Outcold Solutions LLC

Monitoring Kubernetes - Release History

5.21.410 - 2023-10-16

Supports collectorforlinux version 5.21.x and below (see https://www.outcoldsolutions.com for latest configuration)

  • New dashboard for Collectord metrics
  • Added version=1.1 to all dashboard for compatibility with Splunk Cloud and pass AppInspector

Collectord updates:

  • Support for global replace configurations for Collectord, allowing to sanitize data before forwarding to Splunk
  • When both volatile and persistent journald destination exist, Collectord will identify which has the most recent data
  • Allow sending to Splunk more precise timestamps for the events
  • Allow sending logs to multiple Splunk HEC endpoints simultaneously
  • Collectord produces diag file without performance data, if flag --include-performance-profiles is not set
  • Performance improvements for an acknowledgement database
  • Improvements for the acknowledgement database on how long Collectord keeps the data by refreshing the state, if file still exists on the disk
  • Collectord verifies that only one Collectord instance can access the data folder, where Collectord stores its state
  • Add ability to send events with event_id, unique identifier for the messages generated from logs
  • Splunk output supports maximumMessageLength to truncate messages exceeding this size
  • Splunk output supports requireExplicitIndex to ignore all events that don't have explicit index defined
  • Weighted splunk output algorithm when multiple threads used
  • Collectord improves grace period for expired licenses allowing to bootstrap new nodes for 14 days
  • Collectord now reports source and source type for the events with incorrect index
  • Allow to specify multiple values for blacklist and whitelist for host logs
  • Bug fix: Collectord clogs the output with WARN messages about closed Splunk outputs
  • Bug fix: parse commas in the timestamps for logs
  • Support for licensing server
  • Support query in Prometheus URLs for metrics
  • Support of journald database written with systemd library 247+
  • Support for CPU based licenses
  • Support for cgroupv2
  • Support for arm64/aarch64 architecture
  • Upgrade Go language runtime to 1.21.3
  • Upgrade sqlite3 library to 3.43.1
  • Improvement for DNS resolutions of Splunk output FQDN
  • Export internal collectord metrics in Prometheus format
  • Forwarding internal collectord metrics to Splunk
  • In the diag include all open file descriptors
  • Allow to filter host logs with blacklist and whitelist
  • Support for blacklisting and whitelisting Prometheus metrics (significally reducing the indexing cost of data)
  • Support templates in the index, source and sourcetype
  • Allow to exclude indexed fields when forwarding to Splunk
  • Bug fix: Collectord can clog the output if cgroupv2 is used, and blkio is not enabled
  • Bug fix: Collectord can crash if default output.splunk is not configured, now it shows the error
  • Bug fix: cleanup the diag, exclude the real license key
  • Bug fix: collectord reports high CPU usage for just started hosts
  • Bug fix: include the values of whitelists and blacklists in diag
  • Bug fix: verify command does not respect glob patterns for Prometheus inputs (certs, tokens)
  • Bug fix: trim spaces in token value for Prometheus inputs
  • Bug fix: fix bug in prometheus metrics parser, empty fields can be filled with previous fields
  • Bug fix: better handle of connections to metrics endpoints exported in Prometheus format
  • Bug fix: http connections improvements for when Splunk is unresponsive
  • Bug fix: verify command can show incorrect error about verifying journald input
  • Bug fix: when event pattern is used for joining multi-line events, the error can not be showed if raised by the input in pipeline.
  • Bug fix: reduce warnings failed to get the new event in pipeline - submitted

5.12.272 - 2019-11-08

Collectord updates:

  • Bug fix: in case when the rotated files are reusing FileID/DevID Collectord stops forwarding rotated files

5.12.271 - 2019-11-07

Collectord updates:

  • Bug fix: when event pattern is used for joining multi-line events, the error can not be showed if raised by the input in pipeline.
  • Bug fix: reduce warnings failed to get the new event in pipeline - submitted
  • Stability improvements

5.12.270 - 2019-10-22

  • Initial release

About Outcold Solutions

Outcold Solutions provides solutions for monitoring Kubernetes, OpenShift and Docker clusters in Splunk Enterprise and Splunk Cloud. We offer certified Splunk applications, which give you insights across all containers environments. We are helping businesses reduce complexity related to logging and monitoring by providing easy-to-use and deploy solutions for Linux and Windows containers. We deliver applications, which help developers monitor their applications and operators to keep their clusters healthy. With the power of Splunk Enterprise and Splunk Cloud, we offer one solution to help you keep all the metrics and logs in one place, allowing you to quickly address complex questions on container performance.