Changelog for version 5.8.14#

Released 23 April 2026#

Gravwell#

Attention

This release contains high priority bug fixes to address security concerns related to secret leaking and token permissions. Gravwell highly recommends users change secrets which have been used for MS SQL database connection strings in SQL Query flow nodes.

Additions#

  • Added a new eval function named indirect() that allows for passing a string, EV name, or EV name string that will transparently resolve the EV, name, or string. This function helps with building macros and other automation functions that may need to take a constant, an EV, or an EV name.

  • Added API version checks and library enforcement to ensure client compatibility with currently installed Gravwell version.

Bug Fixes#

  • Fixed an issue where secrets were not properly masked in error messages when running a Flow with a SQL Query flow node.

  • Fixed an issue with using backslashes in MS SQL database connection strings in the SQL Query flow node.

  • Fixed an issue with Token ownership caching when a user token is edited by an admin.

  • Fixed an issue with type promotion in the eval module in() function.

  • Fixed an issue with using 0x20 (space) as the separator in the kv module.

  • Fixed a hinting issue with eval that occured when using non-fulltext compatible delimiters with the fields or kv modules.

  • Fixed the PagerDuty flow node to comply with required fields and field lengths expected by the API.

Ingesters#

Bug Fixes#

  • Fixed an issue where the HEC health check was not respected by the HTTP ingester.