Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

2.28.0 #555

Merged
merged 1 commit into from
Jul 27, 2023
Merged

2.28.0 #555

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
80 changes: 61 additions & 19 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,39 +1,81 @@
# Changelog

## 2.28.0 - 2023-07-18
#### New
- New output: **Redis** ([PR#396](https://github.com/falcosecurity/falcosidekick/pull/396) thanks to [@pandyamarut](https://github.com/pandyamarut))
- New output: **Telegram** ([PR#431](https://github.com/falcosecurity/falcosidekick/pull/431) thanks to [@zufardhiyaulhaq](https://github.com/zufardhiyaulhaq))
- New output: **N8N** ([PR#462](https://github.com/falcosecurity/falcosidekick/pull/462))
- New output: **Grafana OnCall** ([PR#470](https://github.com/falcosecurity/falcosidekick/pull/470))
- New output: **OpenObserve** ([PR#509](https://github.com/falcosecurity/falcosidekick/pull/509))

Issif marked this conversation as resolved.
Show resolved Hide resolved
#### Enhancement
- Add `output` in the description annotation for `AlertManager` output ([PR#341](https://github.com/falcosecurity/falcosidekick/pull/478))
- Allow to set the http method for `Webhook` output ([PR#399](https://github.com/falcosecurity/falcosidekick/pull/399))
- Add `hostname` as prometheus label ([PR#420](https://github.com/falcosecurity/falcosidekick/pull/420) thanks to [@Lowaiz](https://github.com/Lowaiz))
- Allow to replace the brackets ([PR#421](https://github.com/falcosecurity/falcosidekick/pull/421))
- Allow to set custom http headers for `Loki`, `Elasticsearch` and `Grafana` outputs ([PR#428](https://github.com/falcosecurity/falcosidekick/pull/428))
- Add `hostname`, `tags`, `custom` and `templated fields` for `TimescaleDB` output ([PR#438](https://github.com/falcosecurity/falcosidekick/pull/438) thanks to [@hileef](https://github.com/hileef))
- Allow to set thresholds for the dropped events in `AlertManager` ouput ([PR#439](https://github.com/falcosecurity/falcosidekick/pull/439) thanks to [@Lowaiz](https://github.com/Lowaiz))
- Match the `priority` with `AlertManager` severity label ([PR#440](https://github.com/falcosecurity/falcosidekick/pull/440) thanks to [@Lowaiz](https://github.com/Lowaiz))
- Add `rolearn` and `externalid` for the assume role for `AWS` outputs ([PR#494](https://github.com/falcosecurity/falcosidekick/pull/494))
- Allow to set the `region` for `PagerDuty` output ([PR#500](https://github.com/falcosecurity/falcosidekick/pull/500))
- Add TLS option + rewrite send method for the `SMTP` output ([PR#502](https://github.com/falcosecurity/falcosidekick/pull/502))
- Add attributes to `GCP PubSub` messages ([PR#505](https://github.com/falcosecurity/falcosidekick/pull/505) thanks to [@annadorottya](https://github.com/annadorottya))
- Add option for TLS and mTLS for the server ([PR#508](https://github.com/falcosecurity/falcosidekick/pull/508) thanks to [@annadorottya](https://github.com/annadorottya))
- Add setting to auto create the `Kafka` topic ([PR#554](https://github.com/falcosecurity/falcosidekick/pull/554))
- Add option to deploy a HTTP only server for specific endpoints ([PR#565](https://github.com/falcosecurity/falcosidekick/pull/565) thanks to [@annadorottya](https://github.com/annadorottya))
- Support multiple bootstrap servers for `Kafka` output ([PR#571](https://github.com/falcosecurity/falcosidekick/pull/571) thanks to [@ibice](https://github.com/ibice))
- Add option for TLS for `Kafka` output ([PR#574](https://github.com/falcosecurity/falcosidekick/pull/574))

#### Fix
- Fix error handling in `AWS Security Lake` output ([PR#390](https://github.com/falcosecurity/falcosidekick/pull/390))
- Fix breaking brackets in `AWS SNS` messages ([PR#419](https://github.com/falcosecurity/falcosidekick/pull/419))
- Fix setting name for the table of `TimescaleDB` output ([PR#426](https://github.com/falcosecurity/falcosidekick/pull/426) thanks to [@alika](https://github.com/alika))
- Fix cardinality issue with prometheus labels ([PR#427](https://github.com/falcosecurity/falcosidekick/pull/427))
- Fix panic when assert output fields which are nil ([PR#429](https://github.com/falcosecurity/falcosidekick/pull/429))
- Fix dependencies for `Wavefront` output ([PR#432](https://github.com/falcosecurity/falcosidekick/pull/432))
- Fix key pattern for `AWS Security Lake` output ([PR#447](https://github.com/falcosecurity/falcosidekick/pull/447))
- Fix default settings for `Telegram` output ([PR#495](https://github.com/falcosecurity/falcosidekick/pull/495) thanks to [@schfkt](https://github.com/schfkt))
- Fix URL generation for `Spyderbat` output ([PR#506](https://github.com/falcosecurity/falcosidekick/pull/506) thanks to [@bc-sb](https://github.com/bc-sb))
- Fix nil values in `Spyderbat` output ([PR#527](https://github.com/falcosecurity/falcosidekick/pull/527) thanks to [@spider-guy](https://github.com/spider-guy))
- Fix duplicated headers in `SMTP` output ([PR#528](https://github.com/falcosecurity/falcosidekick/pull/528) thanks to [@apsega](https://github.com/apsega))
- Fix missing trim for names and values of labels for `AlertManager` output ([PR#563](https://github.com/falcosecurity/falcosidekick/pull/563) thanks to [@Lowaiz](https://github.com/Lowaiz))
- Fix missing returned errors for `Kafka` output ([PR#573](https://github.com/falcosecurity/falcosidekick/pull/573))

## 2.27.0 - 2022-12-13
#### New
- New output: **Yandex Data Streams** ([PR#336](https://github.com/falcosecurity/falcosidekick/pull/336) thanks to [@preved911](https://github.com/preved911))
- New output: **Node-Red** ([PR#337](https://github.com/falcosecurity/falcosidekick/pull/337)
- New output: **MQTT** ([PR#338](https://github.com/falcosecurity/falcosidekick/pull/338)
- Templated fields: custom fields generated with Go templates ([PR#350](https://github.com/falcosecurity/falcosidekick/pull/350)
- New output: **Zincsearch** ([PR#360](https://github.com/falcosecurity/falcosidekick/pull/360)
- New output: **Gotify** ([PR#362](https://github.com/falcosecurity/falcosidekick/pull/362)
- New output: **Node-Red** ([PR#337](https://github.com/falcosecurity/falcosidekick/pull/337))
- New output: **MQTT** ([PR#338](https://github.com/falcosecurity/falcosidekick/pull/338))
- Templated fields: custom fields generated with Go templates ([PR#350](https://github.com/falcosecurity/falcosidekick/pull/350))
- New output: **Zincsearch** ([PR#360](https://github.com/falcosecurity/falcosidekick/pull/360))
- New output: **Gotify** ([PR#362](https://github.com/falcosecurity/falcosidekick/pull/362))
- New output: **Spyderbat** ([PR#368](https://github.com/falcosecurity/falcosidekick/pull/368) thanks to [@spyder-kyle](https://github.com/spyder-kyle))
- New output: **Tekton** ([PR#371](https://github.com/falcosecurity/falcosidekick/pull/371)
- New output: **Tekton** ([PR#371](https://github.com/falcosecurity/falcosidekick/pull/371))
- New output: **TimescaleDB** ([PR#378](https://github.com/falcosecurity/falcosidekick/pull/378) thanks to [@jagretti](https://github.com/jagretti))
- New output: **AWS Security Lake** ([PR#387](https://github.com/falcosecurity/falcosidekick/pull/387)
- New output: **AWS Security Lake** ([PR#387](https://github.com/falcosecurity/falcosidekick/pull/387))

#### Enhancement
- `SMTP` output now uses any SASL auth mechanism ([PR#341](https://github.com/falcosecurity/falcosidekick/pull/341) thanks to [@Lowaiz](https://github.com/Lowaiz))
- Bind `Policy Reports` to Namespace by `ownerReference` ([PR#346](https://github.com/falcosecurity/falcosidekick/pull/346)
- Bind `Policy Reports` to Namespace by `ownerReference` ([PR#346](https://github.com/falcosecurity/falcosidekick/pull/346))
- Add extra labels and annotations for `AlertManager` payloads ([PR#347](https://github.com/falcosecurity/falcosidekick/pull/347) thanks to [@Lowaiz](https://github.com/Lowaiz))
- Update default type for `Elasticsearch` documents ([PR#349](https://github.com/falcosecurity/falcosidekick/pull/349)
- Support env vars in custom fields ([PR#353](https://github.com/falcosecurity/falcosidekick/pull/353)
- Update format + default endpoint for `Loki` output ([PR#356](https://github.com/falcosecurity/falcosidekick/pull/356)
- Determine resource names + owner ref for `Policy Reports` ([PR#358](https://github.com/falcosecurity/falcosidekick/pull/358)
- Update `Influxdb` output to use API Token and /api/v2 endpoint ([PR#359](https://github.com/falcosecurity/falcosidekick/pull/359)
- Allow to override the `Slack` channel ([PR#366](https://github.com/falcosecurity/falcosidekick/pull/366)
- Add From, To and Date headers in `SMTP` payload ([PR#364](https://github.com/falcosecurity/falcosidekick/pull/364)
- Improve the check of the payload from `Falco`, it allows now to have an empty output ([PR#372](https://github.com/falcosecurity/falcosidekick/pull/372)
- Update default type for `Elasticsearch` documents ([PR#349](https://github.com/falcosecurity/falcosidekick/pull/349))
- Support env vars in custom fields ([PR#353](https://github.com/falcosecurity/falcosidekick/pull/353))
- Update format + default endpoint for `Loki` output ([PR#356](https://github.com/falcosecurity/falcosidekick/pull/356))
- Determine resource names + owner ref for `Policy Reports` ([PR#358](https://github.com/falcosecurity/falcosidekick/pull/358))
- Update `Influxdb` output to use API Token and /api/v2 endpoint ([PR#359](https://github.com/falcosecurity/falcosidekick/pull/359))
- Allow to override the `Slack` channel ([PR#366](https://github.com/falcosecurity/falcosidekick/pull/366))
- Add From, To and Date headers in `SMTP` payload ([PR#364](https://github.com/falcosecurity/falcosidekick/pull/364))
- Improve the check of the payload from `Falco`, it allows now to have an empty output ([PR#372](https://github.com/falcosecurity/falcosidekick/pull/372))
- Allow to set user and api key for `Loki` output for `Grafana Logs` ([PR#379](https://github.com/falcosecurity/falcosidekick/pull/379)
- Add `hostname` in json payload for all outputs ([PR#383](https://github.com/falcosecurity/falcosidekick/pull/383) thanks to [@Lowaiz](https://github.com/Lowaiz))
- Add SASL authentication for `Kafka` output ([PR#385](https://github.com/falcosecurity/falcosidekick/pull/385) thanks to [@Lowaiz](https://github.com/Lowaiz)) and [@lyoung-confluent](https://github.com/lyoung-confluent))
- Support CEF format for `Syslog` output ([PR#386](https://github.com/falcosecurity/falcosidekick/pull/386)
- Allow to disable STS check for `AWS` output ([PR#387](https://github.com/falcosecurity/falcosidekick/pull/387)
- Support CEF format for `Syslog` output ([PR#386](https://github.com/falcosecurity/falcosidekick/pull/386))
- Allow to disable STS check for `AWS` output ([PR#387](https://github.com/falcosecurity/falcosidekick/pull/387))

#### Fix
- Fix `priority` label was replaced by `source` in `AlertManager` payload ([PR#340](https://github.com/falcosecurity/falcosidekick/pull/340) thanks to [@tks98](https://github.com/tks98))
- Fix missing cert checks + fix inverted logic to use them in codebase ([PR#345](https://github.com/falcosecurity/falcosidekick/pull/345)
- Fix missing cert checks + fix inverted logic to use them in codebase ([PR#345](https://github.com/falcosecurity/falcosidekick/pull/345))
- Fix race condition when headers are added to POST requests ([PR#380](https://github.com/falcosecurity/falcosidekick/pull/380) thanks to [@bc-sb](https://github.com/bc-sb))

## 2.26.0 - 2022-06-18
Expand Down