#9014
• Fix stream search bar issue with empty search results. Graylog2/graylog2-server#9028
• Retry message indexing when ES primary shards are not active.#9065
• Fix error when streams are referencing missing outputs. Graylog2/graylog2-server#9116Graylog2/graylog2-server#9012
• Fix JDK TLS protocol detection. Graylog2/graylog2-server#9356Graylog2/graylog2-server#9446Graylog2/graylog2-server#9445
• Improve error handling when node metrics cannot be received from the backend. Graylog2/graylog2-server#9316Graylog2/graylog2-server#9315
• Don’t allow modifications of email and full name for external users. Graylog2/graylog2-server#9390Graylog2/graylog2-server#9222
• Fix pipeline rule parsing issue with unary NOT operators. Graylog2/graylog2-server#8554

Integrations Plugin

Added

• Add Slack event notification plugin. Graylog2/graylog-plugin-integrations#569
• Add PagerDuty event notification plugin. Graylog2/graylog-plugin-integrations#606

Graylog 3.3.17

Released: 2022-04-12

Core

Added

• Introduce service account flag for user objects. Graylog2/graylog2-server#12405

Changed

• Convert built-in sidecar user to service account.

Security

• Fix DEBUG logging of access token. Graylog2/graylog2-server#12395

Graylog 3.3.16

Released: 2021-12-16

Core

Security

• Fix log4j CVE-2021-45046 by updating the library to 2.16.0. Graylog2/graylog2-server#11814

Integrations Plugin

No changes since 3.3.15.

Graylog 3.3.15

Released: 2021-12-10

Core

Security

• Fix log4j CVE-2021-44228. Graylog2/graylog2-server#11786

Integrations Plugin

No changes since 3.3.14.

Graylog 3.3.14

Released: 2021-07-28

Core

Security

Session ID leak in Graylog DEBUG log file and audit log.

We recently discovered a session ID leak in the Graylog DEBUG log file as well as the audit log. A user can use a session ID to authenticate against Graylog and then this user has access to all the permissions associated with the owner of the session ID.

The ID was printed in DEBUG level log messages (DEBUG is not enabled by default) as well as the Graylog Enterprise Audit Log. By default, the Graylog Audit Log is only logging to the local database and only accessible by Graylog administrators.

We would like to thank David Herbstmann for discovering and responsibly disclosing this vulnerability.

The following CVE IDs have been assigned: CVE-2021-37759, CVE-2021-37760

Graylog 3.3.13

Released: 2021-05-05

No changes since 3.3.12.

Graylog 3.3.12

Released: 2021-04-14

Core

Fixed

• Fix rendering of trend colors in report generation. Graylog2/graylog2-server#10157
• Don’t show “Enterprise” navigation for non-admin users. Graylog2/graylog2-server#8936Graylog2/graylog2-server#10188Graylog2/graylog2-server#10233
• Fix NullPointerException when MongoDB doesn’t run with the MMAPv1 storage engine. Graylog2/graylog2-server#8273Graylog2/graylog2-server#10300
• Log failed messages and full stack trace on processing errors when DEBUG is enabled. Graylog2/graylog2-server#10319Graylog2/graylog2-server#10432

Graylog 3.3.11

Released: 2021-02-16

Core

Fixed

• Fix search export to dashboard when running with a proxy and a path prefix. Graylog2/graylog2-server#9992Graylog2/graylog2-server#9989
• Fix Elasticsearch watermark notifications when running multiple Graylog nodes. Graylog2/graylog2-server#10066

Graylog 3.3.10

Released: 2021-01-27

Core

Added

• Show field sort icons in message table. Graylog2/graylog2-server#9775

Fixed

• Fix search query parsing with $ characters. Graylog2/graylog2-server#9497Graylog2/graylog2-server#9877
• Fix CSV export for shared dashboards. Graylog2/graylog2-server#9906
• Retry Elasticsearch requests on socket timeouts. Graylog2/graylog2-server#9922
• Retry bulk indexing if index alias has invalid target(s) instead of dropping the messages. Graylog2/graylog2-server#9955Graylog2/graylog2-server#9962Graylog2/graylog2-server#9978

Graylog 3.3.9

Released: 2020-11-25

Core

Fixed

• Improve user feedback when the UI cannot fetch data from the metrics API. Graylog2/graylog2-server#9315Graylog2/graylog2-server#9316
• Updates to Graylog Schema. Graylog2/graylog2-server#9567

Graylog 3.3.8

Released: 2020-10-12

No changes since 3.3.7 (see Graylog Enterprise for changes there).

Graylog 3.3.7

Released: 2020-10-08

Core

Security

• Update JavaScript dependencies with security issues. Graylog2/graylog2-server#9098

Fixed

• Fix issues with changing number of results for a pivot configuration. Graylog2/graylog2-server#9087Graylog2/graylog2-server#9085
• Fix permission issue with search and dashboards by respecting ownership. Graylog2/graylog2-server#9068Graylog2/graylog2-server#9067
• Fix unintended search bar form submit in widget edit modal. Graylog2/graylog2-server#9096

Graylog 3.3.6

Released: 2020-09-28

Core

Security

• Fixing a path traversal issue in the API Browser for non-standard installations. Graylog2/graylog2-server#8986Graylog2/graylog2-server#8988 Due to a check happening before pathname normalization, a directory traversal was possible in the REST resource that serves the API browser UI. If the Graylog server was started with non-standard JRE options (using an additional classpath setting), it could have been used to access files from this additional classpath directory without authentication. Many thanks to Florian Hauser and Christian Fünfhaus of Code White for disclosing this vulnerability.

Changed

• Always show the search page link in the navigation to allow users to access the search without having to go to the streams page first. Graylog2/graylog2-server#8917Graylog2/graylog2-server#8745Graylog2/graylog2-server#8779Graylog2/graylog2-server#8921

Fixed

• Fix (un)schedule endpoints for event definitions to make them work without explicit content-type header. Graylog2/graylog2-server#8981
• Fix missing title attribute in pipeline UI. Graylog2/graylog2-server#9017
• Show better error message on the search page when users have no stream permissions. Graylog2/graylog2-server#8955Graylog2/graylog2-server#9011
• Fix problem with updating search controls (query, streams, timerange) in widgets. Graylog2/graylog2-server#7922Graylog2/graylog2-server#9043

Legacy AWS Plugin

Added

• Include additional_event_data as part of the graylog message. Graylog2/graylog-plugin-aws#419 (Thanks @rongutierrez)

Integrations Plugin

Added

• Add “9.1.3 GlobalProtect logs” support to the PaloAlto 9.x input. Graylog2/graylog-plugin-integrations#540Graylog2/graylog-plugin-integrations#541Graylog2/graylog-plugin-integrations#554

Fixed

• Fix “Key & Secret” authentication in CloudWatch input. Graylog2/graylog-plugin-integrations#577

Graylog 3.3.5

Released: 2020-08-17

No changes since 3.3.3 (see Graylog Enterprise for changes there).

Graylog 3.3.4

Released: 2020-08-06

No changes since 3.3.3.

Graylog 3.3.3

Released: 2020-07-29

Core

Added

• Add new vendor fields to Graylog schema. Graylog2/graylog2-server#8471Graylog2/graylog2-server#8642

Security

• [BREAKING]: Enable hostname validation for SSL/TLS-backed LDAP connections. Graylog2/graylog2-server#8625 Prior to v3.3.3, the certificates of LDAP servers which are connected to using a secure connection (SSL or TLS) were not validated, even if the “Allow self-signed certificates” option was unchecked. Starting with v3.3.3, certificates are validated against the local default keystore. This might introduce a breaking change, depending on your local LDAP settings and the validity of the certificates used (if any). Please ensure that all certificates used are valid, their common name matches the host part of your configured LDAP server and your local keystore contains all CA/intermediate certs required for validation.

See also: CVE-2020-15813

Changed

• Find a better default for enabled_tls_protocols setting. Graylog2/graylog2-server#7726Graylog2/graylog2-server#8637 This change builds the default TLS protocols based on what is supported by the currently running JRE.

Fixed

• Fix message table issue in fullscreen/TV mode. Graylog2/graylog2-server#8483Graylog2/graylog2-server#8575

Graylog 3.3.2

Released: 2020-06-24

Core

Changed

• Mark legacy aggregation API as deprecated in favor of the new views API. (to be removed in 4.0) Graylog2/graylog2-server#8323
• Update Graylog field schema. Graylog2/graylog2-server#8331
• Improve search page rendering performance. Graylog2/graylog2-server#8343

Fixed

• Fix issue with flickering in the single number widget. Graylog2/graylog2-server#7563Graylog2/graylog2-server#8341
• Fix issue with extending alert notification grace period. Graylog2/graylog2-server#8365Graylog2/graylog2-server#8402
• Fix rendering of message table header. Graylog2/graylog2-server#8415

Integrations Plugin

Added

• Add new Palo Alto input to support PAN-OS v9.x devices. Graylog2/graylog-plugin-integrations#496

Graylog 3.3.1

Released: 2020-06-10

Core

Fixed

• Fix problem with throughput counter in the UI Graylog2/graylog2-server#8172Graylog2/graylog2-server#8185
• Fix issue when adding a new header to the httpsJSONPath lookup data adapter. Graylog2/graylog2-server#8186Graylog2/graylog2-server#8266
• Retry message indexing when indices are read-only due to disk space problems in Elasticsearch. Graylog2/graylog2-server#8211Graylog2/graylog2-server#8269
• Fix issue with using float numbers in event definitions. Graylog2/graylog2-server#8290
• Only check data nodes for Elasticsearch disk usage stats. Graylog2/graylog2-server#8239Graylog2/graylog2-server#8282 (Thanks @radykal-com!)

Graylog 3.3.0

Released: 2020-05-20

Core

Added

• Make it possible to create new URL whitelist entries inside forms. Graylog2/graylog2-server#7275Graylog2/graylog2-server#7169Graylog2/graylog2-server#7401
• Store API tokens encrypted in MongoDB. Graylog2/graylog2-server#7556
• Add new CSV export that supports exporting multiple streams. Graylog2/graylog2-server#7709
• Add string concatenation to pipeline rule language. Graylog2/graylog2-server#7855Graylog2/graylog2-server#7863 (Thanks @rmanibus)
• Add first_non_null pipeline rule function. Graylog2/graylog2-server#7895Graylog2/graylog2-server#7916 (Thanks @radykal-com)
• Allow users to request a Graylog Enterprise trial license from inside the product. Graylog2/graylog2-server#7992
• Add option to enable/disable event definitions and alerts. Graylog2/graylog2-server#7497Graylog2/graylog2-server#7902

Changed

• Lots of UI styling related changes to make them more consistent.
• Start index retention from the oldest index, not the newest. Graylog2/graylog2-server#7310
• Update MongoDB driver to the latest version to support MongoDB 4.2. Graylog2/graylog2-server#7142Graylog2/graylog2-server#7240 (Thanks @radykal-com)
• Improve unit tests. Graylog2/graylog2-server#7473Graylog2/graylog2-server#7595 (Thanks @cpugputpu)
• Improve progress bar implementation. Graylog2/graylog2-server#7443
• Don’t directly expose “KafkaJournalConfiguration” values in journal API endpoint. Graylog2/graylog2-server#7521Graylog2/graylog2-server#7526
• Optimize JavaScript code bundle sizes. Graylog2/graylog2-server#7598
• Improve dashboard widget legend positioning. Graylog2/graylog2-server#7743
• Change default title for dashboard tabs to Page#  Graylog2/graylog2-server#7748 
• Improve triggering search executions from search bar. Graylog2/graylog2-server#7829Graylog2/graylog2-server#7572Graylog2/graylog2-server#7596Graylog2/graylog2-server#7724
• Don’t truncate messages in process-buffer dump. Graylog2/graylog2-server#7937Graylog2/graylog2-server#7938

Removed

• Remove unused frontend code from the legacy search. Graylog2/graylog2-server#7338
• Remove the unused system client provider. Graylog2/graylog2-server#6376
• Remove legacy saved searches API endpoints. Graylog2/graylog2-server#7804Graylog2/graylog2-server#7805

Fixed

• Fix race condition when creating admin role. Graylog2/graylog2-server#7378
• Display getting started guide with full height. Graylog2/graylog2-server#7529
• Handle absence of field types in search components. Graylog2/graylog2-server#7538
• Improve compatibility with IE 11. Graylog2/graylog2-server#7660Graylog2/graylog2-server#7670Graylog2/graylog2-server#7951
• Prevent logging ReadTimeoutException as an error if KeepAlive is configured by the user. Graylog2/graylog2-server#7819 (Thanks @jesseczko)
• Allow dashboard deletion for users with edit rights. Graylog2/graylog2-server#7729Graylog2/graylog2-server#7817
• Only show dashboard delete button for users with correct permissions. Graylog2/graylog2-server#7793Graylog2/graylog2-server#7846
• Improve field name completion performance by caching field names. Graylog2/graylog2-server#7827
• Speed up event processing when it’s lagging behind. Graylog2/graylog2-server#6740
• Improve performance loading streams from the database. Graylog2/graylog2-server#7867
• Improve autocompletion performance in select fields. Graylog2/graylog2-server#7753Graylog2/graylog2-server#7818
• Improve performance for field type retrieval endpoint. Graylog2/graylog2-server#7865
• Reset pagination on page size change. Graylog2/graylog2-server#7825Graylog2/graylog2-server#7826
• Ensure that dashboards have empty root query strings. Graylog2/graylog2-server#7750Graylog2/graylog2-server#7858
• Fix metric naming options in aggregation builder. Graylog2/graylog2-server#7771Graylog2/graylog2-server#7892
• Improve tarball packaging. Graylog2/graylog2-server#7920 (Thanks @mayrstefan)
• Improve error messages when filtering on empty dashboards. Graylog2/graylog2-server#7807Graylog2/graylog2-server#7888
• Improve error messages when users don’t have required stream permissions. Graylog2/graylog2-server#7505Graylog2/graylog2-server#7782
• Fix LDAP errors for local user accounts. Graylog2/graylog2-server#2267Graylog2/graylog2-server#7917 (Thanks @mayrstefan)
• Fix warning in pipeline rule parser. Graylog2/graylog2-server#7918Graylog2/graylog2-server#7919 (Thanks @mayrstefan)
• Fix sidebar highlighting layout for field values with a long name. Graylog2/graylog2-server#7738Graylog2/graylog2-server#8018
• Improve compatibility with Safari browsers. Graylog2/graylog2-server#8003Graylog2/graylog2-server#8030
• Reset job trigger on event definition updates. Graylog2/graylog2-server#7841Graylog2/graylog2-server#8060
• Fix problem with event notification grace period. Graylog2/graylog2-server#8065Graylog2/graylog2-server#8067
• Improve rendering performance of select fields in event definitions. Graylog2/graylog2-server#8083
• Improve default email notification template. Graylog2/graylog2-server#8112
• Fix timezone rendering of event annotations in graphs. Graylog2/graylog2-server#8125

Security

• Two XSS issues were discovered in the content packs module and the hyperlink string decorator by Juha Laaksonen, Cyber Security Specialist at Solita. A big thanks to Juha for alerting us about these issues. Graylog2/graylog2-server#8072Graylog2/graylog2-server#8104Graylog2/graylog2-server#8150
• Mika Kulmala, Cyber Security Specialist at Solita, reported a leak of the AWS secret key in certain (authenticated) Graylog REST API calls. Graylog is no longer revealing the AWS secret key in REST API responses. A big thanks to Mika for alerting us about this issue. Graylog2/graylog-plugin-aws#361

Graylog 3.2.6

Released: 2020-06-10

Core

Fixed

• Retry message indexing when indices are read-only due to disk space problems in Elasticsearch. Graylog2/graylog2-server#8211Graylog2/graylog2-server#8269
• Fix issue with using float numbers in event definitions. Graylog2/graylog2-server#8290

Graylog 3.2.5

Released: 2020-05-19

Core

Added

• Add minimal support for Beats 7.x to the beats input. Graylog2/graylog2-server#6501Graylog2/graylog2-server#7894
• Show system notification when disk in Elasticsearch fills up. Graylog2/graylog2-server#7899 (Thanks @radykal-com)

Changed

• Enforce unix newlines in the sidecar collector configuration file editor. Graylog2/graylog2-server#7889Graylog2/collector-sidecar#389Graylog2/graylog2-server#7975
• Mask passwords in input configuration returned from the /system/inputstates endpoint. Graylog2/graylog2-server#8037
• Sanitize URLs in content packs. Graylog2/graylog2-server#8072Graylog2/graylog2-server#8104
• Sanitize URls in “Hyperlink String” decorator. Graylog2/graylog2-server#8150

Fixed

• Fix UI issues in sidecar configuration. Graylog2/graylog2-server#7406Graylog2/graylog2-server#7754
• Fix dashboard migration issues. Graylog2/graylog2-server#7732Graylog2/graylog2-server#7749Graylog2/graylog2-server#7840
• Fix message list sorting option. Graylog2/graylog2-server#7758Graylog2/graylog2-server#7763
• Fix compatibility issue with Safari and the aggregation configuration. Graylog2/graylog2-server#7806Graylog2/graylog2-server#7815
• Fix pipeline stage parsing endpoint. Graylog2/graylog2-server#7322Graylog2/graylog2-server#7830

AWS Plugin (legacy)

Changed

• Encrypt default AWS secret key with system secret. Graylog2/graylog-plugin-aws#361

Graylog 3.2.4

Released: 2020-03-19

Core

Changed

• Display old LDAP group mappings so they can be deleted by the user. Graylog2/graylog2-server#7502Graylog2/graylog2-server#7697
• Don’t allow aggregations on analyzed fields. Graylog2/graylog2-server#7508Graylog2/graylog2-server#7685

Fixed

• Fix problem with message list pagination. Graylog2/graylog2-server#7680Graylog2/graylog2-server#7665Graylog2/graylog2-server#7693
• Fix issue removing custom fields from event definitions. Graylog2/graylog2-server#7544Graylog2/graylog2-server#7692
• Fix drop-down overlay placements on search page. Graylog2/graylog2-server#7723
• Remove streams parameter from URL when the last stream got removed from a search query. Graylog2/graylog2-server#7717Graylog2/graylog2-server#7719

Graylog 3.2.3

Released: 2020-03-11

Core

Added

• Add back auto-completion for _exists_ queries. Graylog2/graylog2-server#7441Graylog2/graylog2-server#7604
• Add back surrounding search feature for searches and dashboards. Graylog2/graylog2-server#7616Graylog2/graylog2-server#7621
• Add support for newer Kafka versions and allowing more customization options. Graylog2/graylog2-server#7504 (Thanks @muralibasani)
• Add back field sorting for the message table widget. Graylog2/graylog2-server#7645
• Add back “replay search” button for dashboard widgets. Graylog2/graylog2-server#7372Graylog2/graylog2-server#7648
• Add option to share a saved search with other users. Graylog2/graylog2-server#7668

Changed

• Improve chart rendering for zero values. Graylog2/graylog2-server#7605
• Rename “Aggregate” field option to “Show top values” to make it more clear. (this was previously called quick values) Graylog2/graylog2-server#7663

Fixed

• Fix widget error “n.find is not a function”. Graylog2/graylog2-server#7365Graylog2/graylog2-server#7538
• Fix problem with rendering table widgets. Graylog2/graylog2-server#7565Graylog2/graylog2-server#7611
• Fix aggregation event definitions when no streams are selected. Graylog2/graylog2-server#7619Graylog2/graylog2-server#7625
• Fix problem with showing message journal statistics on the node details page. Graylog2/graylog2-server#7521Graylog2/graylog2-server#7633
• Fix sorting problem when sorting over different streams. Graylog2/graylog2-server#6490Graylog2/graylog2-server#7569
• Fix search and dashboard issues with Internet Explorer 11. Graylog2/graylog2-server#7660
• Fix search page refresh handling. Graylog2/graylog2-server#7661

Graylog 3.2.2

Released: 2020-02-20

Core

Changed

• Use Graylog data dir for storing netty tcnative libraries. Graylog2/graylog2-server#5762Graylog2/graylog2-server#7359
• Add colon (:) when selecting a field from auto-completion. Graylog2/graylog2-server#7408Graylog2/graylog2-server#7493

Fixed

• Suppress system notification for whitelist errors from test alerts. Graylog2/graylog2-server#7350Graylog2/graylog2-server#7390
• Fix issue with duplicating dashboard tabs. Graylog2/graylog2-server#7397
• Improve search URL synchronization by avoiding unnecessary entries in browser history. Graylog2/graylog2-server#7415
• Fix error on system overview page. Graylog2/graylog2-server#7329Graylog2/graylog2-server#7351
• Fix issue with content pack creation. Graylog2/graylog2-server#6690Graylog2/graylog2-server#7449
• Fix problem with dashboard migration and hidden filters. Graylog2/graylog2-server#7366Graylog2/graylog2-server#7420
• Fix dashboard migration issue with field name extraction. Graylog2/graylog2-server#7452
• Fix widget error “n.find is not a function”. Graylog2/graylog2-server#7365Graylog2/graylog2-server#7450
• Fix dashboard widget migration error related to value sorting. Graylog2/graylog2-server#7476Graylog2/graylog2-server#7481
• Fix issue with Active Directory authentication support. Graylog2/graylog2-server#7431Graylog2/graylog2-server#7498
• Fix issue with field ordering in message table widgets. Graylog2/graylog2-server#6808Graylog2/graylog2-server#7501
• Fix problem with running Graylog under a subpath. Graylog2/graylog2-server#7447Graylog2/graylog2-server#7500

Integrations Plugin

Fixed

• Fix issue with AWS Kinesis token refresh. Graylog2/graylog-plugin-integrations#386Graylog2/graylog-plugin-integrations#389

Graylog 3.2.1

Released: 2020-02-04

Core

Fixed

• Fix problem with message processing and invalid timestamp fields. Graylog2/graylog2-server#7364Graylog2/graylog2-server#7290
• Fix scrolling issue in data table widget for Safari browser. Graylog2/graylog2-server#7344Graylog2/graylog2-server#7353
• Fix two issues with saved search migration. Graylog2/graylog2-server#7362Graylog2/graylog2-server#7369

Graylog 3.2.0

Released: 2020-01-31

Core

Added

• Add configuration options for event index set prefixes. Graylog2/graylog2-server#6340Graylog2/graylog2-server#6350
• Add support for trailing comma characters in GELF input. Graylog2/graylog2-server#6325
• Add “apply” button to pipeline rule editor to improve editing workflow. Graylog2/graylog2-server#6312Graylog2/graylog2-server#6351 (Thanks @radykal-com!)
• Start infrastructure for UI theming.
• Support for percentile aggregations in the aggregation builder. Graylog2/graylog2-server#6597
• Add support for MaxMind ASN geo IP databases. Graylog2/graylog2-server#6623
• Introduce cluster global REST API browser button.
• Add heatmap visualization in aggregation builder. Graylog2/graylog2-server#6678
• Add area chart visualization to aggregation builder. Graylog2/graylog2-server#6893
• Add support for disabling the built-in root user. Graylog2/graylog2-server#6688
• Support for string list values in lookup tables. Graylog2/graylog2-server#6542
• Add pipeline functions to update string list values in lookup tables. Graylog2/graylog2-server#7189
• Bring back content pack auto-load. Graylog2/graylog2-server#5744Graylog2/graylog2-server#6096
• Add scratchpad for short notes. Graylog2/graylog2-server#6492
• Add content pack support for searches. Graylog2/graylog2-server#6973
• Add support for multiple conditions in event and alert aggregations. Graylog2/graylog2-server#6353Graylog2/graylog2-server#6879
• Configuration option to enforce system wide TLS protocol settings. Graylog2/graylog2-server#6444Graylog2/graylog2-server#7130
• Support for multiple dashboard tabs.
• Automatic tab rotation on dashboards in TV/full-screen mode.
• Add gl2_accounted_message_size field to every message to help with accounting license traffic. Graylog2/graylog2-server#6838Graylog2/graylog2-server#7187
• Remember event/alert display settings in event/alerts overview page. Graylog2/graylog2-server#6796Graylog2/graylog2-server#7221
• Add support for dumping the current process buffer state to help debugging slow processing. Graylog2/graylog2-server#7199
• Add elasticsearch_discovery_default_scheme config file setting to improve Elasticsearch node discovery. Graylog2/graylog2-server#6280Graylog2/graylog2-server#6315 (Thanks @radykal-com!)
• Allow customization of colors in visualizations.
• Add global filter and timerange override for dashboards. Graylog2/graylog2-server#6424Graylog2/graylog2-server#6445

Changed

• Improve navigation display on small screens. Graylog2/graylog2-server#6329
• Introduce abstraction for bootstrap UI components. Graylog2/graylog2-server#6385
• Improve log level configuration to include more log classes. Graylog2/graylog2-server#6423
• Improve event notification test button. Graylog2/graylog2-server#6522
• Don’t show event streams in pipeline configuration. Graylog2/graylog2-server#6454Graylog2/graylog2-server#6513
• Migrated legacy dashboards into new dashboards.
• Migrated legacy saved searches into new search bookmarks.
• Improve lookup cache error handling. Graylog2/graylog2-server#6295Graylog2/graylog2-server#6518
• Migrate “Sources” page into a dashboard. Graylog2/graylog2-server#7024

Removed

• Remove unused search-type implementations. Graylog2/graylog2-server#6438
• Sources page has been removed and converted into a dashboard. Graylog2/graylog2-server#7024

Fixed

• Fix sorting issue on inputs page. Graylog2/graylog2-server#5921 (Thanks @radykal-com!)
• Fix issue creating database indices for processin status. Graylog2/graylog2-server#6322Graylog2/graylog2-server#6333
• Fix server shutdown problem with message generator input. Graylog2/graylog2-server#6305
• Fix issue loading views. Graylog2/graylog2-server#6346Graylog2/graylog2-server#6352
• Fix display issues with auto-completion in search bar. Graylog2/graylog2-server#6461
• Fix issue with compound index field types. Graylog2/graylog2-server#6313Graylog2/graylog2-server#6462
• Fix issues with field highlighting. Graylog2/graylog2-server#6511Graylog2/graylog2-server#6512
• Fix race condition in index management. Graylog2/graylog2-server#6383Graylog2/graylog2-server#6634
• Fix issue with event notification backlog seeting display. Graylog2/graylog2-server#6580
• Fix sorting in streams selection in search. Graylog2/graylog2-server#6514Graylog2/graylog2-server#6655
• Fix issue with managing event index set templates. Graylog2/graylog2-server#6507Graylog2/graylog2-server#6656
• Fix issue reloading changed GROK patterns in a cluster setup. Graylog2/graylog2-server#6666
• Fix pipeline rule parsing error. Graylog2/graylog2-server#6716
• Fix UI problem modifying pipeline stages. Graylog2/graylog2-server#5896Graylog2/graylog2-server#6743
• Fix issue with object validation in REST API. Graylog2/graylog2-server#5402
• Fix timestamp data type issue with COMMONAPACHELOG GROK pattern. Graylog2/graylog2-server#1647Graylog2/graylog2-server#6847
• Fix issue with pipelines and the default stream in content packs. Graylog2/graylog2-server#6873 (Thanks @pschichtel!)
• Improve REST API browser documentation. Graylog2/graylog2-server#6955
• Fix event aggregation issues with empty fields. Graylog2/graylog2-server#6933Graylog2/graylog2-server#7070
• Fix issue with upsert database operations. Graylog2/graylog2-server#7258Graylog2/graylog2-server#7259
• Fix issue in DNS adapter that could cause message processing stalls. Graylog2/graylog2-server#5782Graylog2/graylog2-server#7325

Integrations Plugin

Added

• Add IPFIX input plugin.

Graylog 3.1.4

Released: 2020-01-14

Core

Added

• Add URL whitelist service to make sure that lookup data adapters and event notifications cannot use arbitrary URLs. Attention: The URL whitelist is enabled by default! On the first server startup after the upgrade, the URL whitelist service will automatically generate whitelist entries for existing lookup data adapters and event notifications. See URL whitelist documentation for details.

Changed

• Reduce amount of log messages when job scheduler is disabled on a node. Graylog2/graylog2-server#6451Graylog2/graylog2-server#6816

Fixed

• Fix global API browser link. Graylog2/graylog2-server#6823Graylog2/graylog2-server#6826
• Ensure that aggregation events always have a source_streams field for permission checks. Graylog2/graylog2-server#6876Graylog2/graylog2-server#6877
• Fix caching issue with route_to_stream pipeline function. Graylog2/graylog2-server#4954Graylog2/graylog2-server#6788
• Fix issue with calculating index ranges. Graylog2/graylog2-server#6828Graylog2/graylog2-server#6957Attention: If you are affected by Graylog2/graylog2-server#6828, you have to manually recalculated index ranges for all your index sets.
• Improve API browser for event resources. Graylog2/graylog2-server#6742Graylog2/graylog2-server#6955
• Fix message indexing issue that could potentially stop message indexing completely. Graylog2/graylog2-server#5091Graylog2/graylog2-server#6965Graylog2/graylog2-server#7071

Integrations Plugin

Added

• Add support for automatic authentication scheme for the AWS Kinesis integration. (environment variables, Java properties, instance roles) Graylog2/graylog-plugin-integrations#264Graylog2/graylog-plugin-integrations#279
• Add “assume role” support for AWS Kinesis integration. Graylog2/graylog-plugin-integrations#264Graylog2/graylog-plugin-integrations#279

Fixed

• Fix rate limit issue with AWS Kinesis streams. Graylog2/graylog-plugin-integrations#341Graylog2/graylog-plugin-integrations#342

Graylog 3.1.3

Released: 2019-11-06

Core

Added

• Add test button to allow testing of event notifications. Graylog2/graylog2-server#6138Graylog2/graylog2-server#6549
• Add support for MaxMind ASN database type in lookup tables. Graylog2/graylog2-server#6631
• Add metric_counter_inc pipeline function. Graylog2/graylog2-server#6644
• Add length pipeline function. Graylog2/graylog2-server#6645
• Add traffic_accounting_size pipeline function. Graylog2/graylog2-server#6646
• Implement pipeline rule timers to help debugging slow rules. Graylog2/graylog2-server#5494Graylog2/graylog2-server#6680

Changed

• Hide event streams from pipelines because events are currently not supported in pipeline rules. Graylog2/graylog2-server#6454Graylog2/graylog2-server#6545
• Increase default connection limits for Elasticsearch connections. Graylog2/graylog2-server#4637Graylog2/graylog2-server#6679

Fixed

• Fix problem with message highlighting. Graylog2/graylog2-server#6511Graylog2/graylog2-server#6526
• Improve event and alert processing on nodes with low ingest rates. Graylog2/graylog2-server#6453Graylog2/graylog2-server#6548
• Remove event streams from global search to fix custom sorting issue. Graylog2/graylog2-server#6384Graylog2/graylog2-server#6544
• Fix event processing on nodes with a disabled journal. Graylog2/graylog2-server#6449Graylog2/graylog2-server#6547
• Fix UI problem with select components. Graylog2/graylog2-server#6554
• Fix problem adding multiple percentile aggregations in views. Graylog2/graylog2-server#6597Graylog2/graylog2-server#6638
• Fix API browser links in setups with multiple nodes. Graylog2/graylog2-server#2360Graylog2/graylog2-server#5920Graylog2/graylog2-server#6636
• Fix display of backlog size for legacy event notification plugins. Graylog2/graylog2-server#6647
• Fix issue with MongoDB index creation. Graylog2/graylog2-server#6383Graylog2/graylog2-server#6643
• Fix stream permission checks for view searches. Graylog2/graylog2-server#6651
• Fix stream sorting in streams filter option in views. Graylog2/graylog2-server#6514Graylog2/graylog2-server#6657
• Fix problem with event index set migration. Graylog2/graylog2-server#6507Graylog2/graylog2-server#6662Graylog2/graylog2-server#6674
• Ensure Grok pattern reloading on bulk pattern import. Graylog2/graylog2-server#6673
• Fix error handling in pipeline parser. Graylog2/graylog2-server#6696Graylog2/graylog2-server#6731

Integrations Plugin

Fixed

• Fix checkpointing AWS Kinesis streams. Graylog2/graylog-plugin-integrations#286Graylog2/graylog-plugin-integrations#294

Graylog 3.1.2

Released: 2019-09-12

Core

Fixed

• Cannot read property ‘query’ of undefined when replaying search Graylog2/graylog2-server#6355
• Cannot focus input fields in modal form (Dashboard) Graylog2/graylog2-server#6356
• Server start fails with Index with name: compound_0 already exists with a different name Graylog2/graylog2-server#6383
• Alerting not working if cluster contains nodes with no active inputs Graylog2/graylog2-server#6415

Graylog 3.1.1

Released: 2019-09-04

Core

Fixed

• Error when loading a view. Graylog2/graylog2-server#6346
• Fix server startup issue resulting from long index name. Graylog2/graylog2-server#6322

Integrations Plugin

Added

• Add a new AWS Kinesis/CloudWatch Input to Graylog, which guides the user through the setup process and performs checks along the way. It also supports an automated CloudWatch Logs to Kinesis Streams setup which helps to automate much of the complicated manual setup.

Graylog 3.1.0

Released: 2019-08-16

Views & Extended Search

• This feature was partially (everything besides support for parameters in queries) open-sourced in this version. Formerly it was accessible only through the commercial enterprise plugin.
• The API prefix for the views/extended search endpoints has changed from /api/plugins/org.graylog.plugins.enterprise/(views|search) to /api/views & /api/views/search.
• The configuration file directive specifying the maximum age of an unreferenced search object before it is purged has changed from enterprise_search_maximum_search_age to views_maximum_search_age.

Core

Added

• Add GracefulShutdownService Java API to allow plugins to participate in a graceful server shutdown. Graylog2/graylog2-server#5738
• Add MessageOutput.Factory2 Java API to allow writing output plugins that receive the output instance ID. Graylog2/graylog2-server#5670
• Add metrics for Sidecar API resources. Graylog2/graylog2-server#5632
• Add new pipeline rule function grok_exists to check for the existence of Grok patterns. Graylog2/graylog2-server#5699Graylog2/graylog2-server#5689
• Allow the group.id setting in a Kafka input to be configured by users. Graylog2/graylog2-server#5867Graylog2/graylog2-server#3976 (Thank you @pdepaepe)
• Add “show documents for value” field value action to views.
• Add automatic refresh feature to views search.
• Add support for extractor creation links to views.
• Add support for highlighting terms in message search results in views.
• Allow user defined granularity for auto interval time-bucketing in views.
• Add views action to duplicate query tabs. (including widgets)
• Make message fields in views message list sortable.
• Add support for stacked bar charts in views.
• Make colors in view charts configurable.
• Add support for percentile metrics in views.
• Add syntax highlighting for pipeline rule editor. Graylog2/graylog2-server#5957
• Add new alerts and events system.
• Add default events and system events streams. Graylog2/graylog2-server#6089Graylog2/graylog2-server#6085
• Add default gl2_message_id field for each new message. Graylog2/graylog2-server#6074Graylog2/graylog2-server#5994
• Add experimental JDK 11 support. Graylog2/graylog2-server#5909 (please don’t use in production, yet)
• Add default filebeat collector config for Windows. Graylog2/graylog2-server#6287Graylog2/collector-sidecar#350

Changed

• Add a high-resolution logo and favicon and optimize all image files. Graylog2/graylog2-server#5748
• Improve autogenerated UI elements for boolean fields. Graylog2/graylog2-server#5678
• Make modal dialogs only close with ESC key, Cancel and “X” buttons. They don’t close anymore when users click outside of the modal content. Graylog2/graylog2-server#5823
• Improve error messages when updating Grok patterns. Graylog2/graylog2-server#5629
• Improve error messages for search errors. Graylog2/graylog2-server#5681
• Improve navigation bar layout. Graylog2/graylog2-server#6001
• Improve views query autocompletion suggestions.
• Move Save/Cancel buttons in views widget edit mode.
• Use dynamic pager in views message lists. Graylog2/graylog2-server#6090
• Set default value for email sender to empty value. Graylog2/graylog2-server#5981 (Thank you @bjoernhaeuser)
• Improve stream router engine performance. Graylog2/graylog2-server#6170
• Avoid logging excessive exceptions when other Graylog nodes are not reachable via https. Graylog2/graylog2-server#6229
• Darken disabled inputs on the inputs page, making it easier to see when an input is disabled. Graylog2/graylog2-server#6257

Removed

• Remove “show documents” action for message widgets.
• Remove old stream alerts system. (replaced by new alerts and events system, including automatic alerts migration)

Fixed

• Fix slow loading API and UI after server startup. Graylog2/graylog2-server#5669
• Fix API path prefixing to allow running Graylog with a sub-path again. Graylog2/graylog2-server#5703Graylog2/graylog2-server#5702
• Fix issue with dashboard data migration. Graylog2/graylog2-server#5751Graylog2/graylog2-server#5737
• Add wildcard support to search page query parser. Graylog2/graylog2-server#5730Graylog2/graylog2-server#5719
• Fix “Expect: 100-Continue” handling in inputs. Graylog2/graylog2-server#5725Graylog2/graylog2-server#5690
• Fix input keep-alive handling. Graylog2/graylog2-server#5728Graylog2/graylog2-server#5720
• Fix Grok pattern handling with OR patterns. Graylog2/graylog2-server#5749Graylog2/graylog2-server#4773
• Fix issues with Cisco ASA NetFlow handling. Graylog2/graylog2-server#5729Graylog2/graylog2-server#5715
• Fix support for underscores (_) in Grok pattern match group names. Graylog2/graylog2-server#5800Graylog2/graylog2-server#5704Graylog2/graylog2-server#5563
• Fix auto-completion in several drop-down fields across the UI. Graylog2/graylog2-server#5665Graylog2/graylog2-server#5659
• Fix problem with loading the extractors page in the UI. Graylog2/graylog2-server#5954Graylog2/graylog2-server#5948
• Fix links on stream outputs page. Graylog2/graylog2-server#5953Graylog2/graylog2-server#5952
• Fix edit mode of message widget in views.
• Don’t refresh view query when changing query tabs.
• Copy widget filter when creating statistics widget for a field in views.
• Support nested maps in lists for content packs. Graylog2/graylog2-server#6003Graylog2/graylog2-server#5742
• Reload changed Grok patterns in Grok extractor. Graylog2/graylog2-server#5982Graylog2/graylog2-server#5833
• Fix support for TLS trusted certificate directories in inputs. Graylog2/graylog2-server#5958Graylog2/graylog2-server#5939
• Fix plugin UI routes when running the web interface with a sub-path. Graylog2/graylog2-server#6150Graylog2/graylog2-server#6149
• Fix rendering of events in single message view. Graylog2/graylog2-server#6156Graylog2/graylog2-server#6142
• Fix rendering of LDAP page. Graylog2/graylog2-server#6249Graylog2/graylog2-server#6247
• Fix pagination issue with newer JDKs. Graylog2/graylog2-server#6256Graylog2/graylog2-server#6254
• Fix issue with UDP based inputs becoming unresponsive. Graylog2/graylog2-server#6263Graylog2/graylog2-server#5701

Graylog 3.0.2

Released: 2019-05-03

Integrations Plugin

• Fix issue handling quoted values in PaloAlto input Graylog2/graylog-plugin-integrations#15Graylog2/graylog-plugin-integrations#16

Graylog 3.0.1

Released: 2019-04-01

Core

• Fix dashboard position migration. Graylog2/graylog2-server#5737Graylog2/graylog2-server#5763
• Fix 100 handling in inputs. Graylog2/graylog2-server#5690Graylog2/graylog2-server#5725
• Fix input keep-alive handling. Graylog2/graylog2-server#5720Graylog2/graylog2-server#5728
• Fix running Graylog web interface under a path prefix. Graylog2/graylog2-server#5702Graylog2/graylog2-server#5703
• Fix issue with wildcards in the search query parser when running with newer Elasticsearch versions. Graylog2/graylog2-server#5719Graylog2/graylog2-server#5766
• Fix Grok patterns that use “OR” to not return “null” values. Graylog2/graylog2-server#4773Graylog2/graylog2-server#5749
• Fix NetFlow parsing for Cisco ASA devices. Graylog2/graylog2-server#5715Graylog2/graylog2-server#5729
• Fix Grok patterns to support underscores in match group names again. Graylog2/graylog2-server#5704Graylog2/graylog2-server#5563Graylog2/graylog2-server#5800
• Document password escaping issue for the MongoDB connection URL. Graylog2/graylog2-server#5680Graylog2/graylog2-server#5764

Integrations Plugin

• Fix input parsing problem in PaloAlto input. Graylog2/graylog-plugin-integrations#10Graylog2/graylog-plugin-integrations#11

Threatintel Plugin

• Fix problem with content pack migration. Graylog2/graylog-plugin-threatintel#123

Graylog 3.0.0

Released: 2019-02-14

• Announcement blog post: https://www.graylog.org/post/announcing-graylog-v3-0-ga
• Upgrade notes: Upgrading to Graylog 3.0.x

A detailed changelog is following soon!

Graylog 2.5.2

Released: 2019-03-15

Core

• Mask password fields of inputs returned by the REST API. Graylog2/graylog2-server#5432Graylog2/graylog2-server#5733

Integrations Plugin

• Fix input parsing problem in PaloAlto input. Graylog2/graylog-plugin-integrations#10Graylog2/graylog-plugin-integrations#11

Graylog 2.5.1

Released: 2018-12-19

Core

• Improve description of web_endpoint_uri in graylog.conf. Graylog2/graylog2-server#5359
• Add CSRF backward compatibility for older Sidecars. Graylog2/graylog2-server#5388Graylog2/graylog2-server#4987

AWS Plugin

• Remove low limit for GZIP decompression of AWS events. Graylog2/graylog-plugin-aws#98

Pipeline Processor Plugin

• Fix IPv6 handling in IPv4 cidr_match pipeline function. Graylog2/graylog-plugin-pipeline-processor#254Graylog2/graylog2-server#5405

Graylog 2.5.0

Released: 2018-11-30

Core

• Improve CSRF protection by requiring a custom header for non-GET requests sent to the API. (requires sidecar 0.1.7) Graylog2/graylog2-server#4998Graylog2/graylog2-server#5012Graylog2/graylog2-server#5182
• Improve alert conditions by making the query string configurable. Graylog2/graylog2-server#5277Graylog2/graylog2-server#3966
• Improve alert overview for streams. Graylog2/graylog2-server#5311
• Add test button for alert conditions. Graylog2/graylog2-server#5322
• Add DNS lookup adapter that supports foward and reverse lookups. Graylog2/graylog2-server#5274Graylog2/graylog2-server#4200Graylog2/graylog2-server#5124Graylog2/graylog-plugin-threatintel#64
• Add support for Elasticsearch 6.x. Graylog2/graylog2-server#5020Graylog2/graylog2-server#5064
• Update time zone database for the web interface. Graylog2/graylog2-server#5260Graylog2/graylog2-server#5245
• Fix description and default values for the DSV lookup table adapter. Graylog2/graylog2-server#4973@zionio
• Fix slow and unreliable CSV export by using a bigger default batch size. Graylog2/graylog2-server#5172Graylog2/graylog2-server#5304
• Fix index stats in index set overview. Graylog2/graylog2-server#5306
• Fix security issue with the users API where regular users could retrieve details of other users. Graylog2/graylog2-server#5308Graylog2/graylog2-server#5068@radykal-com
• Fix backslash escaping for phrase searches. Graylog2/graylog2-server#5314Graylog2/graylog2-server#4111Graylog2/graylog2-server#5266

Integrations Plugin

• Add Palo Alto input

AWS Plugin

• Add throttling support to the AWS Flow Logs input. Graylog2/graylog-plugin-aws#94Graylog2/graylog-plugin-aws#85
• Improve logging for the CloudTrail input. Graylog2/graylog-plugin-aws#95Graylog2/graylog-plugin-aws#80

Pipeline Processor Plugin

• Fix key-value function to be more robust with splitting values. Graylog2/graylog-plugin-pipeline-processor#249Graylog2/graylog2-server#4920@radykal-com
• Add support for decimal IPv4 representation in the to_ip function. Graylog2/graylog-plugin-pipeline-processor#253Graylog2/graylog2-server#5268

Graylog 2.4.7

Released: 2019-03-01

Core

• Mask password fields of inputs returned by the REST API. Graylog2/graylog2-server#5408Graylog2/graylog2-server#5734

Graylog 2.4.6

Released: 2018-07-16

Core

• Unbreak input throttling by publishing throttle state again. Graylog2/graylog2-server#4850Graylog2/graylog2-server#4321
• Check for permission before terminating input. Graylog2/graylog2-server#4867Graylog2/graylog2-server#4858
• Require user to be authenticated to retrieve plugin list. Graylog2/graylog2-server#4868Graylog2/graylog2-server#4863
• Add missing permission checks. Graylog2/graylog2-server#4873Graylog2/graylog2-server#4861Graylog2/graylog2-server#4859
• UI fixes for index rotation strategy dropdown. Graylog2/graylog2-server#4826Graylog2/graylog2-server#4769
• XSS fix for typeahead components. Graylog2/graylog2-server#4904
• Fix potential NullPointerException in csv and maxmind data adapters. Graylog2/graylog2-server#4912Graylog2/graylog2-server#4748
• Add “https_non_proxy_hosts” configuration option. Graylog2/graylog2-server#4915Graylog2/graylog2-server#4905Graylog2/graylog2-server#4392

Graylog 2.4.5

Released: 2018-05-28

Core

• Improve proxy authentication to support more proxy server software. Graylog2/graylog2-server#4788Graylog2/graylog2-server#4790
• Fix an issue where the Elasticsearch URL credentials have been written to the Graylog log file. Graylog2/graylog2-server#4804Graylog2/graylog2-server#4806
• Fix issue with deleting dashboard widgets. Graylog2/graylog2-server#4525Graylog2/graylog2-server#4808

Graylog 2.4.4

Released: 2018-05-02

Core

• Fix issues with loading example message for extractor. Graylog2/graylog2-server#4553Graylog2/graylog2-server#4559
• Allow : character in password. Graylog2/graylog2-server/#4557
• Fix lookup table cache entry count metric. Graylog2/graylog2-server#4558
• Simplify plugin development for lookup table plugins. Graylog2/graylog2-server#4586Graylog2/graylog2-server#4587
• Fix security issue with unescaped text in notification and dashboard names. Graylog2/graylog2-server#4727Graylog2/graylog2-server#4739
• Improve high-availability behavior with missing Elasticsearch nodes. Graylog2/graylog2-server#4738
• Fix issue with updating saved searches. Graylog2/graylog2-server#2285Graylog2/graylog2-server#4743
• Fix issue assigning stream outputs to the default stream. Graylog2/graylog2-server#4747Graylog2/graylog2-server#4754
• Improve rendering of input configuration forms. Graylog2/graylog2-server#4755Graylog2/graylog2-server#4745 by @Al2Klimov
• Add code to allow proxy authentication in https_proxy_uri config option. Graylog2/graylog2-server#4594Graylog2/graylog2-server#4758

ThreatIntel Plugin

• Fix issue with missing threat names in lookup results. Graylog2/graylog-plugin-threatintel#99 by @pbr0ck3r

AWS Plugin

• Support new AWS regions. Graylog2/graylog-plugin-aws#71Graylog2/graylog-plugin-aws#73Graylog2/graylog-plugin-aws#75

Graylog 2.4.3

Released: 2018-01-24

https://www.graylog.org/blog/108-announcing-graylog-v2-4-3

Core

• Fix timezone issue when using the timestamp field in quick values. Graylog2/graylog2-server#4519Graylog2/graylog2-server#4509

Graylog 2.4.2

Released: 2018-01-24

Core

• Fix issue with creating dashboards as non-admin user. Graylog2/graylog2-server#4505Graylog2/graylog2-server#4511
• Fix edge case in recent message loader for extractors. Graylog2/graylog2-server#4513Graylog2/graylog2-server#4510
• Fix formatting issue when using quick values on the timestamp field. Graylog2/graylog2-server#4423Graylog2/graylog2-server#4288
• Fix issue with handling the timestamp field in stacked quick value widgets. Graylog2/graylog2-server#4516Graylog2/graylog2-server#4509

Threatintel Plugin

• Fix README.md about tor_lookup() function. Graylog2/graylog2-server#86

Graylog 2.4.1

Released: 2018-01-19

https://www.graylog.org/blog/107-announcing-graylog-v2-4-1

Core

• Fix SyslogCodecTest.testCiscoSyslogMessages. Graylog2/graylog2-server#4446
• Fix privileges for input start/stop operations. Graylog2/graylog2-server#4454Graylog2/graylog2-server#4455Graylog2/graylog2-server#4439
• Fix problem with Elasticsearch indexing over https. Graylog2/graylog2-server#4485Graylog2/graylog2-server#4232
• Fix web plugin compatibility problem. Graylog2/graylog2-server#4496
• Fix problem that didn’t allow a reader user to edit their own profile. Graylog2/graylog2-server#4488Graylog2/graylog2-server#4494Graylog2/graylog2-server#4442Graylog2/graylog2-server#4420

Pipeline Processor Plugin

• Fix pipeline interpreter log message by handing change event. Graylog2/graylog-plugin-pipeline-processor#235Graylog2/graylog-plugin-pipeline-processor#241

AWS Plugin

• Fix problem updating the AWS configuration in the UI. Graylog2/graylog-plugin-aws#58Graylog2/graylog-plugin-aws#60
• Add missing proxy configuration option to UI. Graylog2/graylog-plugin-aws#59Graylog2/graylog-plugin-aws#61

Threatintel Plugin

• Fix otx_lookup_domain pipeline function. Graylog2/graylog-plugin-threatintel#83Graylog2/graylog2-server#4489

Graylog 2.4.0

Released: 2017-12-22

https://www.graylog.org/blog/106-announcing-graylog-v2-4-0

No changes since 2.4.0-rc.2.

Graylog 2.4.0-rc.2

Released: 2017-12-20

Core

• Fixed node-id validator problem by removing the validator for now. Graylog2/graylog2-server#4433

Graylog 2.4.0-rc.1

Released: 2017-12-19

https://www.graylog.org/blog/105-announcing-graylog-v2-4-0-rc-1

Core

• Fix problem with new node-id file check that got introduced in 2.4.0-beta.4. Graylog2/graylog2-server#4428 # 4427

Threatintel Plugin

• Improve Whois data adapter to always use the ARIN registry for now. Graylog2/graylog2-server#78 76
• Fix object comparison in Whois data adapter. Graylog2/graylog2-server#69

Graylog 2.4.0-beta.4

Released: 2017-12-15

Core

• Improve httpsJSONPath lookup table data adapter UI. Graylog2/graylog2-server#4406
• Add and use ExternalLink and ExternalLinkButton components. Graylog2/graylog2-server#4414
• Improve UI components when user lacks permissions. Graylog2/graylog2-server#4416Graylog2/graylog2-server#4407
• Fix output traffic graph on “System/Overview”. Graylog2/graylog2-server#4418Graylog2/graylog2-server#4395
• Improve query suggestions for field existence. Graylog2/graylog2-server#4422Graylog2/graylog2-server#4362
• Check node-id file permissions and improve error messages. Graylog2/graylog2-server#4417Graylog2/graylog2-server#4410

Pipeline Processor Plugin

• Fix problem with null values in the select_jsonpath function. Graylog2/graylog-plugin-pipeline-processor#233Graylog2/graylog-plugin-pipeline-processor#232

Threatintel Plugin

• Fix several issues with OTX and Whois data adapters. Graylog2/graylog-plugin-threatintel#75

Anonymous Usage-Stats Plugin

• The plugin got removed.

Graylog 2.4.0-beta.3

Released: 2017-12-04

Core

• Improve documentation for outputbuffer settings. Graylog2/graylog2-server#4331
• Improve QuickValues stacking. Graylog2/graylog2-server#4343
• Improve auth providers UI. Graylog2/graylog2-server#4347
• Add pluggable global notification area to page. Graylog2/graylog2-server#4353Graylog2/graylog2-server#4389Graylog2/graylog2-server#4393
• Fix changing the default index set from the UI. Graylog2/graylog2-server#4377
• Add global traffic counter to system overview page. Graylog2/graylog2-server#4357
• Remove anonymous usage-stats plugin. Graylog2/graylog2-server#4349

AWS Plugin

• Add “logGroup” and “logStream” attributes to flow log and raw log codecs. Graylog2/graylog-plugin-aws#55Graylog2/graylog-plugin-aws#54

CEF Plugin

• Upgrade to CEF parser 0.0.1.10. Graylog2/graylog-plugin-cef#23Graylog2/graylog-plugin-cef#24

Threatintel Plugin

• Fix lookup table used in tor_lookup() function. Graylog2/graylog-plugin-threatintel#71
• Fix lookup table used in spamhaus_lookup_ip() function. Graylog2/graylog-plugin-threatintel#73

Graylog 2.4.0-beta.2

Released: 2017-11-07

https://www.graylog.org/blog/104-announcing-graylog-v2-4-0-beta-2

Core

• Improve UI elements for field analyzers. Graylog2/graylog2-server#4280Graylog2/graylog2-server#4230
• Add upgrade notes for new plugins. Graylog2/graylog2-server#4187
• Fix query button in QuickValues widget. Graylog2/graylog2-server#4216Graylog2/graylog2-server#4278
• Improve QuickValues histogram data. Graylog2/graylog2-server#4312Graylog2/graylog2-server#4309
• Add loading indicator when reloading field chart data. Graylog2/graylog2-server#4319
• Add feedback on create widget modal. Graylog2/graylog2-server#4320Graylog2/graylog2-server#4318
• Improve robustness of QuickValues widget with stacked fields. Graylog2/graylog2-server#4322Graylog2/graylog2-server#4289Graylog2/graylog2-server#4287Graylog2/graylog2-server#4082

Graylog 2.4.0-beta.1

Released: 2017-10-20

https://www.graylog.org/blog/103-announcing-graylog-v2-4-0-beta-1

Core

• Ship NetFlow plugin by default. Graylog2/graylog2-server#4086
• Ship AWS plugin by default. Graylog2/graylog2-server#4085
• Ship Threat Intelligence plugin by default. Graylog2/graylog2-server#4084
• Ship CEF plugin by default. Graylog2/graylog2-server#4161
• Fix race condition in user session removal. Graylog2/graylog2-server#4041Graylog2/graylog2-server#3634Graylog2/graylog2-server#3948Graylog2/graylog2-server#3973
• Update web interface dependencies and fix deprecations. Graylog2/graylog2-server#4057Graylog2/graylog2-server#4059Graylog2/graylog2-server#4037Graylog2/graylog2-server#4192Graylog2/graylog2-server#4189
• Improve Elasticsearch query performance. Graylog2/graylog2-server#4056Graylog2/graylog2-server#4051
• Improve web UI performance by using React production mode. Graylog2/graylog2-server#4048
• Add possibility for server plugins to add database migrations. Graylog2/graylog2-server#4095
• Add support for custom headers in httpsJSONPath lookup table adapter. Graylog2/graylog2-server#4094
• Fix header size settings. Graylog2/graylog2-server#4128Graylog2/graylog2-server#4118
• Add /system/indices/index_sets/{id}/stats REST API endpoint to fetch stats for a single index set. Graylog2/graylog2-server#4129Graylog2/graylog2-server#4088
• Add DSV over data adapter for lookup tables. Graylog2/graylog2-server#4096
• Improve and update Elasticsearch testing infrastructure. Graylog2/graylog2-server#4125Graylog2/graylog2-server#4165
• Improve dashboard widget layout to show long widget titles. Graylog2/graylog2-server#4072@billmurrin
• Fix problem in GELF output by removing special handling of the facility. Graylog2/graylog2-server#4141Graylog2/graylog2-server#4140
• Expose LdapUserAuthenticator#syncLdapUser() method to allow usage from plugins. Graylog2/graylog2-server#4159@gaspardpetit
• Fix problem with getting Elasticsearch stats. Graylog2/graylog2-server#4127Graylog2/graylog2-server#4119
• Fix Elasticsearch document counting with lots of indices. Graylog2/graylog2-server#4147Graylog2/graylog2-server#4136
• Fix link placement in multi select UI elements. Graylog2/graylog2-server#3911
• Fix problems when searching in lots of indices. Graylog2/graylog2-server#4149Graylog2/graylog2-server#4054Graylog2/graylog2-server#4168
• Fix config issues with stacked charts. Graylog2/graylog2-server#4151Graylog2/graylog2-server#4150
• Improve eslint rules for UI development. Graylog2/graylog2-server#4173
• Update serveral server dependencies. Graylog2/graylog2-server#4134
• Add config option to disable analysis features (such a QuickValues) for certain message fields. Graylog2/graylog2-server#4175Graylog2/graylog2-server#3957
• Improve message separator handling for TCP based inputs. Graylog2/graylog2-server#4106Graylog2/graylog2-server#4105
• Improve CSV lookup table adapter to use the same field for key and value. Graylog2/graylog2-server#4181Graylog2/graylog2-server#4177
• Add possibility to create charts for non-numeric fields to show cardinality and total counts. Graylog2/graylog2-server#4182Graylog2/graylog2-server#4083
• Improve widget and grid positioning and styling. Graylog2/graylog2-server#4160Graylog2/graylog2-server#4209
• Improve UI testing environment. Graylog2/graylog2-server#4162
• Improve error logging on indexing failures. Graylog2/graylog2-server#4195Graylog2/graylog2-server#4166
• Improve styling for highlighting checkbox in the search sidebar. Graylog2/graylog2-server#4201
• Fix problem with lookup table content pack import. Graylog2/graylog2-server#4197Graylog2/graylog-plugin-threatintel#57
• Add configuration options to QuickValue widget. Graylog2/graylog2-server#4205Graylog2/graylog2-server#4082Graylog2/graylog2-server#4259Graylog2/graylog2-server#4258
• Improve styling and positioning for search page widget buttons. Graylog2/graylog2-server#4219
• Improve permission handling to allow regular users to create dashboards. Graylog2/graylog2-server#4155
• Add stats summary for all index sets to the “System/Indices” page. Graylog2/graylog2-server#4211Graylog2/graylog2-server#4204
• Improve table layout in lookup table UI for entries with long descriptions. Graylog2/graylog2-server#4239Graylog2/graylog2-server#4172
• Fix permission check which was hiding a menu item in the UI. Graylog2/graylog2-server#4237Graylog2/graylog2-server#4234
• Fix error with message histogram selection. Graylog2/graylog2-server#4243Graylog2/graylog2-server#4214
• Add histogram option to QuickValue widget to show values over time. Graylog2/graylog2-server#4244Graylog2/graylog2-server#4082
• Fix permission handling for editing/deleting roles. Graylog2/graylog2-server#4265
• Fix some smaller lookup table issues. Graylog2/graylog2-server#4266

Map Widget plugin

• Improve rendering and styling for map widget. Graylog2/graylog-plugin-map-widget#53Graylog2/graylog-plugin-map-widget#54
• Improve styling and positioning for search page widget buttons. Graylog2/graylog-plugin-map-widget#56

Pipeline Processor plugin

• Add various Base encoding functions. (e.g. Base16, Base32, Base64) Graylog2/graylog-plugin-pipeline-processor#190
• Fix sorting of pipeline rules. Graylog2/graylog-plugin-pipeline-processor#208
• Fix parse_json() function on invalid input. Graylog2/graylog-plugin-pipeline-processor#210Graylog2/graylog-plugin-pipeline-processor#209
• Fix NullPointerException when parsing invalid rules. Graylog2/graylog-plugin-pipeline-processor#212Graylog2/graylog-plugin-pipeline-processor#211
• Improve documentation for lookup table function. Graylog2/graylog-plugin-pipeline-processor#217@supahgreg
• Fix numeric conversions with to_double() and to_long(). Graylog2/graylog-plugin-pipeline-processor#219
• Improve rule function documentation in editor by sorting functions alphabetically by name. Graylog2/graylog-plugin-pipeline-processor#222
• Add remove_from_default option to route_to_stream() function. Graylog2/graylog-plugin-pipeline-processor#220
• Add remove_from_stream() function. Graylog2/graylog-plugin-pipeline-processor#220

Collector plugin

• Add exclude_files configuration option for filebeat collectors. Graylog2/graylog-plugin-collector#63@silenceper

AWS plugin

• Fix problem with parsing SNS notification messages. Graylog2/graylog-plugin-aws#47Graylog2/graylog-plugin-aws#44
• Add support for overriding the source field for all input types. Graylog2/graylog-plugin-aws#46
• Add support for cross account role based authentication. Graylog2/graylog-plugin-aws#49Graylog2/graylog-plugin-aws#48@radykal-com

CEF plugin

• Improve CEF parser and add proper testing infrastructure.
• Fix problems with Kafka and AMQP inputs.

NetFlow plugin

• Improved NetFlow v9 support. Graylog2/graylog-plugin-netflow#21

Threat Intelligence plugin

• Convert plugin to use the lookup table system. Graylog2/graylog-plugin-threatintel#48
• Fix problem with absent OTX API key in plugin configuration. Graylog2/graylog-plugin-threatintel#54Graylog2/graylog-plugin-threatintel#53
• Improve pipeline function parameter consistency. Graylog2/graylog-plugin-threatintel#58
• Improve lookup table based data adapters. Graylog2/graylog-plugin-threatintel#63Graylog2/graylog-plugin-threatintel#61Graylog2/graylog-plugin-threatintel#59Graylog2/graylog-plugin-threatintel#67

Graylog 2.3.2

Released: 2017-10-19

https://www.graylog.org/blog/102-announcing-graylog-v2-3-2

Core

• Fix permission handling for editing/deleting roles. Graylog2/graylog2-server#4270Graylog2/graylog2-server#4254
• Fix CSV export when using lots of Elasticsearch index shards. Graylog2/graylog2-server#4269Graylog2/graylog2-server#4190
• Fix infinite redirect loop when accessing non-permitted resources/entities. Graylog2/graylog2-server#4139Graylog2/graylog2-server#4117

Graylog 2.3.1

Released: 2017-08-25

https://www.graylog.org/blog/100-announcing-graylog-v2-3-1

Core

• Fix NullPointerException for field stats. Graylog2/graylog2-server#4026Graylog2/graylog2-server#4045Graylog2/graylog2-server#4046
• Make GELF parser less strict. Graylog2/graylog2-server#4055
• Fix search requests with selected fields by using source filtering. Graylog2/graylog2-server#4069Graylog2/graylog2-server#4077Graylog2/graylog2-server#4068
• Add missing index for session_id in “sessions” MongoDB collection. Graylog2/graylog2-server#4070Graylog2/graylog2-server#4076
• Fix search errors when lots of indices will be used. Graylog2/graylog2-server#4062Graylog2/graylog2-server#4078Graylog2/graylog2-server#4054
• Upgrade to Jest 2.4.7+jackson. Graylog2/graylog2-server#4107
• Fix search term highlighting. Graylog2/graylog2-server#4108Graylog2/graylog2-server#4101

Pipeline Processor Plugin

• Make locale parameter of parse_date() optional. Graylog2/graylog-plugin-pipeline-processor#202

Graylog 2.3.0

Released: 2017-07-26

https://www.graylog.org/blog/98-announcing-graylog-v2-3-0

Core

• Fix remote address field for GELF UDP inputs. Graylog2/graylog2-server#3982Graylog2/graylog2-server#3988Graylog2/graylog2-server#3980
• Improve error messages for rotation strategies. Graylog2/graylog2-server#3995Graylog2/graylog2-server#3990
• Fix legend for stacked charts. Graylog2/graylog2-server#4010Graylog2/graylog2-server#3996
• Fix size based index rotation strategy. Graylog2/graylog2-server#4011Graylog2/graylog2-server#4008Graylog2/graylog2-server#3997
• Implement retry handling for failed Elasticsearch requests. Graylog2/graylog2-server#4012Graylog2/graylog2-server#3993
• Fix NullPointerException in ExceptionUtils. Graylog2/graylog2-server#4014Graylog2/graylog2-server#4003
• Avoid noisy stack traces when Elasticsearch is not available. Graylog2/graylog2-server#3934Graylog2/graylog2-server#3861
• Do not run SetIndexReadOnlyAndCalculateRangeJob if index is closed. Graylog2/graylog2-server#3931Graylog2/graylog2-server#3909
• Fix issues when updating users and user roles. Graylog2/graylog2-server#3942Graylog2/graylog2-server#3918
• Improved IPv6 support. Graylog2/graylog2-server#3926Graylog2/graylog2-server#3870
• Fix login code to unbreak SSO plugin. Graylog2/graylog2-server#3973Graylog2/graylog2-server#3948
• Allow case-insensitive lookups for CSV lookup data adapter. Graylog2/graylog2-server#3971Graylog2/graylog2-server#3961
• Allow manual lookup table cache purge via UI and API. Graylog2/graylog2-server#3967Graylog2/graylog2-server#3962
• Mark Message class as not thread-safe. Graylog2/graylog2-server#3978Graylog2/graylog2-server#3876
• Fail fast and loud for invalid GELF messages. Graylog2/graylog2-server#3972Graylog2/graylog2-server#3970
• Add support for automatic Elasticsearch node discovery. Graylog2/graylog2-server#3805
• Fix DateHistogram-related functionality in Searches class. Graylog2/graylog2-server#3806
• Hide update spinner with auto-update interval <=5s. Graylog2/graylog2-server#3738Graylog2/graylog2-server#3723@billmurrin
• Small spelling/documentation fixes. Graylog2/graylog2-server#3817
• Fix pagination and offset/total hits in Searches. Graylog2/graylog2-server#3821Graylog2/graylog2-server#3813
• Add sort order to terms API call. Graylog2/graylog2-server#3829
• Don’t start stopped inputs after updating them. Graylog2/graylog2-server#3824Graylog2/graylog2-server#3479
• Allow specifying locale for Date converter. Graylog2/graylog2-server#3820
• Hide “Delete from stream” button if stream is undefined. Graylog2/graylog2-server#3822
• Don’t reload errorstates on pages that don’t need them. Graylog2/graylog2-server#3839Graylog2/graylog2-server#3834
• Emit StreamsChangedEvent and StreamDeletedEvent in BundleImporter. Graylog2/graylog2-server#3848Graylog2/graylog2-server#3842
• Add Lookup Table search result decorator. Graylog2/graylog2-server#3852Graylog2/graylog2-server#3844
• Check Elasticsearch version when creating index template. Graylog2/graylog2-server#3862
• Add admin user to list of receivers in EmailAlarmCallback. Graylog2/graylog2-server#3864Graylog2/graylog2-server#3859
• Fix parameters for count query in Searches#count(). Graylog2/graylog2-server#3865Graylog2/graylog2-server#3841
• Add search system for objects in MongoDB Graylog2/graylog2-server#3877
• Make Kafka config setting auto.offset.reset configurable for input. Graylog2/graylog2-server#3743Graylog2/graylog2-server#3894@r4um
• Use preemptive authentication for Elasticsearch if credentials are given. Graylog2/graylog2-server#3895Graylog2/graylog2-server#3907
• Add lookup adapter and cache config validation. Graylog2/graylog2-server#3836
• Unbreak elasticsearch duration config settings. Graylog2/graylog2-server#3899
• Fix lookup table UI state problem. Graylog2/graylog2-server#3898
• Enable search for lookup tables, data adapters and caches. Graylog2/graylog2-server#3878
• Make Elasticsearch version injectable. Graylog2/graylog2-server#3896
• Refactor lifecycle for lookup adapters and caches. Graylog2/graylog2-server#3873
• Introduce setting for enabling ES request compression. Graylog2/graylog2-server#3901
• Add content pack import/export for lookup tables, caches and adapters. Graylog2/graylog2-server#3892
• Upgrade to Jackson 2.8.9. Graylog2/graylog2-server#3908
• Fix and centralize lookup adapter/cache error handling. Graylog2/graylog2-server#3905
• Switch RoleResponse to java.util.Optional to fix serialization. Graylog2/graylog2-server#3915
• Add lookup table/cache/adapter permissions. Graylog2/graylog2-server#3914
• Collect and show metrics for lookup caches and adapters. Graylog2/graylog2-server#3917
• Remove obsolete “disableExpensiveUpdates” user preference. Graylog2/graylog2-server#3922
• Migrate to Jackson-based release of Jest 2.4.5. Graylog2/graylog2-server#3925
• Use aliases for reopened indices. Graylog2/graylog2-server#3897
• Add default values for lookup tables. Graylog2/graylog2-server#3921
• Add support for updating extractors in InputService. Graylog2/graylog2-server#3910
• Fix index set overview with closed indices. Graylog2/graylog2-server#3930
• Don’t check ES cluster health when flushing messages. Graylog2/graylog2-server#3927
• Retrying bulk indexing in case of all IOExceptions. Graylog2/graylog2-server#3929Graylog2/graylog2-server#3941
• Add support for automatic Elasticsearch node discovery. Graylog2/graylog2-server#3805
• Fix DateHistogram-related functionality in Searches class. Graylog2/graylog2-server#3806
• Hide update spinner with auto-update interval <=5s. Graylog2/graylog2-server#3738Graylog2/graylog2-server#3723@billmurrin
• Small spelling/documentation fixes. Graylog2/graylog2-server#3817
• Fix pagination and offset/total hits in Searches. Graylog2/graylog2-server#3821Graylog2/graylog2-server#3813
• Add timing metrics to GelfOutput. Graylog2/graylog2-server#3810Graylog2/graylog2-server#3716
• Add sort order to terms API call. Graylog2/graylog2-server#3829
• Don’t start stopped inputs after updating them. Graylog2/graylog2-server#3824Graylog2/graylog2-server#3479
• Allow specifying locale for Date converter. Graylog2/graylog2-server#3820
• Hide “Delete from stream” button if stream is undefined. Graylog2/graylog2-server#3822
• Don’t reload errorstates on pages that don’t need them. Graylog2/graylog2-server#3839Graylog2/graylog2-server#3834
• Emit StreamsChangedEvent and StreamDeletedEvent in BundleImporter. Graylog2/graylog2-server#3848Graylog2/graylog2-server#3842
• Add Lookup Table search result decorator. Graylog2/graylog2-server#3852Graylog2/graylog2-server#3844
• Check Elasticsearch version when creating index template. Graylog2/graylog2-server#3862
• Add admin user to list of receivers in EmailAlarmCallback. Graylog2/graylog2-server#3864Graylog2/graylog2-server#3859
• Fix parameters for count query in Searches#count(). Graylog2/graylog2-server#3865Graylog2/graylog2-server#3841
• Allow version ‘0’ for structured syslog messages. Graylog2/graylog2-server#3503
• Ignore Content-Type in httpsTransport. Graylog2/graylog2-server#3508Graylog2/graylog2-server#3477
• Ensure that index_prefix is lower case. Graylog2/graylog2-server#3509Graylog2/graylog2-server#3476
• Make map in MessageInput#asMap() mutable. Graylog2/graylog2-server#3521Graylog2/graylog2-server#3515
• Fix pagination for alert conditions. Graylog2/graylog2-server#3529Graylog2/graylog2-server#3528
• Wait until alert notification types are loaded. Graylog2/graylog2-server#3537Graylog2/graylog2-server#3534
• Upgrade development environment to Webpack v2. Graylog2/graylog2-server#3460
• Add an option to repeat alert notifications again. Graylog2/graylog2-server#3536Graylog2/graylog2-server#3511
• Fix accidentally changed exports of UsersStoreGraylog2/graylog2-server#3560Graylog2/graylog2-server#3556
• Properly escape username/roles in web interface. Graylog2/graylog2-server#3570Graylog2/graylog2-server#3569
• Improved dashboard grid system. Graylog2/graylog2-server#3575
• Add support for sorting by count to Search#terms(). Graylog2/graylog2-server#3540 (@billmurrin)
• Fix for copy query button. Graylog2/graylog2-server#3548 (@billmurrin)
• Fix issue with cloning streams. Graylog2/graylog2-server#3615Graylog2/graylog2-server#3608
• Prevent session extension when polling system messages. Graylog2/graylog2-server#3632Graylog2/graylog2-server#3628
• Prevent session extension when polling system jobs. Graylog2/graylog2-server#3625Graylog2/graylog2-server#3587
• Prevent NPE due to race between rotation and retention threads. Graylog2/graylog2-server#3637Graylog2/graylog2-server#3494
• Fix problem with message decorators and field selection. Graylog2/graylog2-server#3585Graylog2/graylog2-server#3584
• Fix issue with loading indicator on an empty search result page. Graylog2/graylog2-server#3652Graylog2/graylog2-server#3650
• Fix navigation in LDAP users UI. Graylog2/graylog2-server#3651Graylog2/graylog2-server#3485
• Ensure that plugin RPMs will be built for Linux. Graylog2/graylog2-server#3658Graylog2/graylog2-server#3657
• Fix reloading problem with content packs and GROK patterns. Graylog2/graylog2-server#3621Graylog2/graylog2-server#3610
• Add support for Cisco and FortiGate Syslog messages. Graylog2/graylog2-server#3599
• Fix permission problem for inputs API. Graylog2/graylog2-server#3681
• Restore removal of role permissions upon roles update. Graylog2/graylog2-server#3683
• Comply with grace condition when repeat alert notifications is enabled. Graylog2/graylog2-server#3676Graylog2/graylog2-server#3579
• Invalidate dashboards data after logout. Graylog2/graylog2-server#3700Graylog2/graylog2-server#3693
• Fix OptionalStringValidator and validations for extractors. Graylog2/graylog2-server#3633Graylog2/graylog2-server#3630
• Better time range for “Show Received Messages” button on inputs page. Graylog2/graylog2-server#3725
• Remove deprecated rotation/retention configuration resources. Graylog2/graylog2-server#3724
• Introduce lookup tables feature. Graylog2/graylog2-server#3748
• Creating dashboard from search page does now select the right ID Graylog2/graylog2-server#3786Graylog2/graylog2-server#3785
• Fix importing of dashboards from content packs Graylog2/graylog2-server#3766Graylog2/graylog2-server#3765

Beats Plugin

• Spelling fixes. Graylog2/graylog-plugin-beats#22@jsoref

Collector Plugin

• Increase “Show messages” time range.
• Allow collectors list to be filtered by tags. Graylog2/graylog-plugin-collector#52
• UI and UX improvements. Graylog2/graylog-plugin-collector#55
• Fix configuration setting usage for collector heartbeat interval. Graylog2/graylog-plugin-collector#58
• Prevent unwanted session extension. Graylog2/graylog-plugin-collector#49

Map Widget Plugin

• Adjust to lookup cache and adapter changes in server. Graylog2/graylog-plugin-map-widget#48Graylog2/graylog-plugin-map-widget#50
• Fix refresh handling in error conditions. Graylog2/graylog-plugin-map-widget#49
• Fix HMR as in Graylog/graylog2-server#3591 Graylog2/graylog-plugin-map-widget#51
• Update to a new GeoIP2 release.
• Add lookup tables data adapter for the GeoIP2 database. Graylog2/graylog-plugin-map-widget#40

Pipeline Processor Plugin

• Improve robustness of clone_message() pipeline function. Graylog2/graylog-plugin-pipeline-processor#192Graylog2/graylog2-server#3880
• Fix pipline condition handling of “match all”/”match either”. Graylog2/graylog-plugin-pipeline-processor#193Graylog2/graylog2-server#3924
• Fix serialization/deserialization of pipeline StageSource. Graylog2/graylog-plugin-pipeline-processor#195Graylog2/graylog-plugin-pipeline-processor#194
• Improve error handling with invalid expressions. Graylog2/graylog-plugin-pipeline-processor#196Graylog2/graylog-plugin-pipeline-processor#185
• Spelling fixes. Graylog2/graylog-plugin-pipeline-processor#181@jsoref
• Add support for custom locale in parse_date() function. Graylog2/graylog-plugin-pipeline-processor#184Graylog2/graylog-plugin-pipeline-processor#183
• Smaller UI and UX changes. Graylog2/graylog-plugin-pipeline-processor#186
• New function: debug() Graylog2/graylog-plugin-pipeline-processor#188
• Allow snake-case access to bean objects Graylog2/graylog-plugin-pipeline-processor#189
• Improve lookup functions. Graylog2/graylog-plugin-pipeline-processor#191
• Spelling fixes. Graylog2/graylog-plugin-pipeline-processor#181@jsoref
• Use uppercase timezone in TimezoneAwareFunction and fix default value. Graylog2/graylog2-server#169Graylog2/graylog2-server#168
• Add lookup and lookup_value pipeline functions for lookup table support. Graylog2/graylog2-server#177

Graylog 2.2.3

Released: 2017-04-04

https://www.graylog.org/blog/92-announcing-graylog-v2-2-3

Core

• Prevent unwanted session extension. Graylog2/graylog2-server#3583
• Properly escape username/roles in web interface. Graylog2/graylog2-server#3588
• Allow “-” in the path pattern for the index range rebuild endpoint. Graylog2/graylog2-server#3600
• Copy Query Button Fix. Graylog2/graylog2-server#3491
• Fixing slicing of alert notifications in pagination. Graylog2/graylog2-server#3619
• Fix cloning alert conditions with identical id when cloning stream. Graylog2/graylog2-server#3616
• Use UTC for embedded Date objects as well. Graylog2/graylog2-server#3626
• Prevent session extension for polling system messages. Graylog2/graylog2-server#3638
• Support replacing whitespace in nested keys for JSON extractor. Graylog2/graylog2-server#3623
• Prevent NPE due to race between rotation and retention threads. Graylog2/graylog2-server#3640
• Prevent session extension in SystemJobsStore. Graylog2/graylog2-server#3625
• Render loading indicator on no results page. Graylog2/graylog2-server#3667
• Using consistent collection of non displayable fields to filter against. Graylog2/graylog2-server#3668
• Ensure that plugin RPMs will be built for Linux. Graylog2/graylog2-server#3659
• Fix navigation in LDAP components. Graylog2/graylog2-server#3670
• Publish GrokPatternsChangedEvent when using content packs. Graylog2/graylog2-server#3621
• Add support for Cisco and FortiGate syslog messages. Graylog2/graylog2-server#3599
• Effectively change user permissions when listing inputs. Graylog2/graylog2-server#3682
• Restore removal of role permissions upon roles update. Graylog2/graylog2-server#3684
• Comply with grace condition when repeat alert notifications is enabled Graylog2/graylog2-server#3676

Pipeline Processor

• Use uppercase timezone in TimezoneAwareFunction and fix default value. Graylog2/graylog-plugin-pipeline-processor#169

Graylog 2.2.2

Released: 2017-03-03

https://www.graylog.org/blog/90-announcing-graylog-v2-2-2

Core

• Give an option to repeat alert notifications. Graylog2/graylog2-server#3511
• Wait until notification types are loaded. Graylog2/graylog2-server#3534
• Fixing slicing of alert conditions in pagination. Graylog2/graylog2-server#3528
• Fix command line help of the server jar. Graylog2/graylog2-server#3527

Graylog 2.2.1

Released: 2017-02-20

https://www.graylog.org/blog/89-announcing-graylog-v2-2-1

Core

• Allow version ‘0’ for structured syslog messages. Graylog2/graylog2-server#3502
• Ignore Content-Type in httpsTransport. Graylog2/graylog2-server#3477
• Ensure that index_prefix is lower case. Graylog2/graylog2-server#3476
• Add missing whitespace in SystemOutputsPage. Graylog2/graylog2-server#3505

Graylog 2.2.0

Released: 2017-02-14

https://www.graylog.org/blog/88-announcing-graylog-v2-2-0

Core

• Warn about pipeline stream routing Graylog2/graylog2-server#3472
• Add npm shrinkwrap for 2.2.0 Graylog2/graylog2-server#3468
• Use consistent case in old message count conditions Graylog2/graylog2-server#3454
• Fix stream filter view. Graylog2/graylog2-server#3390
• Use the default index set by default in stream create form. Graylog2/graylog2-server#3397
• Fix broken decorator with duplicate messages. Graylog2/graylog2-server#3400
• Updating index sets store when stream form is opened. Graylog2/graylog2-server#3410
• Only show extractor actions on string fields. Graylog2/graylog2-server#3404
• Use correct format when adding timestamp to search. Graylog2/graylog2-server#3412
• Properly escape strings sent to /messages/{index}/analyze. Graylog2/graylog2-server#3418
• Retain input and stream IDs in content packs. Graylog2/graylog2-server#3416
• Use “order”: -1 in default index template to allow override. Graylog2/graylog2-server#3422
• Improve base-line memory usage. Graylog2/graylog2-server#3425
• Use condition and notification placeholders. Graylog2/graylog2-server#3432
• Get field stats for indices only, which contain field. Graylog2/graylog2-server#3424
• Redirect to overview after editing index set configuration. Graylog2/graylog2-server#3438
• Send “stream” property when updating a decorator. Graylog2/graylog2-server#3439
• Adding simple cache for index sets in MongoIndexSetRegistry. Graylog2/graylog2-server#3440
• Restrict search in RecentMessageLoader to 1 hour. Graylog2/graylog2-server#3367
• Remove stray whitespace in MongoIndexSet. Graylog2/graylog2-server#3371
• Add more detail to index range system notification. Graylog2/graylog2-server#3372
• Suppress error notification when loading a potentially missing input. Graylog2/graylog2-server#3373
• Ensure resolved at is non-null on resolvedSecondsAgo. Graylog2/graylog2-server#3376
• Do not allow testing a message against the default stream. Graylog2/graylog2-server#3377
• Propagate shard failure in multi-index search to global search failure. Graylog2/graylog2-server#3379
• Add support for arrays to “contains” stream rule. Graylog2/graylog2-server#3380
• Automatically unsubscribe from DecoratorsStore in SearchPage. Graylog2/graylog2-server#3363
• Keep modified search bar params when opening modal. Graylog2/graylog2-server#3384
• Reset keyword content after changing range type. Graylog2/graylog2-server#3386
• Disable the “set as default” action for the default index set. Graylog2/graylog2-server#3385
• Unregistering component callbacks from Stream(Rules)Store. Graylog2/graylog2-server#3378
• Check for stream existence when displaying replay link. Graylog2/graylog2-server#3387
• Reuse Generator instance in DocumentationResource. Graylog2/graylog2-server#3293
• Fix: Refreshing saved searches store after deleting one. Graylog2/graylog2-server#3309
• Escape curly braces in Swagger resource URIs for challenged browsers. Graylog2/graylog2-server#3290
• Unbreak Firefox by requesting JSON when pinging the API Graylog2/graylog2-server#3312
• Escape search query when using surrounding search. Graylog2/graylog2-server#3314
• Close idle GELF connections after a timeout. Graylog2/graylog2-server#3315
• Ensure that index ranges are deleted when an index set is removed. Graylog2/graylog2-server#3310
• Ignore reopened indices for count-based retention strategies. Graylog2/graylog2-server#3321
• Ignore deprecated “default” field in IndexSetConfig. Graylog2/graylog2-server#3329
• Use last executed search data on auto-refresh. Graylog2/graylog2-server#3330
• Show stats for each index set on the index sets overview page. Graylog2/graylog2-server#3322
• Not fetching/checking unnecessary streams in AlertScannerThread. Graylog2/graylog2-server#3336
• Add more metrics for extractors. Graylog2/graylog2-server#3332
• Saved search improvements. Graylog2/graylog2-server#3338
• Warn when neither reader nor admin roles are selected for a user. Graylog2/graylog2-server#3337
• Prevent setting default index set readonly. Graylog2/graylog2-server#3339
• Add migration to fix parameter value types for alert conditions. Graylog2/graylog2-server#3340
• Fix unlock dashboard from link. Graylog2/graylog2-server#3344
• Allow re-configuration of shards and replicas in the UI. Graylog2/graylog2-server#3349
• Adapt grace period to latest changes in alerts. Graylog2/graylog2-server#3346
• Go back in history instead to users page when canceling user form. Graylog2/graylog2-server#3350
• Improve wrapping of entity title and description. Graylog2/graylog2-server#3351
• Keep stream filter after editing stream. Graylog2/graylog2-server#3352
• Guard against duplication key error from MongoDB. Graylog2/graylog2-server#3358
• Keep calling convention of SearchPage._refreshData consistent. Graylog2/graylog2-server#3357
• Creating MongoDB indices in services running conditional queries. Graylog2/graylog2-server#3345
• Fix NPE in MongoDbSessionDAO#doDelete(). Graylog2/graylog2-server#3227
• Support syslog messages with ISO-8601 timestamps. Graylog2/graylog2-server#3228
• Use local copies of Droid Sans font in Swagger UI. Graylog2/graylog2-server#3229
• Remove empty row if input description is empty. Graylog2/graylog2-server#3237
• Make “sender” optional in EmailAlarmCallback. Graylog2/graylog2-server#3224
• Fix URL for throbber image. Graylog2/graylog2-server#3242
• Remove special handling in SplitAndCountConverter. Graylog2/graylog2-server#3230
• Add missing AuditBindings to journal commands. Graylog2/graylog2-server#3226
• Don’t check private key/certificate if REST API and web interface on same port. Graylog2/graylog2-server#3231
• Add configuration settings for timeout and concurrency of OptimizeIndexJob. Graylog2/graylog2-server#3225
• Change way of exporting CSV search results. Graylog2/graylog2-server#3238
• Add space in processing limit notification. Graylog2/graylog2-server#3256
• Only recalculate index set ranges in index set maintenance menu. Graylog2/graylog2-server#3252
• Fix alert condition validations. Graylog2/graylog2-server#3257
• Validate alarm callbacks before saving them. Graylog2/graylog2-server#3262
• Only update index ranges for managed indices. Graylog2/graylog2-server#3259
• Resolve alerts from deleted alert conditions. Graylog2/graylog2-server#3265
• Alert UI changes. Graylog2/graylog2-server#3266
• Properly track stream throughput for the default stream. Graylog2/graylog2-server#3278
• Add support for OPTIONS request to httpsTransport. Graylog2/graylog2-server#3234
• Add list of stream IDs to Message#toElasticSearchObject(). Graylog2/graylog2-server#3277
• Fix document counts with an empty index set. Graylog2/graylog2-server#3291
• Handle ElasticsearchException in Counts class. Graylog2/graylog2-server#3288
• Move client-side split/import of Grok pattern files to server. Graylog2/graylog2-server#3284
• Showing index set in stream listing only if user is permitted to. Graylog2/graylog2-server#3300
• Fix reloading after notification changes. Graylog2/graylog2-server#3264
• Add “messages:analyze” permission to reader permission set. Graylog2/graylog2-server#3305
• Disable alarm notification controls if user is not permitted to edit. Graylog2/graylog2-server#3303
• Changing conditional to check for presence of index set definition. Graylog2/graylog2-server#3304
• Allow to get a thread dump as plain text. Graylog2/graylog2-server#3289
• Add missing authentication to ClusterResource and ClusterStatsResource. Graylog2/graylog2-server#3279
• Save anchor and last rotation in TimeBasedRotationStrategy depending on IndexSet. Graylog2/graylog2-server#3306
• Fix loading of plugins in development mode. Graylog2/graylog2-server#3185
• Add contains string tester. Graylog2/graylog2-server#3186
• Index set fixes. Graylog2/graylog2-server#3193
• Add synthetic JavaBean getters to AutoValue classes. Graylog2/graylog2-server#3188
• Improve IndexSetValidator. Graylog2/graylog2-server#3197
• Add custom Jackson (de-) serializer for ZonedDateTime and DateTime. Graylog2/graylog2-server#3198
• Improved alarm callback testing. Graylog2/graylog2-server#3196
• Fix DateTime serialization. Graylog2/graylog2-server#3202
• Fix labels on field graphs. Graylog2/graylog2-server#3204
• Alerts cleanup. Graylog2/graylog2-server#3205
• Index set UI fixes. Graylog2/graylog2-server#3203
• Fix quickvalues and field statistics refresh. Graylog2/graylog2-server#3206
• Allow fetching streams by index set ID. Graylog2/graylog2-server#3207
• UI improvements. Graylog2/graylog2-server#3213
• IndexSet default setting. Graylog2/graylog2-server#3209
• Alerts UI improvements. Graylog2/graylog2-server#3214
• Create DefaultIndexSetConfig when creating the default index set. Graylog2/graylog2-server#3215
• ClusterEventPeriodical must use MongoJackObjectMapper. Graylog2/graylog2-server#3217
• Fix V20161130141500_DefaultStreamRecalcIndexRanges. Graylog2/graylog2-server#3222
• Migration improvements. Graylog2/graylog2-server#3211

Beats plugin

• Add support for Metricbeat
• Extract “fields” for every type of beat

Pipeline processor plugin

• Allow duplicate stream titles in route_to_stream. Graylog2/graylog-plugin-pipeline-processor#154
• Do not use lambdas with gauge metrics. Graylog2/graylog-plugin-pipeline-processor#152
• Add clone_message() function. Graylog2/graylog-plugin-pipeline-processor#153
• Track total pipeline interpreter executionTime as a single metric. Graylog2/graylog-plugin-pipeline-processor#155

Collector sidecar plugin

• Fix: Reload on Beats configuration change.
• Update Beats to version 5.1.1
• Fix race conditions in start/stop/restart code for the exec runner Graylog2/collector-sidecar#123
• Add debug switch Graylog2/collector-sidecar#124
• Using Modern UI in a standard way (thanks to @nicozanf) Graylog2/collector-sidecar#125
• Extract etag cache into its own service. Graylog2/graylog-plugin-collector#43

Graylog 2.1.3

Released: 2017-01-26

https://www.graylog.org/blog/84-announcing-graylog-2-1-3

Core

• Use “order”: -1 in default index template to allow override. Graylog2/graylog2-server#3426
• Add missing authentication to ClusterResource and ClusterStatsResource. Graylog2/graylog2-server#3427
• Unbreak Firefox by requesting JSON when pinging the API. Graylog2/graylog2-server#3430
• Use custom Grizzly error page to prevent XSS. Graylog2/graylog2-server#3428

Beats plugin

• Add support for Metricbeat. Graylog2/graylog-plugin-beats#19
• Extract “fields” for every type of beat. Graylog2/graylog-plugin-beats#18

Graylog 2.1.2

Released: 2016-11-04

https://www.graylog.org/blog/75-announcing-graylog-v2-1-2

Core

• Improve logging in DecodingProcessor. Graylog2/graylog2-server#3025, Graylog2/graylog2-server#3034
• Support all ZLIB compression levels for GELF messages. Graylog2/graylog2-server#3022, Graylog2/graylog2-server#3036
• Implement “contains” stream rule. Graylog2/graylog2-server#3020, Graylog2/graylog2-server#3037
• Make ValidatorProvider a Singleton. Graylog2/graylog2-server#3019, Graylog2/graylog2-server#3038
• Fix NPE in MongoProbe if MongoDB doesn’t run with MMAPv1. Graylog2/graylog2-server#3018, Graylog2/graylog2-server#3039
• Fix NPE in Indices#numberOfMessages(String). Graylog2/graylog2-server#3016, Graylog2/graylog2-server#3041
• Only create new LdapConnectionConfig if LDAP is enabled. Graylog2/graylog2-server#3017, Graylog2/graylog2-server#3040
• Properly track replace-all flag and pass through to API. Graylog2/graylog2-server#3023, Graylog2/graylog2-server#3043
• Replace Jersey GZipEncoder with Grizzly’s GZipFilter. Graylog2/graylog2-server#3021, Graylog2/graylog2-server#3044
• Prevent n+1 query loading for Stream Rules. Graylog2/graylog2-server#3024, Graylog2/graylog2-server#3035. Thank you @bjoernhaeuser!
• Handle search execution errors. Graylog2/graylog2-server#3027, Graylog2/graylog2-server#3045
• Calculate cardinality on field graphs. Graylog2/graylog2-server#3028, Graylog2/graylog2-server#3046
• Update stats function in field graph description. Graylog2/graylog2-server#3029, Graylog2/graylog2-server#3047
• Use response status 500 if search failed but wasn’t syntax error. Graylog2/graylog2-server#3026, Graylog2/graylog2-server#3042
• Improved search indicators. Graylog2/graylog2-server#3031, Graylog2/graylog2-server#3050
• Fix field analyzers loading when search changes. Graylog2/graylog2-server#3030, Graylog2/graylog2-server#3049
• Close search query autocompletion on enter. Graylog2/graylog2-server#3032, Graylog2/graylog2-server#3051
• Refresh stream search when stream changes. Graylog2/graylog2-server#3033, Graylog2/graylog2-server#3052
• Update Joda-Time and moment-timezone. Graylog2/graylog2-server#3059, Graylog2/graylog2-server#3060
• Search button does not always trigger a new search. Graylog2/graylog2-server#3062, Graylog2/graylog2-server#3063

Beats plugin

• Fix frame decoding in case of lost connection. Graylog2/graylog-plugin-beats#14, Graylog2/graylog-plugin-beats#15, Graylog2/graylog-plugin-beats#17. Thank you @hc4!
• Support messages >1024 bytes in BeatsFrameDecoder. Graylog2/graylog-plugin-beats#10, Graylog2/graylog-plugin-beats#12

Pipeline processor plugin

• Don’t doubly negate the value of the expression. Graylog2/graylog-plugin-pipeline-processor#126, Graylog2/graylog-plugin-pipeline-processor#127

Graylog 2.1.1

Released: 2016-09-14

https://www.graylog.org/blog/69-announcing-graylog-v2-1-1

Core

• Proxied requests query other nodes in parallel. Graylog2/graylog2-server#2764, Graylog2/graylog2-server#2779
• Fix 404s on IE 11 using compatibility view. Graylog2/graylog2-server#2768, Graylog2/graylog2-server#2782
• Modify actions in search page triggering a page reload. Graylog2/graylog2-server#2488, Graylog2/graylog2-server#2798
• Do not display login form while loading. Graylog2/graylog2-server#2770, Graylog2/graylog2-server#2802
• Check in SearchPage if search is in progress, reuse promise then. Graylog2/graylog2-server#2799, Graylog2/graylog2-server#2803
• Use index and message_id as message identifier. Graylog2/graylog2-server#2801, Graylog2/graylog2-server#2804
• Fix: file handle leak in KeyUtil (SSL). Graylog2/graylog2-server#2808. Thank you @gbu-censhare!
• Use current search time configuration for CSV export. Graylog2/graylog2-server#2795, Graylog2/graylog2-server#2809
• Explicitly close okresponse body, avoiding leak connection warning. Graylog2/graylog2-server#2811. Thank you @chainkite!
• Properly close OkResponse objects to avoid resource leaks. Graylog2/graylog2-server#2812
• Remove ldap settings check from authenticators. Graylog2/graylog2-server#2817, Graylog2/graylog2-server#2820

Map plugin

• Ignore internal message fields (starting with “gl2_”). Graylog2/graylog-plugin-map-widget#17

Pipeline processor plugin

• Display boolean values in pipeline simulator. Graylog2/graylog-plugin-pipeline-processor#54, Graylog2/graylog-plugin-pipeline-processor#99
• Use case insensitive lookup for timezone IDs. Graylog2/graylog-plugin-pipeline-processor#100, Graylog2/graylog-plugin-pipeline-processor#102

Graylog 2.1.0

Released: 2016-09-01

https://www.graylog.org/blog/68-announcing-graylog-v-2-1-0-ga

Core

• Refactoring of audit events. Graylog2/graylog2-server#2687
• Add a prop to display/hide the page selector. Graylog2/graylog2-server#2711
• Ensure that rest_transport_uri can override the URI scheme of rest_listen_uri. Graylog2/graylog2-server#2680, Graylog2/graylog2-server#2704
• Handle indexer cluster down in web interface. Graylog2/graylog2-server#2623, Graylog2/graylog2-server#2713
• Prevent NPE and verbose logging if converter returns null. Graylog2/graylog2-server#2717, Graylog2/graylog2-server#2729
• Let widget replay search button open in a new tab or window. Graylog2/graylog2-server#2725, Graylog2/graylog2-server#2726
• Return "id" instead of "_id" for message decorators. Graylog2/graylog2-server#2734, Graylog2/graylog2-server#2735
• Make id field consistent for alarm callback histories. Graylog2/graylog2-server#2737
• Audit event changes. Graylog2/graylog2-server#2718
• Let specific stores reuse promises if request is in progress. Graylog2/graylog2-server#2625, Graylog2/graylog2-server#2712
• Disable editing controls for decorator if user lacks permissions. Graylog2/graylog2-server#2730, Graylog2/graylog2-server#2736
• Styling of decorator list. Graylog2/graylog2-server#2743, Graylog2/graylog2-server#2744
• Do not load plugins for journal commands. Graylog2/graylog2-server#2667
• Use proper other count for pie chart slices. Graylog2/graylog2-server#2639, Graylog2/graylog2-server#2671
• Removing unused prop type in StreamRuleList component. Graylog2/graylog2-server#2673
• Add a generic search form component. Graylog2/graylog2-server#2678
• Decorator improvements. Graylog2/graylog2-server#2519, Graylog2/graylog2-server#2666, Graylog2/graylog2-server#2674
• Only show notification link when there are notifications. Graylog2/graylog2-server#2677
• Enable gzip per default for REST API listener. Graylog2/graylog2-server#2670, Graylog2/graylog2-server#2672
• Improvements in raw message loader. Graylog2/graylog2-server#2684
• Allow users of MessageFields to disable field actions. Graylog2/graylog2-server#2685
• Generating a relative redirect URL for web interface in root resource. Graylog2/graylog2-server#2593, Graylog2/graylog2-server#2675
• Add help text for session’s client address. Graylog2/graylog2-server#2656, Graylog2/graylog2-server#2692
• Fix content pack extractor validation. Graylog2/graylog2-server#2663, Graylog2/graylog2-server#2697
• Reset users’ startpages if referenced stream/dashboard is deleted. Graylog2/graylog2-server#2400, Graylog2/graylog2-server#2695, Graylog2/graylog2-server#2702
• Fix token creation via API browser. Graylog2/graylog2-server#2668, Graylog2/graylog2-server#2698
• Allow surrounding search to be opened in new tab. Graylog2/graylog2-server#2531, Graylog2/graylog2-server#2699
• Reformatting component, adding error handler for fetching dashboard. Graylog2/graylog2-server#2576, Graylog2/graylog2-server#2703
• Add format string message decorator. Graylog2/graylog2-server#2660
• Reloading CurrentUserStore when updated user is the current user. Graylog2/graylog2-server#2705, Graylog2/graylog2-server#2706
• General UI improvements Graylog2/graylog2-server#2700
• Add Syslog severity mapper decorator. Graylog2/graylog2-server#2590
• Improvements in message decorators. Graylog2/graylog2-server#2592, Graylog2/graylog2-server#2591, Graylog2/graylog2-server#2598, Graylog2/graylog2-server#2654
• Revert “Move link to API Browser into System menu”. Graylog2/graylog2-server#2586, Graylog2/graylog2-server#2587
• Print - instead of null when client did not provide user agent header. Graylog2/graylog2-server#2601. Thank you @mikkolehtisalo!
• Change logging in normalizeDn() to debug to avoid noisy warnings. Graylog2/graylog2-server#2599
• Ensure that {rest,web}_{listen,transport,endpoint}_uri settings are absolute URIs. Graylog2/graylog2-server#2589, Graylog2/graylog2-server#2596, Graylog2/graylog2-server#2600
• Use and default ports for network settings. Graylog2/graylog2-server#2595, Graylog2/graylog2-server#2605
• Dashboard improvements. Graylog2/graylog2-server#2084, Graylog2/graylog2-server#2281, Graylog2/graylog2-server#2626
• Ensure that password_secret is at least 16 characters long. Graylog2/graylog2-server#2619, Graylog2/graylog2-server#2622
• Reduce production .js files sizes by 51%. Graylog2/graylog2-server#2617
• Allow web_endpoint_uri to be a relative URI. Graylog2/graylog2-server#2600, Graylog2/graylog2-server#2614
• Use default session attribute for principal. Graylog2/graylog2-server#2620, Graylog2/graylog2-server#2621
• Compile regex pattern for MetricFilter only once. Graylog2/graylog2-server#2637. Thank you again @mikkolehtisalo!
• Fix NPE in Indices#checkForReopened(IndexMetaData). Graylog2/graylog2-server#2628, Graylog2/graylog2-server#2635
• Mark message offset as committed in case of a decoding error. Graylog2/graylog2-server#2627, Graylog2/graylog2-server#2643
• Fix cloning streams and editing legacy stream rules. Graylog2/graylog2-server#2244, Graylog2/graylog2-server#2346, Graylog2/graylog2-server#2646
• Add back storing of index failures in MongoDB. Graylog2/graylog2-server#2633, Graylog2/graylog2-server#2644
• Enable running Graylog REST API on different context path. Graylog2/graylog2-server#2603, Graylog2/graylog2-server#2397, Graylog2/graylog2-server#2634
• Add support for ECDSA private keys to KeyUtil. Graylog2/graylog2-server#2454, Graylog2/graylog2-server#2641
• Check for conflict of rest_listen_uri and web_listen_uri. Graylog2/graylog2-server#2634, Graylog2/graylog2-server#2652
• Remove uppercase example decorator before 2.1 final. Graylog2/graylog2-server#2588, Graylog2/graylog-plugin-pipeline-processor#73
• Make sure to include charset in getBytes and other relevant code sections. Graylog2/graylog2-server#2567, Graylog2/graylog2-server#2574
• Landing page greets with 2.0 in 2.1. Graylog2/graylog2-server#2579
• Run WebAppNotFoundResponseFilter later and for GET requests only. Graylog2/graylog2-server#2657, Graylog2/graylog2-server#2664
• Update dependencies. Graylog2/graylog2-server#2543, Graylog2/graylog2-server#2565
• Allowing to run REST API and web interface on same port. Graylog2/graylog2-server#2515
• Changing default to make REST API and web if to listen on same host/port. Graylog2/graylog2-server#2446, Graylog2/graylog2-server#2525
• Change plugin REST resource injection to use Class instances. Graylog2/graylog2-server#2492
• Validate that Elasticsearch home/data paths are readable. Graylog2/graylog2-server#2536, Graylog2/graylog2-server#2538
• Fix Version#fromClasspathProperties() when loading from JAR plugin. Graylog2/graylog2-server#2535
• Decorator UI Fixes. Graylog2/graylog2-server#2539
• Fix timing issue in MessageCountAlertCondition. Graylog2/graylog2-server#1704, Graylog2/graylog2-server#2382, Graylog2/graylog2-server#2546
• For httpsHeadersToken pass actual remote address. Graylog2/graylog2-server#2556
• Do not blindly override permission set of ldap users. Graylog2/graylog2-server#2516, Graylog2/graylog2-server#2529
• Display original date time of index ranges on hover. Graylog2/graylog2-server#2549, Graylog2/graylog2-server#2552
• Make it possible for plugins to request a shared class loader. Graylog2/graylog2-server#2436, Graylog2/graylog2-server#2508
• Fix REST API browser after changes to the PluginRestResource injection. Graylog2/graylog2-server#2550
• Make version comparison more lenient with pre-release versions. Graylog2/graylog2-server#2462, Graylog2/graylog2-server#2548
• Always trim message field values on Message class. Graylog2/graylog2-server#1936, Graylog2/graylog2-server#2510
• Fix search results console warnings. Graylog2/graylog2-server#2527
• Fix bulk import of Grok patterns. Graylog2/graylog2-server#2229, Graylog2/graylog2-server#2561
• Add helper method to add AuditLogAppenders. Graylog2/graylog2-server#2562
• Add explanation about the configuration file format. Graylog2/graylog2-server#2563
• Display session information, fix usability in user list, editing users. Graylog2/graylog2-server#2526, Graylog2/graylog2-server#2528, Graylog2/graylog2-server#2540, Graylog2/graylog2-server#2541
• Fix issues with app prefix. Graylog2/graylog2-server#2564, Graylog2/graylog2-server#2583
• Fix extractor and static fields creation in multi-node setups. Graylog2/graylog2-server#2580, Graylog2/graylog2-server#2584
• Authentication improvements. Graylog2/graylog2-server#2572, Graylog2/graylog2-server#2573
• Move Error Prone into default build profile. Graylog2/graylog2-server#2575
• Journal info command does not work. Graylog2/graylog2-server#2493 and Graylog2/graylog2-server#2495
• Search result highlighting color similar to white. Graylog2/graylog2-server#2480
• Cannot POST on Regex Tester (error 500). Graylog2/graylog2-server#2471 and Graylog2/graylog2-server#2472
• Middle-clicking to open new tab not working for some System menu items. Graylog2/graylog2-server#2468
• Json extractor should check for valid lucene keys. Graylog2/graylog2-server#2434 and Graylog2/graylog2-server#2481
• Elasticsearch Red cluster state triggered by index rotation under some conditions. Graylog2/graylog2-server#2371, Graylog2/graylog2-server#2429 and Graylog2/graylog2-server#2477
• Report syntax error when search query contains unescaped slash. Graylog2/graylog2-server#2372 and Graylog2/graylog2-server#2450
• Allowing path prefixes in web_listen_uri so web interface is accessible via path != “/”. Graylog2/graylog2-server#2271 and Graylog2/graylog2-server#2440
• LDAP group mapping: stringwise comparison fails due to different DN formats. Graylog2/graylog2-server#1790 and Graylog2/graylog2-server#2484
• Json extractor prefix. Graylog2/graylog2-server#1646 and Graylog2/graylog2-server#2481
• LDAP users are shown a change password form. Graylog2/graylog2-server#2124, Graylog2/graylog2-server#2327 and Graylog2/graylog2-server#2485
• Switch message filters from polling to subscribing to change events. Graylog2/graylog2-server#2391 and Graylog2/graylog2-server#2496
• Make auth providers fully pluggable. Graylog2/graylog2-server#2232, Graylog2/graylog2-server#2367 and Graylog2/graylog2-server#2522
• Grok extractor: Allow returning only named captures. Graylog2/graylog2-server#1486 and Graylog2/graylog2-server#2500
• Attempt reading DSA key if RSA failed. Graylog2/graylog2-server#2503. Special thanks to @mikkolehtisalo!
• Fix session validation propagation. Graylog2/graylog2-server#2498
• A wrapper to protect from decompression bombs. Graylog2/graylog2-server#2339. Thank you again, @mikkolehtisalo!
• Make exceptions more useful by providing messages and context. Graylog2/graylog2-server#2478
• Decorate search results. Graylog2/graylog2-server#2408, Graylog2/graylog2-server#2482, Graylog2/graylog2-server#2499, Graylog2/graylog-plugin-pipeline-processor#41, Graylog2/graylog-plugin-pipeline-processor#43 and Graylog2/graylog-plugin-pipeline-processor#52
• Introduce CombinedProvider to sync actions and stores initialization. Graylog2/graylog2-server#2523
• Actually use the bluebird promise in FetchProvider. Graylog2/graylog2-server#2762
• Audit event cleanup. Graylog2/graylog2-server#2746
• Update documentation links. Graylog2/graylog2-server#2759
• Allow child elements in the search form. Graylog2/graylog2-server#2756
• Make key_prefix configuration optional. Graylog2/graylog2-server#2755, Graylog2/graylog2-server#2757
• Invalidating widget result cache cluster wide when a widget changes. Graylog2/graylog2-server#2732, Graylog2/graylog2-server#2745
• Correct documentation links in ‘misc/graylog.conf’. Graylog2/graylog2-server#2747. Thank you @supahgreg!
• Throttle LB status if journal utilization is too high. Graylog2/graylog2-server#1100, Graylog2/graylog2-server#1952 and Graylog2/graylog2-server#2312. Thank you @mikkolehtisalo!
• TLS ciphers for inputs should probably be configurable. Graylog2/graylog2-server#2051.
• SelfSignedCertificate should migrate from sun.security.*. Graylog2/graylog2-server#2132 and Graylog2/graylog2-server#2316. Thank you @mikkolehtisalo!
• Fix formatting metric names including more than one namespace prefix. Graylog2/graylog2-server#2254 and Graylog2/graylog2-server#2425.
• Waiting for index range calculation before switching deflector alias. Graylog2/graylog2-server#2264 and Graylog2/graylog2-server#2278.
• Specify application.context. Graylog2/graylog2-server#2271 and Graylog2/graylog2-server#2440.
• Add handler for / in the Graylog REST API. Graylog2/graylog2-server#2376 and Graylog2/graylog2-server#2377.
• User preferred timezone not saved. Graylog2/graylog2-server#2393 and Graylog2/graylog2-server#2395.
• Unable to delete closed index. Graylog2/graylog2-server#2419 and Graylog2/graylog2-server#2437.
• Absolute search results in widget using wrong time. Graylog2/graylog2-server#2428 and Graylog2/graylog2-server#2452.
• Upgrade to Kafka 0.9.0.1. Graylog2/graylog2-server#1912.
• RestAccessLogFilter to use X-Forwarded-For set by trusted proxies. Graylog2/graylog2-server#1981. Thank you @mikkolehtisalo!
• Upgrade to Drools 6.4.0.Final. Graylog2/graylog2-server#2106.
• Stream Rule Titles. Graylog2/graylog2-server#2244.
• Improve search with no results page. Graylog2/graylog2-server#2253.
• Refactor Version class to use com.github.zafarkhaja.semver.Version. Graylog2/graylog2-server#2275.
• Alert condition titles. Graylog2/graylog2-server#2282.
• Upgrade to Jackson 2.7.4. Graylog2/graylog2-server#2304.
• Support changes for pipeline processor simulator. Graylog2/graylog2-server#2320.
• Add dependency on jna to fix chatty Elasticseach log message. Graylog2/graylog2-server#2342.
• Interfaces and simple implementations of an audit log. Graylog2/graylog2-server#2344.
• Do not init available alarm callback types, fetch them explicitly. Graylog2/graylog2-server#2353.
• Move custom analyzer into index template. Graylog2/graylog2-server#2354.
• Remove automatic private key/certificate generation. Graylog2/graylog2-server#2355.
• Improved feedback. Graylog2/graylog2-server#2357.
• Longer retention interval for journal tests. Graylog2/graylog2-server#2388.
• Remove elasticsearch_discovery_zen_ping_multicast_enabled setting. Graylog2/graylog2-server#2394.
• Fix unrequested refresh of configuration forms/Reset configuration forms on cancel. Graylog2/graylog2-server#2399.
• Web If: Updating a few dependencies which are safe to update. Graylog2/graylog2-server#2407.
• Added Information for journal partitions. Graylog2/graylog2-server#2412.
• Fix memory problems with webpack-dev-server in development mode. Graylog2/graylog2-server#2433.
• Remove _ttl in index mapping. Graylog2/graylog2-server#2435.
• Add raw message loader. Graylog2/graylog2-server#2438.
• Extracting our customized ESLint config into separate module. Graylog2/graylog2-server#2441.
• Remove deprecated MongoDB metrics reporter. Graylog2/graylog2-server#2443.
• Allow access to MongoDatabase in MongoConnection. Graylog2/graylog2-server#2444.
• Add some useful FindBugs plugins. Graylog2/graylog2-server#2447.
• Proxies deflector cycle call to make it available on every node. Graylog2/graylog2-server#2448.

Collector sidecar plugin

• Return updated configuration after changing configuration name
• Prevent crashes when failed to propagate state to the server
• Improve compatibility with old API
• Display collector IP address. Graylog2/graylog-plugin-collector#9
• Ability to clone collector configuration. Graylog2/graylog-plugin-collector#10
• NXLog GELF/TLS input should work without cert files. Graylog2/graylog-plugin-collector#13
• Add tail_files option
• Expand verbatim text area if value is present
• Validation improvements
• Add buffer option to NXLog outputs
• Make defaults compatible with Windows hosts
• Add support for Beats. Filebeat, Winlogbeat.
• Beats binaries are bundled with the Collector-Sidecar package
• Improve server side validation. Graylog2/graylog2-server#2247 and Graylog2/graylog-plugin-collector#7.
• Add NXlog GELF TCP and TCP/TLS output
• Add support to clone input, outputs and snippets
• Optionally display collector status information in web interface
• Optionally display log directory listing on status page
• If no node-id is given use the hostname as identification
• Linux distribution is detected and can be used in Snippet template
• Silent install on Windows works now
• Collector log files are now auto-rotated
• Collector processes are supervised and restarted on crashes
• NXlog Inputs and Outputs support free text configuration
• Fix web plugin loading on IE 11

Pipeline processor plugin

• Add parse error handler for precompute args failures. Graylog2/graylog-plugin-pipeline-processor#84, Graylog2/graylog-plugin-pipeline-processor#93
• Add support for DateTime comparison. Graylog2/graylog-plugin-pipeline-processor#86, Graylog2/graylog-plugin-pipeline-processor#92
• Make some small UI changes around RuleHelper. Graylog2/graylog-plugin-pipeline-processor#90
• Use shared classloader so other plugins can contribute functions. Graylog2/graylog-plugin-pipeline-processor#81, Graylog2/graylog-plugin-pipeline-processor#94
• UI improvements. Graylog2/graylog2-server#2683, Graylog2/graylog-plugin-pipeline-processor#83
• Unregister PipelineInterpreter from event bus. Graylog2/graylog-plugin-pipeline-processor#79
• Use find in the regex function. Graylog2/graylog-plugin-pipeline-processor#35, Graylog2/graylog-plugin-pipeline-processor#88
• Dynamic function list. Graylog2/graylog-plugin-pipeline-processor#89
• Unresolved functions not properly handled. Graylog2/graylog-plugin-pipeline-processor#24, Graylog2/graylog-plugin-pipeline-processor#25
• Unwrap JsonNode values. Graylog2/graylog-plugin-pipeline-processor#68, Graylog2/graylog-plugin-pipeline-processor#72
• Add optional prefix/suffix to set_fields functions. Graylog2/graylog-plugin-pipeline-processor#74, Graylog2/graylog-plugin-pipeline-processor#75
• Add key-value parsing function. Graylog2/graylog-plugin-pipeline-processor#38, Graylog2/graylog-plugin-pipeline-processor#77
• Allow selection of an input ID for the simulation message. Graylog2/graylog2-server#2610, Graylog2/graylog2-server#2650, Graylog2/graylog-plugin-pipeline-processor#78
• Support “only named captures” for pipeline grok function. Graylog2/graylog-plugin-pipeline-processor#59, Graylog2/graylog-plugin-pipeline-processor#65, Graylog2/graylog2-server#2566, Graylog2/graylog2-server#2577
• Make conversion functions more consistent. Graylog2/graylog2-server#63, Graylog2/graylog2-server#64
• Unescape string literals before using them. Graylog2/graylog-plugin-pipeline-processor#47
• Add rename_field function. Graylog2/graylog-plugin-pipeline-processor#50
• Allow null matcher group values in regex function. Graylog2/graylog-plugin-pipeline-processor#49
• Fix 500 error during simulation. Graylog2/graylog-plugin-pipeline-processor#51
• IpAddressConversion caught wrong exception. Graylog2/graylog-plugin-pipeline-processor#32
• Add syslog-related functions. Graylog2/graylog-plugin-pipeline-processor#19.
• Add concat() function. Graylog2/graylog-plugin-pipeline-processor#20.
• NPE during preProcessArgs using Grok pattern. Graylog2/graylog-plugin-pipeline-processor#24 and Graylog2/graylog-plugin-pipeline-processor#26.
• Streams without connections stay visible. Graylog2/graylog2-server#2322.
• Add pipeline simulator. Graylog2/graylog-plugin-pipeline-processor#34, Graylog2/graylog-plugin-pipeline-processor#36 and Graylog2/graylog-plugin-pipeline-processor#42.
• Fix page size in function list. Graylog2/graylog-plugin-pipeline-processor#97

Graylog 2.0.3

Released: 2016-06-20

https://www.graylog.org/blog/58-graylog-v2-0-3-released

Improvements

• Make Message#getStreamIds() more reliable. Graylog2/graylog2-server#2378
• Disabling a configured proxy for requests to localhost/127.0.0.1/::1. Graylog2/graylog2-server#2305

Bug fixes

• Update search query on auto refresh Graylog2/graylog2-server#2385Graylog2/graylog2-server#2379
• Fix permission checks for non admin users Graylog2/graylog2-server#2366Graylog2/graylog2-server#2358
• Fix display of total count of indices. Graylog2/graylog2-server#2365Graylog2/graylog2-server#2359
• Fix base URI for API documentation Graylog2/graylog2-server#2362Graylog2/graylog2-server#2360
• Fix link to API Browser on Node pages Graylog2/graylog2-server#2361Graylog2/graylog2-server#2360
• Calculate keyword from and to values on the fly Graylog2/graylog2-server#2335Graylog2/graylog2-server#2301
• Make MemoryAppender thread-safe Graylog2/graylog2-server#2307Graylog2/graylog2-server#2302
• Use right metrics to display buffer usage Graylog2/graylog2-server#2300Graylog2/graylog2-server#2299
• Check if props actually contain configuration fields before copying them Graylog2/graylog2-server#2298Graylog2/graylog2-server#2297

Graylog 2.0.2

Released: 2016-05-27

https://www.graylog.org/blog/57-graylog-v2-0-2-released

Improvements

• Improved user form. Graylog2/graylog2-server#2261
• Improved logging of plugin list on server startup. Graylog2/graylog2-server#2290
• Forbid empty passwords when using LDAP. Graylog2/graylog2-server#2214Graylog2/graylog2-server#2283
• Improved metrics page. Graylog2/graylog2-server#2250Graylog2/graylog2-server#2255
• Improved search histogram resolution auto selection. Graylog2/graylog2-server#2148Graylog2/graylog2-server#2289
• Improved cluster overview page. Graylog2/graylog2-server#2291

Bug Fixes

• Fixed concurrency issue with Drools. Graylog2/graylog2-server#2119Graylog2/graylog2-server#2188Graylog2/graylog2-server#2231
• Fixed problems with Internet Explorer. Graylog2/graylog2-server#2246
• Fixed issues with old dashboards. Graylog2/graylog2-server#2262Graylog2/graylog2-server#2163
• Fixed changing log levels via REST API. Graylog2/graylog2-server#1904Graylog2/graylog2-server#2277
• Fixed plugin inter-dependencies by using one class loader for all plugins. Graylog2/graylog2-server#2280

Plugin: Pipeline Processor

• Add syslog related rule functions. Graylog2/graylog-plugin-pipeline-processor#19
• Add concat rule functions. Graylog2/graylog-plugin-pipeline-processor#20
• Fixed problem with IP address function. Graylog2/graylog-plugin-pipeline-processor#28Graylog2/graylog-plugin-pipeline-processor#32
• Properly unescape strings in raw literals. Graylog2/graylog-plugin-pipeline-processor#30Graylog2/graylog-plugin-pipeline-processor#31

Graylog 2.0.1

Released: 2016-05-11

https://www.graylog.org/blog/56-graylog-v2-0-1-released

Improvements

• Improved session handling. Graylog2/graylog2-server#2157
• Included UPGRADING file in the build artifact. Graylog2/graylog2-server#2170
• Added rotation/retention settings back to the config file. Graylog2/graylog2-server#2181
• Improved proxy setup configuration settings. Graylog2/graylog2-server#2156
• Forbid wildcard host in rest_transport_uri. Graylog2/graylog2-server#2205
• Improved robustness for unreachable nodes. Graylog2/graylog2-server#2206
• Use a more lightweight API to get all index names and aliases. Graylog2/graylog2-server#2194Graylog2/graylog2-server#2210

Bug Fixes

• Fixed some documentation links.
• Fixed inverted stream rules. Graylog2/graylog2-server#2160Graylog2/graylog2-server#2172
• Fixed swallowed LDAP authentication exception. Graylog2/graylog2-server#2176Graylog2/graylog2-server#2178
• Fixed insecure handling of PID files. Thanks @juergenhoetzel! Graylog2/graylog2-server#2174
• Fixed alert conditions that have been created in Graylog 1.x. Graylog2/graylog2-server#2169Graylog2/graylog2-server#2182
• Fixed setting of application context. Graylog2/graylog2-server#2191Graylog2/graylog2-server#2208
• Fixed setting of custom Elasticsearch analyzer. Graylog2/graylog2-server#2209
• Fixed masking of password config values in the web interface. Graylog2/graylog2-server#2198Graylog2/graylog2-server#2203
• Fixed URL handling. Graylog2/graylog2-server#2200Graylog2/graylog2-server#2213

Plugin: Collector

• Rotate nxlog logfiles once a day by default.
• Add GELF TCP output for nxlog.

Graylog 2.0.0

Released: 2016-04-27

https://www.graylog.org/blog/55-announcing-graylog-v2-0-ga

Note

Please make sure to read the Upgrade Guide before upgrading to Graylog 2.0. There are breaking changes!

Note

Please make sure to read the Upgrade Guide before upgrading to Graylog 2.0. There are breaking changes!

Feature Highlights

See the release announcement for details on the new features.

• Web interface no longer a separate process
• Support for Elasticsearch 2.x
• Live tail support
• Message Processing Pipeline
• Map Widget Plugin
• Collector Sidecar
• Streams filter UI
• Search for surrounding messages
• Query range limit
• Configurable query time ranges
• Archiving (commercial feature)

Bug Fixes

There have been lots of bug fixes since the 1.3 releases. We only list the ones that we worked on since the 2.0 alpha phase.

• Fixed issues with search page pagination and number of returned results: Graylog2/graylog2-server#1759, Graylog2/graylog2-server#1775, and Graylog2/graylog2-server#1802
• Avoid creating MongoDB collection multiple times: Graylog2/graylog2-server#1747
• Removed number of connected nodes in login page: Graylog2/graylog2-server#1732
• Fix dynamic search result histogram resolution: Graylog2/graylog2-server#1764
• Show overlay in Graylog web interface when Graylog server is not available: Graylog2/graylog2-server#1762
• Fix metric types: Graylog2/graylog2-server#1784
• Only load all metrics on demand: Graylog2/graylog2-server#1782
• Activate search refresh after selecting a refresh interval: Graylog2/graylog2-server#1796
• Fix circular dependencies: Graylog2/graylog2-server#1789
• Only render input forms when input type is available: Graylog2/graylog2-server#1798
• Document web interface configuration settings in graylog.conf. Graylog2/graylog2-server#1777
• Fix roles link to documentation. Graylog2/graylog2-server#1805
• Fix issue with field graphs. Graylog2/graylog2-server#1811
• Fix search result pagination. Graylog2/graylog2-server#1812
• Fix add to query button on quick values. Graylog2/graylog2-server#1797
• Fix URL to Graylog marketplace on content pack export page. Graylog2/graylog2-server#1817
• Fix elasticsearch node name for the Graylog client node. Graylog2/graylog2-server#1814 and Graylog2/graylog2-server#1820
• Fix widget sorting for dashboards.
• Use _ as default key separator in JSON Extractor. Graylog2/graylog2-server#1841
• Clarify that Graylog Collector needs access to rest_listen_uri. Graylog2/graylog2-server#1847
• Fix potential memory leak in GELF UDP handler. Graylog2/graylog2-server#1857Graylog2/graylog2-server#1862
• Fix user with correct permissions not allowed to view stream: Graylog2/graylog2-server#1887, Graylog2/graylog2-server#1902
• Make pattern to check Graylog-managed indices stricter: Graylog2/graylog2-server#1882, Graylog2/graylog2-server#1888
• Fix throughput counter: Graylog2/graylog2-server#1876
• Fix replay search link in dashboards: Graylog2/graylog2-server#1835
• Render server unavailable page more reliably: Graylog2/graylog2-server#1867
• Fix build issue with maven. Graylog2/graylog2-server#1907 (Thanks @gitfrederic)
• Fix username in REST API access logs. Graylog2/graylog2-server#1815Graylog2/graylog2-server#1918 (Thanks @mikkolehtisalo)
• Fix alert annotations in message histogram. Graylog2/graylog2-server#1921
• Fix problem with automatic input form reload. Graylog2/graylog2-server#1870Graylog2/graylog2-server#1929
• Fix asset caching. Graylog2/graylog2-server#1924Graylog2/graylog2-server#1930
• Fix issue with cursor jumps in the search bar. Graylog2/graylog2-server#1911
• Fix import of Graylog 1.x extractors. Graylog2/graylog2-server#1831Graylog2/graylog2-server#1937
• Field charts will now use the stream and time range of the current search. Graylog2/graylog2-server#1785Graylog2/graylog2-web-interface#1620Graylog2/graylog2-web-interface#1618Graylog2/graylog2-web-interface#1485Graylog2/graylog2-server#1938
• Improve browser validations. Graylog2/graylog2-server#1885
• Fix Internet Explorer support. Graylog2/graylog2-server#1935
• Fix issue where a user was logged out when accessing an unauthorized resource. Graylog2/graylog2-server#1944
• Fix issue with surrounding search. Graylog2/graylog2-server#1946
• Fix problem deleting dashboard widget where the plugin got removed. Graylog2/graylog2-server#1943
• Fix permission issue on user edit page. Graylog2/graylog2-server#1964
• Fix histogram time range selection via mouse. Graylog2/graylog2-server#1895
• Fix problems with duplicate Reflux store instances. Graylog2/graylog2-server#1967
• Create PID file earlier in the startup process. Graylog2/graylog2-server#1969Graylog2/graylog2-server#1978
• Fix content type detection for static assets. Graylog2/graylog2-server#1982Graylog2/graylog2-server#1983
• Fix caching of static assets. Graylog2/graylog2-server#1982Graylog2/graylog2-server#1983
• Show error message on malformed search query. Graylog2/graylog2-server#1896
• Fix parsing of GELF chunks. Graylog2/graylog2-server#1986
• Fix problems editing reader users profile. Graylog2/graylog2-server#1984Graylog2/graylog2-server#1987
• Fix problem with lost extractors and static fields on input update. Graylog2/graylog2-server#1988Graylog2/graylog2-server#1923
• Improve fetching cluster metrics to avoid multiple calls. Graylog2/graylog2-server#1974Graylog2/graylog2-server#1990
• Properly handle empty messages. Graylog2/graylog2-server#1584Graylog2/graylog2-server#1995
• Add 100-Continue support to inputs. Graylog2/graylog2-server#1939Graylog2/graylog2-server#1998
• Fix setting dashboard as start page for reader users. Graylog2/graylog2-server#2005
• Allow dots (“.”) in LDAP group name mappings. Graylog2/graylog2-server#1458Graylog2/graylog2-server#2009
• Update user edit form when username changes. Graylog2/graylog2-server#2000
• Fix issue with permissions in user form. Graylog2/graylog2-server#1989
• Update extractor example when message is loaded. Graylog2/graylog2-server#1957Graylog2/graylog2-server#2013
• Disable log4j2 shutdown hooks to avoid exception on shutdown. Graylog2/graylog2-server#1795Graylog2/graylog2-server#2015
• Fix styling issue with map widget. Graylog2/graylog2-server#2003
• Fix openstreetmap URL in map widget. Graylog2/graylog2-server#1994
• Fix problem with collector heartbeat validation. Graylog2/graylog2-server#2002Graylog2/graylog2-web-interface#1726Graylog2/graylog-plugin-collector#3
• Remove unused command line parameters. Graylog2/graylog2-server#1977
• Fixed timezone issues for date time processing in JSON parser. Graylog2/graylog2-server#2007
• Fixed JavaScript error with field truncation. Graylog2/graylog2-server#2025
• Fixed redirection if user is not authorized. Graylog2/graylog2-server#1985Graylog2/graylog2-server#2024
• Made changing the sort order in search result table work again. Graylog2/graylog2-server#2028Graylog2/graylog2-server#2031
• Performance improvements on “System/Indices” page. Graylog2/graylog2-server#2017
• Fixed content-type settings for static assets. Graylog2/graylog2-server#2052
• Fixed return code for invalid input IDs. Graylog2/graylog2-server#1718Graylog2/graylog2-server#1767
• Improved field analyzer UI. Graylog2/graylog2-server#2022Graylog2/graylog2-server#2023
• Fixed login with LDAP user. Graylog2/graylog2-server#2045Graylog2/graylog2-server#2046Graylog2/graylog2-server#2069
• Fixed issue with bad message timestamps to avoid data loss. Graylog2/graylog2-server#2064Graylog2/graylog2-server#2065
• Improved handling of Elasticsearch indices. Graylog2/graylog2-server#2058Graylog2/graylog2-server#2062
• Extractor form improvements for JSON and Grok extractors. Graylog2/graylog2-server#1883Graylog2/graylog2-server#2020
• Used search refresh to refresh field statistics. Graylog2/graylog2-server#1961Graylog2/graylog2-server#2068
• Fixed clicking zoom button in quick values. Graylog2/graylog2-server#2040Graylog2/graylog2-server#2067
• Web interface styling improvements.
• Replaced . in message field keys with a _ for ES 2.x compatibility. Graylog2/graylog2-server#2078
• Fixed unprocessed journal messages reload in node list. Graylog2/graylog2-server#2083
• Fixed problems with stale sessions on the login page. Graylog2/graylog2-server#2073Graylog2/graylog2-server#2059Graylog2/graylog2-server#1891
• Fixed issue with index retention strategies. Graylog2/graylog2-server#2100
• Fixed password change form. Graylog2/graylog2-server#2103Graylog2/graylog2-server#2105
• Do not show search refresh controls on the sources page. Graylog2/graylog2-server#1821Graylog2/graylog2-server#2104
• Wait for index being available before calculating index range. Graylog2/graylog2-server#2061Graylog2/graylog2-server#2098
• Fixed issue with sorting extractors. Graylog2/graylog2-server#2086Graylog2/graylog2-server#2088
• Improve DataTable UI component. Graylog2/graylog-plugin-pipeline-processor#11
• Move TCP keepalive setting into AbstractTcpTransport to simplify input development. Graylog2/graylog2-server#2112
• Fixed issue with Elasticsearch index template update. Graylog2/graylog2-server#2089Graylog2/graylog2-server#2097
• Ensure that tmpDir is writable when generating self-signed certs in TCP transports. Graylog2/graylog2-server#2054Graylog2/graylog2-server#2096
• Fixed default values for plugin configuration forms. Graylog2/graylog2-server#2108Graylog2/graylog2-server#2114
• Dashboard usability improvements. Graylog2/graylog2-server#2093
• Include default values in pluggable entities forms. Graylog2/graylog2-server#2122
• Ignore empty authentication tokens in LdapUserAuthenticator. Graylog2/graylog2-server#2123
• Add REST API authentication and permissions. Graylog2/graylog-plugin-pipeline-processor#15
• Require authenticated user in REST resources. Graylog2/graylog-plugin-pipeline-processor#14
• Lots of UI improvements in the web interface. Graylog2/graylog2-server#2136
• Fixed link to REST API browser. Graylog2/graylog2-server#2133
• Fixed CSV export skipping first chunk. Graylog2/graylog2-server#2128
• Fixed updating content packs. Graylog2/graylog2-server#2138Graylog2/graylog2-server#2141
• Added missing 404 page. Graylog2/graylog2-server#2139

Graylog 1.3.4

Released: 2016-03-16

https://www.graylog.org/blog/49-graylog-1-3-4-is-now-available

• Fix security issue which allowed redirecting users to arbitrary sites on login Graylog2/graylog2-web-interface#1729
• Fix issue with time-based index rotation strategy Graylog2/graylog2-server#725Graylog2/graylog2-server#1693
• Fix issue with IndexFailureServiceImplGraylog2/graylog2-server#1747
• Add default Content-Type to GettingStartedResourceGraylog2/graylog2-server#1700
• Improve OS platform detection Graylog2/graylog2-server#1737
• Add prefixes GRAYLOG_ (environment variables) and graylog. (system properties) for overriding configuration settings Graylog2/graylog2-server@48ed88d
• Fix URL to Graylog Marketplace on Extractor/Content Pack pages Graylog2/graylog2-server#1817
• Use monospace font on message values Graylog2/graylog2-web-interface@3cce368

Graylog 1.3.3

Released: 2016-01-14

https://www.graylog.org/graylog-1-3-3-is-now-available/

• Absolute and relative time spans give different results Graylog2/graylog2-server#1572Graylog2/graylog2-server#1463Graylog2/graylog2-server#1672Graylog2/graylog2-server#1679
• Search result count widget not caching Graylog2/graylog2-server#1640Graylog2/graylog2-server#1681
• Field Value Condition Alert, does not permit decimal values Graylog2/graylog2-server#1657
• Correctly handle null values in nested structures in JsonExtractor Graylog2/graylog2-server#1676Graylog2/graylog2-server#1677
• Add Content-Type and X-Graylog2-No-Session-Extension to CORS headers Graylog2/graylog2-server#1682Graylog2/graylog2-server#1685
• Discard Message Output Graylog2/graylog2-server#1688

Graylog 1.3.2

Released: 2015-12-18

https://www.graylog.org/graylog-1-3-2-is-now-available/

• Deserializing a blacklist filter (FilterDescription) leads to StackOverflowErrorGraylog2/graylog2-server#1641

Graylog 1.3.1

Released: 2015-12-17

https://www.graylog.org/graylog-1-3-1-is-now-available/

• Add option to AMQP transports to bind the queue to the exchange Graylog2/graylog2-server#1599Graylog2/graylog2-server#1633
• Install a Graylog index template instead of set mappings on index creation Graylog2/graylog2-server#1624Graylog2/graylog2-server#1628

Graylog 1.3.0

Released: 2015-12-09

https://www.graylog.org/graylog-1-3-ga-is-ready/

• Allow index range calculation for a single index. Graylog2/graylog2-server#1451Graylog2/graylog2-server#1455
• Performance improvements for index ranges.
• Make internal server logs accessible via REST API. Graylog2/graylog2-server#1452
• Make specific configuration values accessible via REST API. Graylog2/graylog2-server#1484
• Added Replace Extractor. Graylog2/graylog2-server#1485
• Added a default set of Grok patterns. Graylog2/graylog2-server#1495
• Log operating system details on server startup. Graylog2/graylog2-server#1244Graylog2/graylog2-server#1553
• Allow reader users to set a dashboard as start page. Graylog2/graylog2-web-interface#1681
• Auto content pack loader – download and install content packs automatically
• Appliance pre-configured for log ingestion and analysis
• Show a getting started guide on first install. Graylog2/graylog2-web-interface#1662
• Include role permissions in “/roles/{rolename}/members” REST API endpoint. Graylog2/graylog2-server#1549
• Fixed NullPointerException in GELF output. Graylog2/graylog2-server#1538
• Fixed NullPointerException in GELF input handling. Graylog2/graylog2-server#1544
• Use the root user’s timezone for LDAP users by default. Graylog2/graylog2-server#1000Graylog2/graylog2-server#1554
• Fix display of JSON messages. Graylog2/graylog2-web-interface#1686
• Improve search robustness with missing Elasticsearch indices. Graylog2/graylog2-server#1547Graylog2/graylog2-server#1533
• Fixed race condition between index creation and index mapping configuration. Graylog2/graylog2-server#1502Graylog2/graylog2-server#1563
• Fixed concurrency problem in GELF input handling. Graylog2/graylog2-server#1561
• Fixed issue with widget value calculation. Graylog2/graylog2-server#1588
• Do not extend user sessions when updating widgets. Graylog2/graylog2-web-interface#1655
• Fixed compatibility mode for Internet Explorer. Graylog2/graylog2-web-interface#1661Graylog2/graylog2-web-interface#1668
• Fixed whitespace issue in extractor example. Graylog2/graylog2-web-interface#1650
• Fixed several issues on the indices page. Graylog2/graylog2-web-interface#1691Graylog2/graylog2-web-interface#1692
• Fixed permission issue for stream alert management. Graylog2/graylog2-web-interface#1659
• Fixed deletion of LDAP group mappings when updating LDAP settings. Graylog2/graylog2-server#1513
• Fixed dangling role references after deleting a role Graylog2/graylog2-server#1608
• Support LDAP Group Mapping for Sun Directory Server (new since beta.2) Graylog2/graylog2-server#1583

Graylog 1.2.2

Released: 2015-10-27

https://www.graylog.org/graylog-1-2-2-is-now-available/

• Fixed a whitespace issue in the extractor UI. Graylog2/graylog2-web-interface#1650
• Fixed the index description on the indices page. Graylog2/graylog2-web-interface#1653
• Fixed a memory leak in the GELF UDP handler code. (Analysis and fix contributed by @lightpriest and @onyxmaster on GitHub. Thank you!) Graylog2/graylog2-server#1462, Graylog2/graylog2-server#1488
• Improved the LDAP group handling code to handle more LDAP setups. Graylog2/graylog2-server#1433, Graylog2/graylog2-server#1453, Graylog2/graylog2-server#1491, Graylog2/graylog2-server#1494
• Fixed email alerts for users with multiple email addresses. (LDAP setups) Graylog2/graylog2-server#1439, Graylog2/graylog2-server#1492
• Improve index range handling performance. Graylog2/graylog2-server#1465, Graylog2/graylog2-server#1493
• Fixed JSON extractor with null values. Graylog2/graylog2-server#1475, Graylog2/graylog2-server#1505
• Fixed role assignment when updating user via REST API. Graylog2/graylog2-server#1456, Graylog2/graylog2-server#1507

Graylog 1.2.1

Released: 2015-09-22

https://www.graylog.org/graylog-1-2-1-is-now-available/

• Fixed various issues around importing and applying content packs Graylog2/graylog2-server#1423, Graylog2/graylog2-server#1434, Graylog2/graylog2-web-interface#1605, Graylog2/graylog2-web-interface#1614
• Fixed loading existing alarm callbacks that had been created with Graylog 1.0.x or earlier Graylog2/graylog2-server#1428
• Fixed compatibility problem with Elasticsearch 1.5.x and earlier Graylog2/graylog2-server#1426
• Fixed handling of statistical functions in field graphs Graylog2/graylog2-web-interface#1604
• Use correct title when adding quick values to a dashboard Graylog2/graylog2-web-interface#1603

Graylog 1.2.0

Released: 2015-09-14

https://www.graylog.org/announcing-graylog-1-2-ga-release-includes-30-new-features/

• Make sure existing role assignments survive on LDAP account sync. Graylog2/graylog2-server#1405 | Graylog2/graylog2-server#1406
• Use memberOf query for ActiveDirectory to speed up LDAP queries. Graylog2/graylog2-server#1407
• Removed disable_index_range_calculation configuration option. Graylog2/graylog2-server#1411
• Avoid potentially long-running Elasticsearch cluster-level operations by only saving an index range if it actually changed. Graylog2/graylog2-server#1412
• Allow editing the roles of LDAP users. Graylog2/graylog2-web-interface#1598
• Improved quick values widget. Graylog2/graylog2-web-interface#1487

Graylog 1.2.0-rc.4

Released: 2015-09-08

https://www.graylog.org/announcing-graylog-1-2-rc-4/

• Deprecated MongoDB storage of internal metrics feature.
• Added customizable LDAP filter for user groups lookup. Graylog2/graylog2-server#951
• Allow usage of count and cardinality statistical functions in dashboard widgets. Graylog2/graylog2-server#1376
• Disabled index range recalculation on every index rotation. Graylog2/graylog2-server#1388
• Added automatic migration of user permissions to admin or reader roles. Graylog2/graylog2-server#1389
• Fixed widget problem with invalid timestamps. Graylog2/graylog2-web-interface#1390
• Added config option to enable TLS certificate validation in REST client. Graylog2/graylog2-server#1393
• Fixed rule matching issue in stream routing engine. Graylog2/graylog2-server#1397
• Changed default titles for stream widgets. Graylog2/graylog2-web-interface#1476
• Changed data filters to be case insensitive. Graylog2/graylog2-web-interface#1585
• Improved padding for stack charts. Graylog2/graylog2-web-interface#1568
• Improved resiliency when Elasticsearch is not available. Graylog2/graylog2-web-interface#1518
• Redirect to user edit form after updating a user. Graylog2/graylog2-web-interface#1588
• Improved dashboard widgets error handling. Graylog2/graylog2-web-interface#1590
• Fixed timing issue in streams UI. Graylog2/graylog2-web-interface#1490
• Improved indices overview page. Graylog2/graylog2-web-interface#1593
• Fixed browser back button behavior. Graylog2/graylog2-web-interface#1594
• Fixed accidental type conversion for number configuration fields in alarmcallback plugins. Graylog2/graylog2-web-interface#1596
• Fixed data type problem for extracted timestamps via grok. Graylog2/graylog2-server#1403

Graylog 1.2.0-rc.2

Released: 2015-08-31

https://www.graylog.org/announcing-graylog-1-2-rc/

• Implement global Elasticsearch timeout and add elasticsearch_request_timeout configuration setting. Graylog2/graylog2-server#1220
• Fixed lots of documentation links. Graylog2/graylog2-server#1238
• Groovy shell server removed. Graylog2/graylog2-server#1266
• Lots of index range calculation fixes. Graylog2/graylog2-server#1274
• New Raw AMQP input. Graylog2/graylog2-server#1280
• New Syslog AMQP input. Graylog2/graylog2-server#1280
• Updated bundled Elasticsearch to 1.7.1.
• The fields in configuration dialogs for inputs and outputs are now ordered. Graylog2/graylog2-server#1282
• Allow server startup without working Elasticsearch cluster. Graylog2/graylog2-server#1136, Graylog2/graylog2-server#1289
• Added OR operator to stream matching. Graylog2/graylog2-server#1292, Graylog2/graylog2-web#1552
• New stream router engine with better stream matching performance. Graylog2/graylog2-server#1305, Graylog2/graylog2-server#1309
• Grok pattern import/export support for content packs. Graylog2/graylog2-server#1300, Graylog2/graylog2-web#1527
• Added MessageListCodec interface for codec implementations that can decode multiple messages from one raw message. Graylog2/graylog2-server#1307
• Added keepalive configuration option for all TCP transports. Graylog2/graylog2-server#1287, Graylog2/graylog2-server#1318
• Support for roles and LDAP groups. Graylog2/graylog2-server#1321, Graylog2/graylog2-server#951
• Added timezone configuration option to date converter. Graylog2/graylog2-server#1320, Graylog2/graylog2-server#1324
• Added alarmcallback history feature. Graylog2/graylog2-server#1313, Graylog2/graylog2-web#1537
• Added more configuration options to GELF output. (TCP settings, TLS support) Graylog2/graylog2-server#1337, Graylog2/graylog2-server#979
• Store timestamp and some other internal fields in Elasticsearch as doc values. Removed “elasticsearch_store_timestamps_as_doc_values” option from configuration file. Graylog2/graylog2-server#1335, Graylog2/graylog2-server#1342
• Added TLS support for GELF input. Graylog2/graylog2-server#1348
• Added JSON extractor. Graylog2/graylog2-server#632, Graylog2/graylog2-server#1355, Graylog2/graylog2-web#1555
• Added support for TLS client certificate authentication to all TCP based inputs. Graylog2/graylog2-server#1357, Graylog2/graylog2-server#1363
• Added stacked chart widget. Graylog2/graylog2-server#1284, Graylog2/graylog2-web#1513
• Added cardinality option to field histograms. Graylog2/graylog2-web#1529, Graylog2/graylog2-server#1303
• Lots of dashboard improvements. Graylog2/graylog2-web#1550
• Replaced Gulp with Webpack. Graylog2/graylog2-web#1548
• Updated to Play 2.3.10.

Graylog 1.1.6

Released: 2015-08-06

https://www.graylog.org/graylog-1-1-6-released/

• Fix edge case in SyslogOctetCountFrameDecoder which caused the Syslog TCP input to reset connections (Graylog2/graylog2-server#1105, Graylog2/graylog2-server#1339)
• Properly log errors in the Netty channel pipeline (Graylog2/graylog2-server#1340)
• Prevent creation of invalid alert conditions (Graylog2/graylog2-server#1332)
• Upgrade to Elasticsearch 1.6.2

Graylog 1.1.5

Released: 2015-07-27

https://www.graylog.org/graylog-1-1-5-released/

• Improve handling of exceptions in the JournallingMessageHandler (Graylog2/graylog2-server#1286)
• Upgrade to Elasticsearch 1.6.1 (Graylog2/graylog2-server#1312)
• Remove hard-coded limit for UDP receive buffer size (Graylog2/graylog2-server#1290)
• Ensure that elasticsearch_index_prefix is lowercase (commit 2173225 )
• Add configuration option for time zone to Date converter (Graylog2/graylog2-server#1320)
• Fix NPE if the disk journal is disabled on a node (Graylog2/graylog2-web-interface#1520)
• Statistic and Chart error: Adding time zone offset caused overflow (Graylog2/graylog2-server#1257)
• Ignore stream alerts and throughput on serialize (Graylog2/graylog2-server#1309)
• Fix dynamic keyword time-ranges for dashboard widgets created from content packs (Graylog2/graylog2-server#1308)
• Upgraded Anonymous Usage Statistics plugin to version 1.1.1

Graylog 1.1.4

Released: 2015-06-30

https://www.graylog.org/graylog-v1-1-4-is-now-available/

• Make heartbeat timeout option for AmqpTransport optional. Graylog2/graylog2-server#1010
• Export as CSV on stream fails with “Invalid range type provided.” Graylog2/graylog2-web-interface#1504

Graylog 1.1.3

Released: 2015-06-19

https://www.graylog.org/graylog-v1-1-3-is-now-available/

• Log error message early if there is a MongoDB connection error. Graylog2/graylog2-server#1249
• Fixed field content value alert condition. Graylog2/graylog2-server#1245
• Extend warning about SO_RCVBUF size to UDP inputs. Graylog2/graylog2-server#1243
• Scroll on button dropdowns. Graylog2/graylog2-web-interface#1477
• Normalize graph widget numbers before drawing them. Graylog2/graylog2-web-interface#1479
• Fix highlight result checkbox position on old Firefox. Graylog2/graylog2-web-interface#1440
• Unescape terms added to search bar. Graylog2/graylog2-web-interface#1484
• Load another message in edit extractor page not working. Graylog2/graylog2-web-interface#1488
• Reader users aren’t able to export search results as CSV. Graylog2/graylog2-web-interface#1492
• List of streams not loaded on message details page. Graylog2/graylog2-web-interface#1496

Graylog 1.1.2

Released: 2015-06-10

https://www.graylog.org/graylog-v1-1-2-is-now-available/

• Get rid of NoSuchElementException if index alias doesn’t exist. Graylog2/graylog2-server#1218
• Make Alarm Callbacks API compatible to Graylog 1.0.x again. Graylog2/graylog2-server#1221, Graylog2/graylog2-server#1222, Graylog2/graylog2-server#1224
• Fixed issues with natural language parser for keyword time range. Graylog2/graylog2-server#1226
• Unable to write Graylog metrics to MongoDB Graylog2/graylog2-server#1228
• Unable to delete user. Graylog2/graylog2-server#1209
• Unable to unpause streams, despite editing permissions. Graylog2/graylog2-web-interface#1456
• Choose quick values widget size dynamically. Graylog2/graylog2-web-interface#1422
• Default field sort order is not guaranteed after reload. Graylog2/graylog2-web-interface#1436
• Toggling all fields in search list throws error and breaks pagination. Graylog2/graylog2-web-interface#1434
• Improve multi-line log messages support. Graylog2/graylog2-web-interface#612
• NPE when clicking a message from a deleted input on a stopped node. Graylog2/graylog2-web-interface#1444
• Auto created search syntax must use quotes for values with whitespaces in them. Graylog2/graylog2-web-interface#1448
• Quick Values doesn’t update for new field. Graylog2/graylog2-web-interface#1438
• New Quick Values list too large. Graylog2/graylog2-web-interface#1442
• Unloading referenced alarm callback plugin breaks alarm callback listing. Graylog2/graylog2-web-interface#1450
• Add to search button doesn’t work as expected for “level” field. Graylog2/graylog2-web-interface#1453
• Treat “*” query as empty query. Graylog2/graylog2-web-interface#1420
• Improve title overflow on widgets. Graylog2/graylog2-web-interface#1430
• Convert NaN to 0 on histograms. Graylog2/graylog2-web-interface#1417
• “<>” values in fields are unescaped and don’t display in Quick Values. Graylog2/graylog2-web-interface#1455
• New quickvalues are not showing number of terms. Graylog2/graylog2-web-interface#1411
• Default index for split & index extractor results in an error. Graylog2/graylog2-web-interface#1464
• Improve behaviour when field graph fails to load. Graylog2/graylog2-web-interface#1276
• Unable to unpause streams, despite editing permissions. Graylog2/graylog2-web-interface#1456
• Wrong initial size of quick values pie chart. Graylog2/graylog2-web-interface#1469
• Problems refreshing data on quick values pie chart. Graylog2/graylog2-web-interface#1470
• Ignore streams with no permissions on message details. Graylog2/graylog2-web-interface#1472

Graylog 1.1.1

Released: 2015-06-05

https://www.graylog.org/graylog-v1-1-1-is-now-available/

• Fix problem with missing alarmcallbacks. Graylog2/graylog2-server#1214
• Add additional newline between messages to alert email. Graylog2/graylog2-server#1216
• Fix incorrect index range calculation. Graylog2/graylog2-server#1217, Graylog2/graylog2-web-interface#1266
• Fix sidebar auto-height on old Firefox versions. Graylog2/graylog2-web-interface#1410
• Fix “create one now” link on stream list page. Graylog2/graylog2-web-interface#1424
• Do not update StreamThroughput when unmounted. Graylog2/graylog2-web-interface#1428
• Fix position of alert annotations in search result histogram. Graylog2/graylog2-web-interface#1421
• Fix NPE when searching. Graylog2/graylog2-web-interface#1212
• Hide unlock dashboard link for reader users. Graylog2/graylog2-web-interface#1429
• Open radio documentation link on a new window. Graylog2/graylog2-web-interface#1427
• Use radio node page on message details. Graylog2/graylog2-web-interface#1423

Graylog 1.1.0

Released: 2015-06-04

https://www.graylog.org/graylog-1-1-is-now-generally-available/

• Properly set node_id on message input Graylog2/graylog2-server#1210
• Fixed handling of booleans in configuration forms in the web interface
• Various design fixes in the web interface

Graylog 1.1.0-rc.3

Released: 2015-06-02

https://www.graylog.org/graylog-v1-1-rc3-is-now-available/

• Unbreak server startup with collector thresholds set. Graylog2/graylog2-server#1194
• Adding verbal alert description to alert email templates and subject line defaults. Graylog2/graylog2-server#1158
• Fix message backlog in default body template in FormattedEmailAlertSender. Graylog2/graylog2-server#1163
• Make RawMessageEvent’s fields volatile to guard against cross-cpu visibility issues. Graylog2/graylog2-server#1207
• Set default for “disable_index_range_calculation” to “true”.
• Passing in value to text area fields in configuration forms. Graylog2/graylog2-web-interface#1340
• Stream list has no loading spinner. Graylog2/graylog2-web-interface#1309
• Showing a helpful notification when there are no active/inactive collectors. Graylog2/graylog2-web-interface#1302
• Improve behavior when field graphs are stacked. Graylog2/graylog2-web-interface#1348
• Keep new lines added by users on alert callbacks. Graylog2/graylog2-web-interface#1270
• Fix duplicate metrics reporting if two components subscribed to the same metric on the same page. Graylog2/graylog2-server#1199
• Make sidebar visible on small screens. Graylog2/graylog2-web-interface#1390
• Showing warning and disabling edit button for output if plugin is missing. Graylog2/graylog2-web-interface#1185
• Using formatted fields in old message loader. Graylog2/graylog2-web-interface#1393
• Several styling and UX improvements

Graylog 1.1.0-rc.1

Released: 2015-05-27

https://www.graylog.org/graylog-v1-1-rc1-is-now-available/

• Unable to send email alerts. Graylog2/graylog2-web-interface#1346
• “Show messages from this collector view” displays no messages. Graylog2/graylog2-web-interface#1334
• Exception error in search page when using escaped characters. Graylog2/graylog2-web-interface#1356
• Wrong timestamp on stream rule editor. Graylog2/graylog2-web-interface#1328
• Quickvalue values are not linked to update search query. Graylog2/graylog2-web-interface#1296
• Stream list has no loading spinner. Graylog2/graylog2-web-interface#1309
• Collector list with only inactive collectors is confusing. Graylog2/graylog2-web-interface#1302
• Update sockjs-client to 1.0.0. Graylog2/graylog2-web-interface#1344
• Scroll to search bar when new query term is added. Graylog2/graylog2-web-interface#1284
• Scroll to quick values if not visible. Graylog2/graylog2-web-interface#1284
• Scroll to newly created field graphs. Graylog2/graylog2-web-interface#1284
• Problems with websockets and even xhr streaming. Graylog2/graylog2-web-interface#1344, Graylog2/graylog2-web-interface#1353, Graylog2/graylog2-web-interface#1338, Graylog2/graylog2-web-interface#1322
• Add to search bar not working on sources tab. Graylog2/graylog2-web-interface#1350
• Make field graphs work with streams. Graylog2/graylog2-web-interface#1352
• Improved page design on outputs page. Graylog2/graylog2-web-interface#1236
• Set startpage button missing for dashboards. Graylog2/graylog2-web-interface#1345
• Generating chart for response code is broken. Graylog2/graylog2-web-interface#1358

Graylog 1.1.0-beta.3

Released: 2015-05-27

https://www.graylog.org/graylog-1-1-beta-3-is-now-available/

• Kafka inputs now support syslog, GELF and raw messages Graylog2/graylog2-server#322
• Configurable timezone for the flexdate converter in extractors. Graylog2/graylog2-server#1166
• Allow decimal values for greater/smaller stream rules. Graylog2/graylog2-server#1101
• New configuration file option to control the default widget cache time. Graylog2/graylog2-server#1170
• Expose heartbeat configuration for AMQP inputs. Graylog2/graylog2-server#1010
• New alert condition to alert on field content. Graylog2/graylog2-server#537
• Add -Dwebsockets.enabled=false option for the web interface to disable websockets. Graylog2/graylog2-web-interface#1322
• Clicking the Graylog logo redirects to the custom startpage now. Graylog2/graylog2-web-interface#1315
• Improved reset and filter feature in sources tab. Graylog2/graylog2-web-interface#1337
• Fixed issue with stopping Kafka based inputs. Graylog2/graylog2-server#1171
• System throughput resource was always returning 0. Graylog2/graylog2-web-interface#1313
• MongoDB configuration problem with replica sets. Graylog2/graylog2-server#1173
• Syslog parser did not strip empty structured data fields. Graylog2/graylog2-server#1161
• Input metrics did not update after input has been stopped and started again. Graylog2/graylog2-server#1187
• NullPointerException with existing inputs in database fixed. Graylog2/graylog2-web-interface#1312
• Improved browser input validation for several browsers. Graylog2/graylog2-web-interface#1318
• Grok pattern upload did not work correctly. Graylog2/graylog2-web-interface#1321
• Internet Explorer 9 fixes. Graylog2/graylog2-web-interface#1319, Graylog2/graylog2-web-interface#1320
• Quick values feature did not work with reader users. Graylog2/graylog2-server#1169
• Replay link for keyword widgets was broken. Graylog2/graylog2-web-interface#1323
• Provide visual feedback when expanding message details. Graylog2/graylog2-web-interface#1283
• Allow filtering of saved searches again. Graylog2/graylog2-web-interface#1277
• Add back “Show details” link for global input metrics. Graylog2/graylog2-server#1168
• Provide visual feedback when dashboard widgets are loading. Graylog2/graylog2-web-interface#1324
• Restore preview for keyword time range selector. Graylog2/graylog2-web-interface#1280
• Fixed issue where widgets loading data looked empty. Graylog2/graylog2-web-interface#1324

Graylog 1.1.0-beta.2

Released: 2015-05-20

https://www.graylog.org/graylog-1-1-beta-is-now-available/

• CSV output streaming support including full text message
• Simplified MongoDB configuration with URI support
• Improved tokenizer for extractors
• Configurable UDP buffer size for incoming messages
• Enhanced Grok support with type conversions (integers, doubles and dates)
• Elasticsearch 1.5.2 support
• Added support for integrated Log Collector
• Search auto-complete
• Manual widget resize
• Auto resize of widgets based on screen size
• Faster search results
• Moved search filter for usability
• Updated several icons to text boxes for usability
• Search highlight toggle
• Pie charts (Stacked charts are coming too!)
• Improved stream management
• Output plugin and Alarm callback edit support
• Dashboard widget search edit
• Dashboard widget direct search button
• Dashboard background update support for better performance
• Log collector status UI

Graylog 1.0.2

Released: 2015-04-28

https://www.graylog.org/graylog-v1-0-2-has-been-released/

• Regular expression and Grok test failed when example message is a JSON document or contains special characters (Graylog2/graylog2-web-interface#1190, Graylog2/graylog2-web-interface#1195)
• “Show message terms” was broken (Graylog2/graylog2-web-interface#1168)
• Showing message indices was broken (Graylog2/graylog2-web-interface#1211)
• Fixed typo in SetIndexReadOnlyJob (Graylog2/graylog2-web-interface#1206)
• Consistent error messages when trying to create graphs from non-numeric values (Graylog2/graylog2-web-interface#1210)
• Fix message about too few file descriptors for Elasticsearch when number of file descriptors is unlimited (Graylog2/graylog2-web-interface#1220)
• Deleting output globally which was assigned to multiple streams left stale references (Graylog2/graylog2-server#1113)
• Fixed problem with sending alert emails (Graylog2/graylog2-server#1086)
• TokenizerConverter can now handle mixed quoted and un-quoted k/v pairs (Graylog2/graylog2-server#1083)

Graylog 1.0.1

Released: 2015-03-16

https://www.graylog.org/graylog-v1-0-1-has-been-released/

• Properly log stack traces (Graylog2/graylog2-server#970)
• Update REST API browser to new Graylog logo
• Avoid spamming the logs if the original input of a message in the disk journal can’t be loaded (Graylog2/graylog2-server#1005)
• Allows reader users to see the journal status (Graylog2/graylog2-server#1009)
• Compatibility with MongoDB 3.0 and Wired Tiger storage engine (Graylog2/graylog2-server#1024)
• Respect rest_transport_uri when generating entity URLs in REST API (Graylog2/graylog2-server#1020)
• Properly map NodeNotFoundException (Graylog2/graylog2-web-interface#1137)
• Allow replacing all existing Grok patterns on bulk import (Graylog2/graylog2-web-interface#1150)
• Configuration option for discarding messages on error in AMQP inputs (Graylog2/graylog2-server#1018)
• Configuration option of maximum chunk size for https-based inputs (Graylog2/graylog2-server#1011)
• Clone alarm callbacks when cloning a stream (Graylog2/graylog2-server#990)
• Add hasField() and getField() methods to MessageSummary class (Graylog2/graylog2-server#923)
• Add per input parse time metrics (Graylog2/graylog2-web-interface#1106)
• Allow the use of https://logging.apache.org/log4j/extras/ log4j-extras classes in log4j configuration (Graylog2/graylog2-server#1042)
• Fix updating of input statistics for Radio nodes (Graylog2/graylog2-web-interface#1022)
• Emit proper error message when a regular expression in an Extractor doesn’t match example message (Graylog2/graylog2-web-interface#1157)
• Add additional information to system jobs (Graylog2/graylog2-server#920)
• Fix false positive message on LDAP login test (Graylog2/graylog2-web-interface#1138)
• Calculate saved search resolution dynamically (Graylog2/graylog2-web-interface#943)
• Only enable LDAP test buttons when data is present (Graylog2/graylog2-web-interface#1097)
• Load more than 1 message on Extractor form (Graylog2/graylog2-web-interface#1105)
• Fix NPE when listing alarm callback using non-existent plugin (Graylog2/graylog2-web-interface#1152)
• Redirect to nodes overview when node is not found (Graylog2/graylog2-web-interface#1137)
• Fix documentation links to integrations and data sources (Graylog2/graylog2-web-interface#1136)
• Prevent accidental indexing of web interface by web crawlers (Graylog2/graylog2-web-interface#1151)
• Validate grok pattern name on the client to avoid duplicate names (Graylog2/graylog2-server#937)
• Add message journal usage to nodes overview page (Graylog2/graylog2-web-interface#1083)
• Properly format numbers according to locale (Graylog2/graylog2-web-interface#1128, Graylog2/graylog2-web-interface#1129)

Graylog 1.0.0

Released: 2015-02-19

https://www.graylog.org/announcing-graylog-v1-0-ga/

• No changes since Graylog 1.0.0-rc.4

Graylog 1.0.0-rc.4

Released: 2015-02-13

https://www.graylog.org/graylog-v1-0-rc-4-has-been-released/

• Default configuration file locations have changed. Graylog2/graylog2-server#950
• Improved error handling on search errors. Graylog2/graylog2-server#954
• Dynamically update dashboard widgets with keyword range. Graylog2/graylog2-server#956, Graylog2/graylog2-web-interface#958
• Prevent duplicate loading of plugins. Graylog2/graylog2-server#948
• Fixed password handling when editing inputs. Graylog2/graylog2-web-interface#1103
• Fixed issues getting Elasticsearch cluster health. Graylog2/graylog2-server#953
• Better error handling for extractor imports. Graylog2/graylog2-server#942
• Fixed structured syslog parsing of keys containing special characters. Graylog2/graylog2-server#845
• Improved layout on Grok patterns page. Graylog2/graylog2-web-interface#1109
• Improved formatting large numbers. Graylog2/graylog2-web-interface#1111
• New Graylog logo.

Graylog 1.0.0-rc.3

Released: 2015-02-05

https://www.graylog.org/graylog-v1-0-rc-3-has-been-released/

• Fixed compatibility with MongoDB version 2.2. Graylog2/graylog2-server#941
• Fixed performance regression in process buffer handling. Graylog2/graylog2-server#944
• Fixed data type for the max_size_per_index config option value. Graylog2/graylog2-web-interface#1100
• Fixed problem with indexer error page. Graylog2/graylog2-web-interface#1102

Graylog 1.0.0-rc.2

Released: 2015-02-04

https://www.graylog.org/graylog-v1-0-rc-2-has-been-released/

• Better Windows compatibility. Graylog2/graylog2-server#930
• Added helper methods for the plugin API to simplify plugin development.
• Fixed problem with input removal on radio nodes. Graylog2/graylog2-server#932
• Improved buffer information for input, process and output buffers. Graylog2/graylog2-web-interface#1096
• Fixed API return value incompatibility regarding node objects. Graylog2/graylog2-server#933
• Fixed reloading of LDAP settings. Graylog2/graylog2-server#934
• Fixed ordering of message input state labels. Graylog2/graylog2-web-interface#1094
• Improved error messages for journal related errors. Graylog2/graylog2-server#931
• Fixed browser compatibility for stream rules form. Graylog2/graylog2-web-interface#1095
• Improved grok pattern management. Graylog2/graylog2-web-interface#1099, Graylog2/graylog2-web-interface#1098

Graylog 1.0.0-rc.1

Released: 2015-01-28

https://www.graylog.org/graylog-v1-0-rc-1-has-been-released/

• Cleaned up internal metrics when input is terminating. Graylog2/graylog2-server#915
• Added Telemetry plugin options to example graylog.conf. Graylog2/graylog2-server#914
• Fixed problems with user permissions on streams. Graylog2/graylog2-web-interface#1058
• Added information about different rotation strategies to REST API. Graylog2/graylog2-server#913
• Added better error messages for failing inputs. Graylog2/graylog2-web-interface#1056
• Fixed problem with JVM options in bin/radioctl script. Graylog2/graylog2-server#918
• Fixed issue with updating input configuration. Graylog2/graylog2-server#919
• Fixed password updating for reader users by the admin. Graylog2/graylog2-web-interface#1075
• Enabled the message_journal_enabled config option by default. Graylog2/graylog2-server#924
• Add REST API endpoint to list reopened indices. Graylog2/graylog2-web-interface#1072
• Fixed problem with GELF stream output. Graylog2/graylog2-server#921
• Show an error message on the indices page if the Elasticsearch cluster is not available. Graylog2/graylog2-web-interface#1070
• Fixed a problem with stopping inputs. Graylog2/graylog2-server#926
• Changed output configuration display to mask passwords. Graylog2/graylog2-web-interface#1066
• Disabled message journal on radio nodes. Graylog2/graylog2-server#927
• Create new message representation format for search results in alarm callback messages. Graylog2/graylog2-server#923
• Fixed stream router to update the stream engine if a stream has been changed. Graylog2/graylog2-server#922
• Fixed focus problem in stream rule modal windows. Graylog2/graylog2-web-interface#1063
• Do not show new dashboard link for reader users. Graylog2/graylog2-web-interface#1057
• Do not show stream output menu for reader users. Graylog2/graylog2-web-interface#1059
• Do not show user forms of other users for reader users. Graylog2/graylog2-web-interface#1064
• Do not show permission settings in the user profile for reader users. Graylog2/graylog2-web-interface#1055
• Fixed extractor edit form with no messages available. Graylog2/graylog2-web-interface#1061
• Fixed problem with node details page and JVM locale settings. Graylog2/graylog2-web-interface#1062
• Improved page layout for Grok patterns.
• Improved layout for the message journal information. Graylog2/graylog2-web-interface#1084, Graylog2/graylog2-web-interface#1085
• Fixed wording on radio inputs page. Graylog2/graylog2-web-interface#1077
• Fixed formatting on indices page. Graylog2/graylog2-web-interface#1086
• Improved error handling in stream rule form. Graylog2/graylog2-web-interface#1076
• Fixed time range selection problem for the sources page. Graylog2/graylog2-web-interface#1080
• Several improvements regarding permission checks for user creation. Graylog2/graylog2-web-interface#1088
• Do not show stream alert test button for reader users. Graylog2/graylog2-web-interface#1089
• Fixed node processing status not updating on the nodes page. Graylog2/graylog2-web-interface#1090
• Fixed filename handling on Windows. Graylog2/graylog2-server#928, Graylog2/graylog2-server#732

Graylog 1.0.0-beta.2

Released: 2015-01-21

https://www.graylog.org/graylog-v1-0-beta-3-has-been-released/

• Fixed stream alert creation. Graylog2/graylog2-server#891
• Suppress warning message when PID file doesn’t exist. Graylog2/graylog2-server#889
• Fixed an error on outputs page with missing output plugin. Graylog2/graylog2-server#894
• Change default heap and garbage collector settings in scripts.
• Add extractor information to log message about failing extractor.
• Fixed problem in SplitAndIndexExtractor. Graylog2/graylog2-server#896
• Improved rendering time for indices page. Graylog2/graylog2-web-interface#1060
• Allow user to edit its own preferences. Graylog2/graylog2-web-interface#1049
• Fixed updating stream attributes. Graylog2/graylog2-server#902
• Stream throughput now shows combined value over all nodes. Graylog2/graylog2-web-interface#1047
• Fixed resource leak in JVM PermGen memory. Graylog2/graylog2-server#907
• Update to gelfclient-1.1.0 to fix DNS resolving issue. Graylog2/graylog2-server#882
• Allow arbitrary characters in user names (in fact in any resource url). Graylog2/graylog2-web-interface#1005, Graylog2/graylog2-web-interface#1006
• Fixed search result CSV export. Graylog2/graylog2-server#901
• Skip GC collection notifications for parallel collector. Graylog2/graylog2-server#899
• Shorter reconnect timeout for Radio AMQP connections. Graylog2/graylog2-server#900
• Fixed random startup error in Radio. Graylog2/graylog2-server#911
• Fixed updating an alert condition. Graylog2/graylog2-server#912
• Add system notifications for journal related warnings. Graylog2/graylog2-server#897
• Add system notifications for failing outputs. Graylog2/graylog2-server#741
• Improve search result pagination. Graylog2/graylog2-web-interface#834
• Improved regex error handling in extractor testing. Graylog2/graylog2-web-interface#1044
• Wrap long names for node metrics. Graylog2/graylog2-web-interface#1028
• Fixed node information progress bars. Graylog2/graylog2-web-interface#1046
• Improve node buffer utilization readability. Graylog2/graylog2-web-interface#1046
• Fixed username alert receiver form field. Graylog2/graylog2-web-interface#1050
• Wrap long messages without break characters. Graylog2/graylog2-web-interface#1052
• Hide list of node plugins if there aren’t any plugins installed.
• Warn user before leaving page with unpinned graphs. Graylog2/graylog2-web-interface#808

Graylog 1.0.0-beta.2

Released: 2015-01-16

https://www.graylog.org/graylog-v1-0-0-beta2/

• SIGAR native libraries are now found correctly (for getting system information)
• plugins can now state if they want to run in server or radio
• Fixed LDAP settings testing. Graylog2/graylog2-web-interface#1026
• Improved RFC5425 syslog message parsing. Graylog2/graylog2-server#845
• JVM arguments are now being logged on start. Graylog2/graylog2-server#875
• Improvements to log messages when Elasticsearch connection fails during start.
• Fixed an issue with AMQP transport shutdown. Graylog2/graylog2-server#874
• After index cycling the System overview page could be broken. Graylog2/graylog2-server#880
• Extractors can now be edited. Graylog2/graylog2-web-interface#549
• Fixed saving user preferences. Graylog2/graylog2-web-interface#1027
• Scripts now return proper exit codes. Graylog2/graylog2-server#886
• Grok patterns can now be uploaded in bulk. Graylog2/graylog2-server#377
• During extractor creation the test display could be offset. Graylog2/graylog2-server#804
• Performance fix for the System/Indices page. Graylog2/graylog2-web-interface#1035
• A create dashboard link was shown to reader users, leading to an error when followed. Graylog2/graylog2-web-interface#1032
• Content pack section was shown to reader users, leading to an error when followed. Graylog2/graylog2-web-interface#1033
• Failing stream outputs were being restarted constantly. Graylog2/graylog2-server#741

Graylog2 0.92.4

Released: 2015-01-14

https://www.graylog.org/graylog2-v0-92-4/

• [SERVER] Ensure that Radio inputs can only be started on server nodes (Graylog2/graylog2-server#843)
• [SERVER] Avoid division by zero when finding rotation anchor in the time-based rotation strategy (Graylog2/graylog2-server#836)
• [SERVER] Use username as fallback if display name in LDAP is empty (Graylog2/graylog2-server#837)

Graylog 1.0.0-beta.1

Released: 2015-01-12

https://www.graylog.org/graylog-v1-0-0-beta1/

• Message Journaling
• New Widgets
• Grok Extractor Support
• Overall stability and resource efficiency improvements
• Single binary for graylog2-server and graylog2-radio
• Inputs are now editable
• Order of field charts rendered inside the search results page is now maintained.
• Improvements in focus and keyboard behaviour on modal windows and forms.
• You can now define whether to disable expensive, frequent real-time updates of the UI in the settings of each user. (For example the updating of total messages in the system)
• Experimental search query auto-completion that can be enabled in the user preferences.
• The API browser now documents server response payloads in a better way so you know what to expect as an answer to your call.
• Now using the standard Java ServiceLoader for plugins.

Graylog2 0.92.3

Released: 2014-12-23

https://www.graylog.org/graylog2-v0-92-3/

• [SERVER] Removed unnecessary instrumentation in certain places to reduce GC pressure caused by many short living objects (Graylog2/graylog2-server#800)
• [SERVER] Limit Netty worker thread pool to 16 threads by default (see rest_worker_threads_max_pool_size in graylog2.conf
• [WEB] Fixed upload of content packs when a URI path prefix (application.context in graylog2-web-interface.conf) is being used (Graylog2/graylog2-web-interface#1009)
• [WEB] Fixed display of metrics of type Counter (Graylog2/graylog2-server#795)

Graylog2 0.92.1

Released: 2014-12-11

https://www.graylog.org/graylog2-v0-92-1/

• [SERVER] Fixed name resolution and overriding sources for network inputs.
• [SERVER] Fixed wrong delimiter in GELF TCP input.
• [SERVER] Disabled the output cache by default. The output cache is the source of all sorts of interesting problems. If you want to keep using it, please read the upgrade notes.
• [SERVER] Fixed message timestamps in GELF output.
• [SERVER] Fixed connection counter for network inputs.
• [SERVER] Added warning message if the receive buffer size (SO_RECV) couldn’t be set for network inputs.
• [WEB] Improved keyboard shortcuts with most modal dialogs (e. g. hitting Enter submits the form instead of just closing the dialogs).
• [WEB] Upgraded to play2-graylog2 1.2.1 (compatible with Play 2.3.x and Java 7).

Graylog2 0.92.0

Released: 2014-12-01

https://www.graylog.org/graylog2-v0-92/

• [SERVER] IMPORTANT SECURITY FIX: It was possible to perform LDAP logins with crafted wildcards. (A big thank you to Jose Tozo who discovered this issue and disclosed it very responsibly.)
• [SERVER] Generate a system notification if garbage collection takes longer than a configurable threshold.
• [SERVER] Added several JVM-related metrics.
• [SERVER] Added support for Elasticsearch 1.4.x which brings a lot of stability and resilience features to Elasticsearch clusters.
• [SERVER] Made version check of Elasticsearch version optional. Disabling this check is not recommended.
• [SERVER] Added an option to disable optimizing Elasticsearch indices on index cycling.
• [SERVER] Added an option to disable time-range calculation for indices on index cycling.
• [SERVER] Lots of other performance enhancements for large setups (i.e. involving several Radio nodes and multiple Graylog2 Servers).
• [SERVER] Support for Syslog Octet Counting, as used by syslog-ng for syslog via TCP (#743)
• [SERVER] Improved support for structured syslog messages (#744)
• [SERVER] Bug fixes regarding IPv6 literals in mongodb_replica_set and elasticsearch_discovery_zen_ping_unicast_hosts
• [WEB] Added additional details to system notification about Elasticsearch max. open file descriptors.
• [WEB] Fixed several bugs and inconsistencies regarding time zones.
• [WEB] Improved graphs and diagrams
• [WEB] Allow to update dashboards when browser window is not on focus (#738)
• [WEB] Bug fixes regarding timezone handling
• Numerous internal bug fixes

Graylog2 0.92.0-rc.1

Released: 2014-11-21

https://www.graylog.org/graylog2-v0-92-rc-1/

• [SERVER] Generate a system notification if garbage collection takes longer than a configurable threshold.
• [SERVER] Added several JVM-related metrics.
• [SERVER] Added support for Elasticsearch 1.4.x which brings a lot of stability and resilience features to Elasticsearch clusters.
• [SERVER] Made version check of Elasticsearch version optional. Disabling this check is not recommended.
• [SERVER] Added an option to disable optimizing Elasticsearch indices on index cycling.
• [SERVER] Added an option to disable time-range calculation for indices on index cycling.
• [SERVER] Lots of other performance enhancements for large setups (i. e. involving several Radio nodes and multiple Graylog2 Servers).
• [WEB] Upgraded to Play 2.3.6.
• [WEB] Added additional details to system notification about Elasticsearch max. open file descriptors.
• [WEB] Fixed several bugs and inconsistencies regarding time zones.
• Numerous internal bug fixes

Graylog2 0.91.3

Released: 2014-11-05

https://www.graylog.org/graylog2-v0-90-3-and-v0-91-3-has-been-released/

• Fixed date and time issues related to DST changes
• Requires Elasticsearch 1.3.4; Elasticsearch 1.3.2 had a bug that can cause index corruptions.
• The mongodb_replica_set configuration variable now supports IPv6
• Messages read from the on-disk caches could be stored with missing fields

Graylog2 0.91.3

Released: 2014-11-05

https://www.graylog.org/graylog2-v0-90-3-and-v0-91-3-has-been-released/

• Fixed date and time issues related to DST changes
• The mongodb_replica_set configuration variable now supports IPv6
• Messages read from the on-disk caches could be stored with missing fields

Graylog2 0.92.0-beta.1

Released: 2014-11-05

https://www.graylog.org/graylog2-v0-92-beta-1/

• Content packs
• [SERVER] SSL/TLS support for Graylog2 REST API
• [SERVER] Support for time based retention cleaning of your messages. The old message count based approach is still the default.
• [SERVER] Support for Syslog Octet Counting, as used by syslog-ng for syslog via TCP (Graylog2/graylog2-server#743)
• [SERVER] Improved support for structured syslog messages (Graylog2/graylog2-server#744)
• [SERVER] Bug fixes regarding IPv6 literals in mongodb_replica_set and elasticsearch_discovery_zen_ping_unicast_hosts
• [WEB] Revamped “Sources” page in the web interface
• [WEB] Improved graphs and diagrams
• [WEB] Allow to update dashboards when browser window is not on focus (Graylog2/graylog2-web-interface#738)
• [WEB] Bug fixes regarding timezone handling
• Numerous internal bug fixes

Graylog2 0.91.1

Released: 2014-10-17

https://www.graylog.org/two-new-graylog2-releases/

• Messages written to the persisted master caches were written to the system with unreadable timestamps, leading to
• errors when trying to open the message.
• Extractors were only being deleted from running inputs but not from all inputs
• Output plugins were not always properly loaded
• You can now configure the alert_check_interval in your graylog2.conf
• Parsing of configured Elasticsearch unicast discovery addresses could break when including spaces

Graylog2 0.90.1

Released: 2014-10-17

https://www.graylog.org/two-new-graylog2-releases/

• Messages written to the persisted master caches were written to the system with unreadable timestamps, leading to errors when trying to open the message.
• Extractors were only being deleted from running inputs but not from all inputs
• Output plugins were not always properly loaded
• You can now configure the alert_check_interval in your graylog2.conf
• Parsing of configured Elasticsearch unicast discovery addresses could break when including spaces

Graylog2 0.91.0-rc.1

Released: 2014-09-23

https://www.graylog.org/graylog2-v0-90-has-been-released/

• Optional ElasticSearch v1.3.2 support

Graylog2 0.90.0

Released: 2014-09-23

https://www.graylog.org/graylog2-v0-90-has-been-released/

• Real-time data forwarding to Splunk or other systems
• Alert callbacks for greater flexibility
• New disk-based architecture for buffering in load spike situations
• Improved graphing
• Plugin API
• Huge performance and stability improvements across the whole stack
• Small possibility of losing messages in certain scenarios has been fixed
• Improvements to internal logging from threads to avoid swallowing Graylog2 error messages
• Paused streams are no longer checked for alerts
• Several improvements to timezone handling
• JavaScript performance fixes in the web interface and especially a fixed memory leak of charts on dashboards
• The GELF input now supports CORS
• Stream matching now has a configurable timeout to avoid stalling message processing in case of too complex rules or erroneous regular expressions
• Stability improvements for Kafka and AMQP inputs
• Inputs can now be paused and resumed
• Dozens of bug fixes and other improvements

Graylog2 0.20.3

Released: 2014-08-09

https://www.graylog.org/graylog2-v0-20-3-has-been-released/

• Bugfix: Storing saved searches was not accounting custom application contexts
• Bugfix: Editing stream rules could have a wrong a pre-filled value
• Bugfix: The create dashboard link was shown even if the user has no permission to so. This caused an ugly error page because of the missing permissions.
• Bugfix: graylog2-radio could lose numeric fields when writing to the message broker
• Better default batch size values for the Elasticsearch output
• Improved rest_transport_uri default settings to avoid confusion with loopback interfaces
• The deflector index is now also using the configured index prefix

Graylog2 0.20.2

Released: 2014-05-24

https://www.graylog.org/graylog2-v0-20-2-has-been-released/

• Search result highlighting
• Reintroduces AMQP support
• Extractor improvements and sharing
• Graceful shutdowns, Lifecycles, Load Balancer integration
• Improved stream alert emails
• Alert annotations
• CSV exports via the REST API now support chunked transfers and avoid heap size problems with huge result sets
• Login now redirects to page you visited before if there was one
• More live updating information in node detail pages
• Empty dashboards no longer show lock/unlock buttons
• Global inputs now also show IO metrics
• You can now easily copy message IDs into native clipboard with one click
• Improved message field selection in the sidebar
• Fixed display of floating point numbers in several places
• Now supporting application contexts in the web interface like https://example.org/graylog2
• Several fixes for LDAP configuration form
• Message fields in the search result sidebar now survive pagination
• Only admin users are allowed to change the session timeout for reader users
• New extractor: Copy whole input
• New converters: uppercase/lowercase, flexdate (tries to parse any string as date)
• New stream rule to check for presence or absence of fields
• Message processing now supports trace logging
• Better error message for ES discovery problems
• Fixes to GELF input and it holding open connections
• Some timezone fixes
• CSV exports now only contain selected fields
• Improvements for bin/graylog* control scripts
• UDP inputs now allow for custom receive buffer sizes
• Numeric extractor converter now supports floating point values
• Bugfix: Several small fixes to system notifications and closing them
• Bugfix: Carriage returns were not escaped properly in CSV exports
• Bugfix: Some AJAX calls redirected to the startpage when they failed
• Bugfix: Wrong sorting in sources table
• Bugfix: Quickvalues widget was broken with very long values
• Bugfix: Quickvalues modal was positioned wrong in some cases
• Bugfix: Indexer failures list could break when you had a lot of failures
• Custom application prefix was not working for field chart analytics
• Bugfix: Memory leaks in the dashboards
• Bugfix: NullPointerException when Elasticsearch discovery failed and unicast discovery was disabled
• Message backlog in alert emails did not always include the correct number of messages
• Improvements for message outputs: No longer only waiting for filled buffers but also flushing them regularly. This avoids problems that make Graylog2 look like it misses messages in cheap benchmark scenarios combined with only little throughput.