Changelog for version 5.1.0#
Released 23 September 2022#
Web UI Changes#
Cleaned up stale searches for live searches on dashboards.
Removed ingester cache alert, add ingester cache values to table/ingester view.
Cleared stale notifications.
Fixed an issue where admin user’s list of pivotable actions is unexpectedly long.
Fixed an issue where preferences could be reset.
Fixed an issue where current timeframe was not updated after locking it.
Fixed errors interface within timeframe component.
Fixed an issue where saved default coordinates were not respected.
Cleared table starred rows on search change.
Fixed issue where data calendar would not change on navigation.
Fixed an issue where query launch buttons don’t always show in playbooks.
Fixed 404ing ingesters on OEM builds.
Fixed autosizing description input on the action form.
Retained node inspector view on flow save.
Improved error message for username already taken.
Fixed an issue where kit archives incorrectly showed playbooks and resources as deleted.
Fixed an ambiguous error message for while changing admin password.
Fixed an issue where groups were not updating appropriately on the users view for admins.
Fixed an issue where timeframe types may be inaccessible in custom timeframe dialog.
Renamed ingestion calendar to data calendar. Provided extra “raw” tooltip text.
Fixed an issue where the Basic Details button within dashboard list page of kits didn’t work.
Fixed an issue where tables may not render in dashboards.
Fixed an issue where hidden custom time formats would show in “launch” menus.
Fixed an issue where pressing enter on Actionable form caused unexpected navigation.
Fixed an issue where images uploaded by non-admin will be “not found” for other users.
Fixed an issue where group list has groups user is not a member of.
Fixed an issue where “Open a URL” action substitution can be incorrect.
Fixed an issue where “Note” node’s label value does not reflect inspector form.
Re-work context menu headers while applying element filters.
Launch playbook queries in a new tab with middle click.
Add toolbar actions within Query Studio.
Add clickable words to raw text of entries.
Merge Data Explorer functionality into search.
Add detailed view to raw and text search results.
Add Stats & Data Analysis view to search results within Query Studio.
Rename “highlighted” table rows to “starred.”
Select substrings in element filter context menu.
Add documentation and icon for SplunkQuery flow node.
Backup/restore now includes API tokens.
Improved triggering of acceleration in the grep module.
Webserver access logs now include the UID if the user is logged in.
Added the filetype module.
Improved container startup efficiency in the search agent.
Fixed an issue where certain entries could cause the webserver to crash when using Data Explorer.
Fixed an issue that prevented regular expression acceleration from working when used in an autoextractor.
Fixed an issue that prevented the regular expression accelerator from engaging when using regular expressions that contain double quotes.
Fixed an issue where containers started by the search agent were started in the wrong directory.
Fixed an issue where both sort and entropy modules behaved incorrectly in cluster configurations.
Fixed an issue that prevented negative offsets in the slice module from working.
Improved handling of malformed BASE64 data in the base64 module.
Fixed and issue that caused incorrect wrapping of text in PDF output.
Fixed an issue that prevented JSON fields that contain special characters from being extracted.
Added a corelight preprocessor.
Updated the benchmark documentation on docs.gravwell.io.