Changelog

Please note this changelog is for Graylog Operations. For the core Graylog changelog, please see the following article.

Graylog Enterprise 5.0.13

Released: 2023-10-12

No changes in Graylog Enterprise for 5.0.13.

Graylog Enterprise 5.0.12

Released: 2023-10-04

Fixed

Fixed Illuminate activation errors for non default root users.

Graylog Enterprise 5.0.11

Released: 2023-09-06

No changes in Graylog Enterprise for 5.0.11.

Graylog Enterprise 5.0.10

Released: 2023-08-02

Changed

Changed the minimum allowed Anomaly Detector interval to 10 minutes.

Fixed

Fixed handling of backslashes in Sigma rule queries that caused OpenSearch errors.

Graylog Enterprise 5.0.9

Released: 2023-07-05

Fixed

Fix anomaly detector audit log messages not displaying IDs/names.
Fixed indefinite error loop in Office 365 Input.

Graylog Enterprise 5.0.8

Released: 2023-06-07

Changed

Adjusted F5 BIG-IP input log fields

Fixed

Fixed bug where Illuminate Spotlight Packs marked as core did not have their content packs installed
Fix Archving with Snappy compression on Java 17.
Fix for issue with plugin routes when web server sets a path prefix
Fixed problem with concurrently running report jobs
Fixed several F5 Input runtime issues.

Graylog Enterprise 5.0.7

Released: 2023-05-03

Added

Added extra error logging for empty OpenSearch Anomaly Detection error responses.

Fixed

Fixed slow archive restore.
Fixed broken Message Summary and Indicator Templates.

Graylog Enterprise 5.0.6

Released: 2023-04-05

Fixed

Fixed issue where Illuminate bundle could not be upgraded if a lookup entity inside had a naming collision with an existing entity.
Fixed bug where MongoDB data adapter entries were not removed when the owning data adapter was deleted.
Fixed unnecessary anomaly detector sync queries causing OpenSearch errors.
Fix broken on-screen validation of Azure EventHubs Maximum Wait Time field.

Graylog Enterprise 5.0.5

Released: 2023-03-06

Fixed

Fixed F5 Big IP input bug causing inability to load API browser components.

Graylog Enterprise 5.0.4

Released: 2023-03-01

Added

Added proxy support to Azure Event Logs input. (Thanks: @Srinidhi-Saravanan)
Added multi-node support for the Azure Event Logs input.

Changed

Changed decommissioned link in O365 Input wizard to updated link.
Created new plugin for F5 BIG-IP logs. (Thanks: @Srinidhi-Saravanan)
Rename Azure Log Events input to Azure Event Hubs.

Fixed

Also include query/timerange/filter(s)/streams when switching message table to log view.
Fixed issue with Lookup Entity Mappings migration that prevented the server from starting on 5.0 if deprecated Illuminate content packs were installed.
Fixed Sigma Rule query creation to correctly handle lists of maps.
Handle deprecated short time zone IDs in job scheduler definitions.
Avoid exception thrown during report rendering being swallowed.
Fixes error on decoding Google Workspace Logs with some types of parameters.

Graylog Enterprise 5.0.3

Released: 2023-02-01

Fixed

Fixed failure to synchronize Anomaly Detectors that are active in OpenSearch but marked as inactive in Graylog.
Allow configuration of retention time of archives in cloud UI interface.
Fixed bug where Illuminate lookup table data adapters were being populated with incorrect values
Fixed bug where disabling Illuminate processing packs displayed an error.
Fixed error causing Illuminate bundle install timeouts.

Graylog Enterprise 5.0.2

Released: 2023-01-04

Fixed

Fixed failure to load Anomaly Detection Configuration page.
Fixed incorrect Graylog Security Network dashboard widget name.
Fixed error when enabling anomaly detectors in OpenSearch 2.x.
Fix buffering to journal when TCP based outputs experience connection issues.

Graylog Enterprise 5.0.1

Released: 2022-12-14

Fixed

Fix incorrect deprecated Illuminate warning check.
Fix Illuminate data adapters being unusable from user space without a server restart.
Fixed issue where users could not create O365 Log Event inputs with GCC High or DOD subscription types.

Graylog Enterprise 5.0.0

Released: 2022-12-07

Added

Illuminate Lookup tables are now available in user space.
Allow defining multiple scheduling frequencies for report delivery
Adding search filter feature.
Add a config option to automatically delete archive files that are older than a defined age
Added Illuminate Spotlight content packs to Illuminate bundle installation.
Added deprecated warning and status metrics reporting.
Support restoring archives in bulk
Added backend support for storing timerange overrides for each report frequency configuration
Add gRPC health check endpoints.
Added support for Sigma rules.
Added a Store Full Message field option to the Azure Logs input, which stores the entire message payload received from Azure Logs.

Changed

Display parameter inputs inside search bar.
Report deliveries use generic scheduler instead of periodical task
Index archive names are now guaranteed to be unique by appending the index ID.

Graylog Enterprise 4.3.15

Released: 2023-05-03

Added

Added extra error logging for empty OpenSearch Anomaly Detection error responses.

Graylog Enterprise 4.3.14

Released: 2023-04-05

Fixed

Fixed bug where MongoDB data adapter entries were not removed when the owning data adapter was deleted.
Fixed unnecessary anomaly detector sync queries causing OpenSearch errors.
Fix broken on-screen validation of Azure EventHubs Maximum Wait Time field.
Fixed issue with Palo Alto Global Protect logs parsing last 5 fields incorrectly. (Thanks: @giveen)

Graylog Enterprise 4.3.13

Released: 2023-03-01

Changed

Changed decommissioned link in O365 Input wizard to updated link.

Fixed

Handle deprecated short time zone IDs in job scheduler definitions.

Graylog Enterprise 4.3.12

Released: 2023-02-01

Fixed

Fixed failure to synchronize Anomaly Detectors that are active in OpenSearch but marked as inactive in Graylog.

Graylog Enterprise 4.3.11

Released: 2023-01-04

Fixed

Fixed failure to load Anomaly Detection Configuration page.
Fixed error when enabling anomaly detectors in OpenSearch 2.x.
Fixed buffering to journal when TCP based outputs experience connection issues.

Graylog Enterprise 4.3.10

Released: 2022-12-14

Fixed

Fix LDAP group membership matching by memberUid attribute.
Fixed issue where users could not create O365 Log Event inputs with GCC High or DOD subscription types.

Graylog Enterprise 4.3.9

Released: 2022-11-02

Added

Add default_archive_retention_time and max_archive_retention_time config file settings for the archive auto-removal feature.

Fixed

Fix team sync for Okta authentication backends.
Fix S3 archive backend creation form.
Fix license traffic violation error triggering one day too early.

Security

Update Okta UI widget to version 7.0.0 to fix CVE-2020-11023.

Graylog Enterprise 4.3.8

Released: 2022-10-05

Changed

Reduce log level for noisy log messages in the Office365 input.

Fixed

Fix problem with archive retention configuration form.
Fix file handle leak in HTTP-based lookup table adapters.

Graylog Enterprise 4.3.7

Released: 2022-09-16

Added

Add optional archive retention to automatically delete old archives after a configurable time. (This is disabled by default.)

Fixed

Fix archive Overview page to remain operational when one or more cluster nodes are missing.

Graylog Enterprise 4.3.6

Released: 2022-09-07

Added

Add gRPC health check endpoint to the forwarder input.

Fixed

Fix inconsistent sorting and other smaller issues on the archiving overview page.
Gracefully handle unclean shutdown of the forwarder health status manager.
Fix infinite loop problem in the error handling of the Office365 input.

Graylog Enterprise 4.3.5

Released: 2022-08-09

Added

Add custom OIDC claims in the OIDC authentication backend configuration.

Graylog Enterprise 4.3.4

Released: 2022-08-03

Added

Addreport_accept_insecure_certsconfig file option to make reporting work for setups withself-signed TLS certificates.

Fixed

Fix license check for external actions.
Fix timing issue for the Forwarder status display on the Forwarder overview page.

Security

No longer displays (short-lived) session token in-error messages when reporting fails.

Graylog Enterprise 4.3.3

Released: 2022-07-06

Fixed

Fix state detection of anomaly detector status in the UI.
Fix license check on reports page.
Fix duplicate message ingest for the Office365 input by only running the input on the leader node.
Fix thread leak in TCP Enterprise Outputs.

Graylog Enterprise 4.3.2

Released: 2022-06-15

Fixed

Fix problem with UI code that prevented a user session to time out.
Fix parameter handling for parameters that are not used in queries.

Graylog Enterprise 4.3.1

Released: 2022-06-01

Fixed

Fix copying of Security dashboards.
Fix system overview page for non-admin users.

Graylog Enterprise 4.3.0

Released: 2022-05-25

Added

Display roles from assigned teams on the user details page.
Support multiple values in watchlist functions.
Allow users to override built-in Illuminate lookup tables.
Display a warning in the UI for upcoming license violations and export a related backend metric.
Add a configurable notification in the UI when an archiving operation fails.
Add hourly interval for automatic report generation.
Add support for OpenSearch.
Add support for reports creation on ARM64 platforms.
Add validation for search query parameters.
Add Graylog Security application.
Add minimal team sync backend for OIDC authentication service.
Send notification emails for license violations to a configurable list of subscribers.
Add edit links for dashboards, dashboard pages, and widgets to report content pages.
Show forwarder version in the UI. forwarder#53
Add time zone support for report scheduling.
Show the license limit on the daily traffic graph.
Add anomaly detection for Graylog Security.

Changed

Group widgets by dashboard pages in reports content selection.
Send error notifications to report subscribers when report generation fails.

Fixed

Improve license messages for Illuminate.
Avoid unnecessary index updates for Illuminate.
Fix Illuminate bundle upload from browsers running on Microsoft Windows.
Improve notifications for missing or expired licenses on the forwarder pages.
Several improvements for reports creation and update.
Warn users when they delete a dashboard or widget that is referenced in a report.
Improve log output for the reporting backend in case of errors.
Fix logo display in report configuration with large images.
Don't allow report creation or modification when parameter values are missing.
Improve Illuminate processor restart handling.
Improve Illuminate processing restart resiliency.
Improve message failure handler to continue processing if MongoDB is unreachable.
Improve error handling for reports.
Fix log view message export to honor query time limits.
Fix report generation when a report has no widgets configured.
Fix timing issue with logo rendering in reports.
Allow report creation in landscape format.
Disable team deletion when no valid license is installed.

Graylog Enterprise 4.2.11

Released: 2022-07-06

Fixed

Fix thread leak in TCP Enterprise Outputs.

Graylog Enterprise 4.2.10

Released: 2022-06-15

Enterprise

No changes since 4.2.9.

Enterprise Integrations Plugin

Fixed

Add option to store the full message for the Azure Logs plugin.

Graylog Enterprise 4.2.9

Released: 2022-05-04

Enterprise

No changes since 4.2.8.

Enterprise Integrations Plugin

Fixed

Treatazure_connection_stringfield in the Azure Logs input as password to conceal it in the UI.

Graylog Enterprise 4.2.8

Released: 2022-04-12

Enterprise

Changed

Convert built-in forwarder user to service account.

Graylog Enterprise 4.2.7

Released: 2022-03-02

Enterprise

Fixed

Fix report history status icon.

Graylog Enterprise 4.2.6

Released: 2022-02-02

Enterprise

Fixed

Fix a report generation issue with widgets that don’t have a configured time range.
Remove unused log4j 1.x dependency.

Enterprise Integrations Plugin

No changes since 4.2.5.

Graylog Enterprise 4.2.5

Released: 2022-01-05

Enterprise

Add right-click action for GreyNoise IP lookup
Added loading indicator when performing Illuminate bundle operations

Enterprise Integrations Plugin

Check for reserved IP addresses in GreyNoise Community IP Lookup Adapter.
Add Azure Event Logs input (../Getting_in_Log_Data/Azure_Event_Hub.html)

Graylog Enterprise 4.2.4

Released: 2021-12-16

Enterprise

No changes since 4.2.3.

Enterprise Integrations Plugin

No changes since 4.2.3.

Graylog Enterprise 4.2.3

Released: 2021-12-10

Enterprise

No changes since 4.2.2.

Enterprise Integrations Plugin

No changes since 4.2.2.

Graylog Enterprise 4.2.2

Released: 2021-12-01

Enterprise

Fixed

Increase reliability of the failure handler feature.
Fix index set upgrade problem with Illuminate bundles.
Don’t render optional fields in message summary if related value doesn’t exist.

Enterprise Integrations Plugin

Changed

Include more data fields from the NOISE response in the GreyNoise lookup data adapter.

Graylog Enterprise 4.2.1

Released: 2021-11-03

Enterprise

Added

Add ability to delete a disabled Illuminate bundle.

Fixed

Allow archive S3 backend to work without thes3:CreateBucketpermission when the bucket alreadyexists.
Fix misleading log warning regarding index updates on Illuminate installation.
Fix issue with watchlist key creation.

Enterprise Integrations Plugin

Fixed

Fix exception in Gmail input if there are no logs for the current day.
Fix default value for the polling interval setting for Google Cloud inputs.

Graylog Enterprise 4.2.0

Released: 2021-10-13

Enterprise

Added

Display message summaries based on message event types.
Add external value actions for message field values.
Allow horizontal scrolling in log view widget.
Add generic OIDC authentication backend.
Add Illuminate bundle support.
Add Illuminate message processor.
Support lookup tables in search parameters.
Store indexing and processing failures in a separate stream and index set to simplify debugging.
Add watchlist lookup table.
Add watchlist indicator to message details.
Add “Add to watchlist” and “Remove from watchlist” value actions for message fields.
Support custom authentication server for Okta backend.

Changed

Create system notifications for archiving errors to improve visibility.

Fixed

Fix formatting for forwarder related audit log entries.
Add default spool directory for S3 archiving backend.
Improve Okta authentication error reporting.
Improve error handling for S3 archiving.
Fix issue with switchting forwarder input profiles.
Fix search parameter problem when copying widget from search to dashboard.
Improve sorting on forwarders page.
Support an empty archive output path for S3 backends.

Enterprise Integrations Plugin

Added

Add Raw UDP Enterprise output.
Add Google Cloud input to pull VPC, firewall, and audit logs.
Add Google Workspace input to pull admin, drive, login, calendar, token, and message tracking logs.
Add Gmail input to pull mail logs from BigQuery.

Graylog Enterprise 4.1.14

Released: 2022-04-12

Enterprise

Changed

Convert built-in forwarder user to service account.

Graylog Enterprise 4.1.13

Released: 2022-03-02

Enterprise

Fixed

Fix report history status icon.

Graylog Enterprise 4.1.12

Released: 2022-02-02

Enterprise

Fixed

Remove unused log4j 1.x dependency.

Enterprise Integrations Plugin

No changes since 4.1.11.

Graylog Enterprise 4.1.11

Released: 2022-01-05

Enterprise

No changes since 4.1.10

Enterprise Integrations Plugin

No changes since 4.1.10

Graylog Enterprise 4.1.10

Released: 2021-12-16

Enterprise

No changes since 4.1.9.

Enterprise Integrations Plugin

No changes since 4.1.9.

Graylog Enterprise 4.1.9

Released: 2021-12-10

Enterprise

No changes since 4.1.8.

Enterprise Integrations Plugin

No changes since 4.1.8.

Graylog Enterprise 4.1.8

Released: 2021-12-01

Enterprise

No changes since 4.1.7.

Enterprise Integrations Plugin

No changes since 4.1.7.

Graylog Enterprise 4.1.7

Released: 2021-11-03

Enterprise

No changes since 4.1.6.

Graylog Enterprise 4.1.6

Released: 2021-10-06

Enterprise

Added

Add support for custom auth servers in Okta authentication backend.

Graylog Enterprise 4.1.5

Released: 2021-09-13

Enterprise

Fixed

Fix an issue when adding a widget with an option dropdown parameter in reports.
Fix Graylog Forwarder documentation URLs.

Graylog Enterprise 4.1.4

Released: 2021-09-01

Enterprise

Fixed

Fixed an issue when adding a widget with an option dropdown parameter in reports. (Graylog2/)

Graylog Enterprise 4.1.3

Released: 2021-08-04

Enterprise

No changes since 4.1.2.

Graylog Enterprise 4.1.2

Released: 2021-07-28

Enterprise

Security

Session ID leak in Graylog DEBUG log file and audit log.

We recently discovered a session ID leak in the Graylog DEBUG log file as well as the audit log. A user can use a session ID to authenticate against Graylog and then this user has access to all the permissions associated with the owner of the session ID.

The ID was printed in DEBUG level log messages (DEBUG is not enabled by default) as well as the Graylog Enterprise Audit Log. By default, the Graylog Audit Log is only logging to the local database and only accessible by Graylog administrators.

We would like to thank David Herbstmann for discovering and responsibly disclosing this vulnerability.

The following CVE IDs have been assigned: CVE-2021-37759, CVE-2021-37760

Fixed

Fix license check issue in LogView widget. Graylog2/Graylog2/

Graylog Enterprise 4.1.1

Released: 2021-07-07

Enterprise

Fixed

Add default value for the spool directory in the UI configuration for the S3 archiving backend.
Improve Forwarder request/response handling when server has high load.

Enterprise Integrations Plugin

Added

Add lookup data adapter for abuse.ch ThreadDox IOC.

Graylog Enterprise 4.1.0

Released: 2021-06-23

Enterprise

Added

Add theme customization options to allow the usage of custom colors.
Add support for global notifications to display announcements and other messages to all users or a selectedgroup of users.
Add authentication and team-sync support for the Okta indentity provider.
Add support for the Graylog Forwarder. The Graylog Forwarder is a standalone agent for sending log data toGraylog Cloud or an on-premise Graylog Server cluster.
Add Log View widget including file export. This allows users to read log messages in a way similar to readingplain text log files.
Add support for exporting messages in JSON, NDJSON and plain text formats.
Add S3 archiving backend to store archives in AWS S3 compatible object stores.
Add option to make archive batch size configurable for performance tuning.
Extend search and dashboard parameters to allow pre-defined values based on static lists or available messagefield values.
Add pagination for reports overview.

Fixed

Improve archiving multiple indices.
Fix rendering world map visualization in reports.
Improved search and dashboard parameter validation and styling.
Use case-insensitive matching for LDAP/AD group sync.
Disable confusing traffic warning log messages by default.

Enterprise Integrations Plugin

Added

Add ActiveDirectory user lookup data adapter.
Add Enterprise Greynoise lookup data adapter.
Add URLhaus lookup data adapter.

Graylog Enterprise 4.0.17

Released: 2022-07-06

Fixed

Fix thread leak in TCP Enterprise Outputs.

Graylog Enterprise 4.0.16

Released: 2022-04-12

Enterprise

Changed

Convert built-in forwarder user to service account.

Graylog Enterprise 4.0.15

Released: 2021-12-16

Enterprise

No changes since 4.0.14.

Enterprise Integrations Plugin

No changes since 4.0.14.

Graylog Enterprise 4.0.14

Released: 2021-12-10

Enterprise

No changes since 4.0.13.

Enterprise Integrations Plugin

No changes since 4.0.13.

Graylog Enterprise 4.0.13

Released: 2021-09-13

Enterprise

No changes since 4.0.11.

Graylog Enterprise 4.0.12

Released: 2021-09-01

Enterprise

No changes since 4.0.11.

Graylog Enterprise 4.0.11

Released: 2021-08-04

Enterprise

No changes since 4.0.10.

Graylog Enterprise 4.0.10

Released: 2021-07-28

Enterprise

Security

Session ID leak in Graylog DEBUG log file and audit log.

We would like to thank David Herbstmann for discovering and responsibly disclosing this vulnerability.

The following CVE IDs have been assigned: CVE-2021-37759, CVE-2021-37760

Graylog Enterprise 4.0.9

Released: 2021-07-07

No changes since 4.0.8.

Graylog Enterprise 4.0.8

Released: 2021-06-02

Enterprise

Fixed

Lower log level for irregular traffic record check.

Graylog Enterprise 4.0.7

Released: 2021-05-05

Enterprise

Fixed

Fix rendering of the world map visualization in reports.

Graylog Enterprise 4.0.6

Released: 2021-04-07

Enterprise

Fixed

Change LDAPGroupResolver to use case-insensitive matching

Enterprise Integrations Plugin

Added

Add “drop sensitive data” option to Microsoft365 input

Graylog Enterprise 4.0.5

Released: 2021-02-22

Enterprise

No changes since 4.0.4.

Graylog Enterprise 4.0.4

Released: 2021-02-22

Enterprise

No changes since 4.0.3.

Graylog Enterprise 4.0.3

Released: 2021-02-16

Enterprise

No changes since 4.0.2.

Enterprise Integrations Plugin

Added

Add full-message transformer to Enterprise Output Framework.

Graylog Enterprise 4.0.2

Released: 2021-01-27

Enterprise

Added

Allow modification of timezone in report scheduling settings.

Fixed

Fix report preview styling when dark mode is active.

Enterprise Integrations Plugin

Fixed

Reduce noise of legacy script alarm callback notification.
Fix timing issue with old checkpoints in Office365 plugin.
Properly shut down TCP connections when stopping Enterprise outputs.

Graylog Enterprise 4.0.1

Released: 2020-11-25

Enterprise

No changes since 4.0.0.

Enterprise Integrations Plugin

Do not shut down Okta input on errors.
Let Office 365 plugin use configured proxy settings.

Graylog Enterprise 4.0.0

Released: 2020-11-18

Enterprise

Added

Add support for grouping users in teams.
- See: Permission Management
Add support for managing access to streams, searches and dashboards through teams.
- See: Permission Management
Add support for syncing groups from LDAP and Active Directory into Graylog teams.
- See: Permission Management
Add configurable header badge.
Create notification for failed Enterprise outputs.
Add cluster resources for archiving to allow archiving to be managed from all server nodes.

Fixed

Don’t fail reports migration if a widget is missing.
Improve error logging for report generation.

Enterprise Integrations Plugin

Added

Script event notification plugin to replace the legacy script alarm callback plugin.

Graylog Enterprise 3.3.17

Released: 2022-04-12

Enterprise

Changed

Convert built-in forwarder user to service account.

Graylog Enterprise 3.3.16

Released: 2021-12-16

Enterprise

No changes since 3.3.15.

Enterprise Integrations Plugin

No changes since 3.3.15.

Graylog Enterprise 3.3.15

Released: 2021-12-10

Enterprise

No changes since 3.3.14.

Enterprise Integrations Plugin

No changes since 3.3.14.

Graylog Enterprise 3.3.14

Released: 2021-07-28

Enterprise

Security

Session ID leak in Graylog DEBUG log file and audit log.

We would like to thank David Herbstmann for discovering and responsibly disclosing this vulnerability.

The following CVE IDs have been assigned: CVE-2021-37759, CVE-2021-37760

Graylog Enterprise 3.3.13

Released: 2021-05-05

Enterprise

Fixed

Fix rendering of the world map visualization in reports.

Graylog Enterprise 3.3.12

Released: 2021-04-14

No changes since 3.3.11.

Graylog Enterprise 3.3.11

Released: 2021-02-16

No changes since 3.3.10.

Graylog Enterprise 3.3.10

Released: 2021-01-27

Enterprise

Added

Allow modification of timezone in report scheduling settings.

Graylog Enterprise 3.3.9

Released: 2020-11-25

Enterprise

Fixed

Fix audit formatting for file resource.
Fix permission issue with reports.
Fix logo images in reports.
Fix issue with rendering help buttons.

Enterprise Integrations Plugin

Fixed

Do not shut down Office 365 input on errors.
Do not shut down Okta input on errors.
Fix issue with Office 365 logon data parsing.
Let Office 365 plugin use configured proxy settings.

Graylog Enterprise 3.3.8

Released: 2020-10-12

Enterprise Integrations Plugin

Fixed

Fixed an issue with the O365 codec where it was not handling the event timestamp correctly.

Graylog Enterprise 3.3.7

Released: 2020-10-08

Enterprise Integrations Plugin

Fixed

Ensure cleanup of on-disk journal when Enterprise Output is deleted.

Graylog Enterprise 3.3.6

Released: 2020-09-28

Enterprise

Fixed

Improve error logging during report generation.

Enterprise Integrations Plugin

Added

Add Google BigQuery output to the Enterprise output framework.

Fixed

FixNullPointerExceptionand thread-safety issues in the Enterprise outputframework.
Fix retry logic and overall robustness of the office365 input.
Improve error detection and error handling in the Enterprise output framework.

Graylog Enterprise 3.3.5

Released: 2020-08-17

Fixed

Fix NullPointerException when deleting an output, which caused the on-disk journal to not get cleaned up.

Graylog Enterprise 3.3.4

Released: 2020-08-06

Changed

Fix pipeline selection on output creation to make the pipeline optional rather than required.

Fixed

Fixed a bug which occurred during the setup of the O365 Input.
Fix error when starting the Forwarder with the Enterprise Integrations plugin.

Graylog Enterprise 3.3.3

Released: 2020-07-29

Added

Add office365 input plugin.
Add reliable output framework and TCP and TCP Syslog outputs.

Graylog Enterprise 3.3.2

Released: 2020-06-24

Fixed

Fix message table headers in reports.

Graylog Enterprise 3.3.1

Released: 2020-06-10

Fixed

Fix issue with reports database migration when widgets are missing.
Add a cluster resource for the archiving API and use it in the UI. All endpoints in the cluster resourceare routed to the regular endpoints on the master node to avoid the need for custom proxy configuration.

Graylog Enterprise 3.3.0

Released: 2020-05-20

Added

Input for Okta log events.
Create detailed audit log messages for search jobs.
Create detailed audit log messages for message exports.
Automatically install trial licenses requested from the UI.
Add 1 day mute option to trial license reminders.

Changed

Implement message list limit in reports.

Fixed

Fix archive catalog response with different backends having the same archive.
Improve keyboard input for search/dashboard parameter fields.
Improve error messages with missing parameters in reports.
Fix problem with non-ascii characters in correlation field names.
Fix unintended selection of multiple widgets in report widget selection.
Fix detection of value-less parameters in reports.
Hide license warning on search/dashboard page if no license is installed.
Use user defined chart colors in reports.

Graylog Enterprise 3.2.6

Released: 2020-06-10

No changes since 3.2.5.

Graylog Enterprise 3.2.5

Released: 2020-05-19

No changes since 3.2.4.

Graylog Enterprise 3.2.4

Released: 2020-03-19

Fixed

Fix issue with search parameter input fields.
Fix error exporting a correlation event definition in content packs.

Graylog Enterprise 3.2.3

Released: 2020-03-11

Fixed

Fix issue with custom fields and correlation event definitions.

Graylog Enterprise 3.2.2

Released: 2020-02-20

Fixed

Fix missing rows in message table widget in reports.
Don’t try to archive indices which have already been archived.

Graylog Enterprise 3.2.1

Released: 2020-02-04

Fixed

Gracefully handle missing dashboards and widgets when collecting parameters for reports.

Graylog Enterprise 3.2.0

Released: 2020-01-14

Added

Dynamic list support for events and alert definition queries.
Search parameter support for reports.
MongoDB lookup data adapter.

Fixed

Remove incomplete archive directory when archiving process fails.
Fix race condition with archive catalog writing.

Graylog Enterprise 3.1.4

Released: 2020-01-14

Fixed

Only write archive metadata if the archiving process succeeded.
Improve resiliency of widgets in reports.

Graylog Enterprise 3.1.3

Released: 2019-11-06

Fixed

Fix problem with correlating events created by aggregation event definitions.
Remove incomplete archive directory when archive job fails or is stopped.

Graylog Enterprise 3.1.2

Released: 2019-09-12

No changes since 3.1.1.

Graylog Enterprise 3.1.1

Released: 2019-09-04

No changes since 3.1.0.

Graylog Enterprise 3.1.0

Released: 2019-08-16

Added

Add correlation engine and UI for new alerts and events system.
Add Enterprise job scheduler implementation.

Removed

Moved views feature to open-source. (except parameter support)

Fixed

Fix report service memory leak.
Fix auto-completion in drop-down fields.
Fix rendering of archive configuration page

Graylog Enterprise 3.0.2

Released: 2019-05-03

Integrations Plugin

Improve Graylog Forwarder configuration defaults.
Improve Graylog Forwarder error handling.
Update Graylog Forwarder dependencies.

Graylog Enterprise 3.0.1

Released: 2019-04-01

Fix missing authorization checks in the license management.
Fix view sharing issue for regular users.
Fix memory leak in the reporting system.

Integrations Plugin

Add Graylog Forwarder feature.

Graylog Enterprise 3.0.0

Released: 2019-02-14

Announcement blog post: https://www.graylog.org/post/announcing-graylog-v3-0-ga
Upgrade notes: Upgrading to Graylog 3.0.x

A detailed changelog is following soon!

Integrations Plugin

Add Script Alert Notification

Graylog Enterprise 2.5.2

Released: 2019-03-15

Plugin: License

Add missing permissions to license API resources.
Only show upcoming license expiration warning to admin users.

Graylog Enterprise 2.5.1

Released: 2018-12-19

No changes since 2.5.0.

Graylog Enterprise 2.5.0

Released: 2018-11-30

No changes since 2.4.6.

Graylog Enterprise 2.4.7

Released: 2019-03-01

Plugin: License

Add missing authorization checks to license resources.

Graylog Enterprise 2.4.6

Released: 2018-07-16

No changes since 2.4.5.

Graylog Enterprise 2.4.5

Released: 2018-05-28

No changes since 2.4.4.

Graylog Enterprise 2.4.4

Released: 2018-05-02

No changes since 2.4.3.

Graylog Enterprise 2.4.3

Released: 2018-01-24

No changes since 2.4.2.

Graylog Enterprise 2.4.2

Released: 2018-01-24

No changes since 2.4.1.

Graylog Enterprise 2.4.1

Released: 2018-01-19

No changes since 2.4.0.

Graylog Enterprise 2.4.0

Released: 2017-12-22

No changes since 2.4.0-rc.2.

Graylog Enterprise 2.4.0-rc.2

Released: 2017-12-20

No changes since 2.4.0-rc.1.

Graylog Enterprise 2.4.0-rc.1

Released: 2017-12-19

No changes since 2.4.0-beta.4.

Graylog Enterprise 2.4.0-beta.4

Released: 2017-12-15

Plugin: License

The license page now shows more details about the installed licenses.

Graylog Enterprise 2.4.0-beta.3

Released: 2017-12-04

No changes since 2.4.0-beta.2.

Graylog Enterprise 2.4.0-beta.2

Released: 2017-11-07

No changes since 2.4.0-beta.1.

Graylog Enterprise 2.4.0-beta.1

Released: 2017-10-20

Plugin: Archive

Add support for Zstandard compression codec.

Graylog Enterprise 2.3.2

Released: 2017-10-19

Plugin: Archive

Fix archive creation for indices with lots of shards.

Graylog Enterprise 2.3.1

Released: 2017-08-25

Plugin: Archive

Lots of performance improvements (up to 7 times faster)
Do not delete an index if not all of its documents have been archived

Graylog Enterprise 2.3.0

Released: 2017-07-26

Plugin: Archive

Record checksums for archive segment files
Add two archive permission roles “admin” and “viewer”
Allow export of filenames from catalog search

Graylog Enterprise 2.2.3

Released: 2017-04-04

Plugin: Archive

Metadata is now stored in MongoDB
Preparation for storage backend support

Graylog Enterprise 2.2.2

Released: 2017-03-02

Plugin: Audit Log

Extend integration with the Archive plugin

Graylog Enterprise 2.2.1

Released: 2017-02-20

Plugin: Archive

Improve stability and smaller UI fixes

Graylog Enterprise 2.2.0

Released: 2017-02-09

Plugin: Archive

Improve index set support

Graylog Enterprise 1.2.1

Released: 2017-01-26

Plugin: Archive

Prepare the plugin to be compatible with the new default stream.

Plugin: Audit Log

Add support for index sets and fix potential NPEs.
Smaller UI improvements.

Graylog Enterprise 1.2.0

Released: 2016-09-14

https://www.graylog.org/blog/70-announcing-graylog-enterprise-v1-2

Plugin: Archive

Add support for selecting which streams should be included in your archives.

Plugin: Audit Log

New plugin to keep track of changes made by users to a Graylog system by automatically saving them in MongoDB.

Graylog Enterprise 1.1

Released: 2016-09-01

Added support for Graylog 2.1.0.

Graylog Enterprise 1.0.1

Released: 2016-06-08

Bugfix release for the archive plugin.

Plugin: Archive

Fixed problem when writing multiple archive segments

There was a problem when exceeding the max segment size so that multiple archive segments are written. The problem has been fixed and wrongly written segments can be read again.

Graylog Enterprise 1.0.0

Released: 2016-05-27

Initial Release including the Archive plugin.

Plugin: Archive

New features since the last beta plugin:

Support for multiple compression strategies. (Snappy, LZ4, Gzip, None)