Changelog for version 3.0.4#

Released April 22nd 2019#

Backend and ingester changes#

  • Bugfix that could cause timegrinder to stick to a format without timezone on format changes

  • Indexers will now notify users when Gravwell storage disks are almost full

  • Cloud Archive added to indexer

  • Packet search module can now transparently handle VLAN and MPLS layers

  • Fixed issue where scripts could not access resources using getResource API

  • Added MPLS layer to the packet search module

  • Added ICMP layer to packet search module

  • Removed some unsupported ICS protocol layers

  • Enhanced syslog search module to be dramatically more tolerant to non-compliant syslog

  • Fixed issue where regex search module could not use resources

  • Fixed issue where autoextractors imported from GUI could contain invalid characters

  • Added alias module to assign additional names to enumerated values.

  • Added -v flag on regex search module to see entries which do not match the regular expression

  • Updated logging system to include dialer info

  • -save flag for table now supports UUIDs

Webserver changes#

  • Backgrounded searches now give a notification when complete

  • More TLS configuration options for datastore setups

  • When composing a query, Gravwell will now warn if an enumerated value is used without first being extracted upstream

  • Fixed issue where distributed webservers could not share search results in HTTP-only mode

  • Fixed issue where use of the ‘json’ module would prevent searches from being backgrounded.

  • Webserver can now start without any indexers


  • Generators open source

  • Fixed issue where installer wasn’t creating a logging subdirectory on installer

  • Fixed issue where permissions were not being set correctly on installer

  • Added timezone files to published docker container