Bug Fixes

Resolves an issue where Bindplane would fail to sync with GitHub for new agent releases. This would disrupt installing an agent.

Users experiencing this issue should upgrade to this version to resolve the issue.

Bug Fixes

Resolves an issue where Bindplane would intermittently render sensitive values as (sensitive) under special conditions.

Users experiencing this issue should upgrade to this version to ensure sensitive values are rendered correctly.

New Features

• UI: Dark Mode theme
• UI: Added support for wildcard searching when using Postgres store or Bindplane Cloud
• Expose cumulative_normalization option in Google Managed Prometheus destination
• Add CORS support to the Bindplane Gateway source
• Add support for sub second polling to Windows Event source
• CLI: Add query, selector, offset, and limit to get configuration command
• Removed embedded batch processor from Kafka destination
• Added metrics support to Splunk HEC destination
• Added send_raw parameter to Netflow source
• Enhanced SQL Query source source to support individual connection string parameters
  • Supports encrypting the password field

Bug Fixes

• CLI: Fixed sort flag for get agents command

Misc

• Increased SecOps destination sending queue consumers to 40
• Default SecOps destination protocol to HTTPS instead of gRPC
  • SecOps always used TLS, however, the API used was the legacy Chronicle gRPC API.

Bug Fixes

This patch release resolves a regression where Bindplane fails to startup if the Postgres database was setup without GRANT CREATE ON DATABASE permissions. This permission is not required if Bindplane is configured to use the public schema.

If you are upgrading from Bindplane v1.89.5 or older, it is recommended that you skip v1.90.1 in favor of v1.90.2. If you upgraded to v1.90.1 and encountered startup errors, upgrade to v1.90.2.

It is recommended that users review the Postgres Configuration for the latest Postgres setup requirements.

1GRANT CREATE ON DATABASE <database name> TO <database user>

New Features

• Update Splunk Observability Cloud destination to support au0, eu1, eu2 regions
• IIS source
  • Optimize filelog receiver configuration to improve performance
  • Add start_at parameter defaulting to end
• OTLP source add cross-origin resource sharing configuration
• New Windows Event Trace source
• New Crowdstrike FDR source
• New Object Storage Batch processor recommendation
• CLI: Add ability to delete agents with selector or query
• Config: User configurable Postgres schema
• Allow collector telemetry port to be specified in Advanced Configuration, defaulting to 8888
• UI: Prevent collectors from attaching to configurations with incompatible components
• UI: Theming overhaul
• Configuration V2 is considered stable and generally available

Bug Fixes

• User Invites: Fix valid email regex
• Prevent large V2 configs from growing out of view
• Prevent long org names from overflowing elements

Misc

• Upgrade to Prometheus v3
• SecOps destination
  • Update default timeout to 90 seconds
  • Increase default override request size limit to 4MB
• OTLP source: Increase default max request size to 20 MiB

Prometheus V3

Bindplane ships with Prometheus v3 as of release v1.90.1. Prometheus is used for storing agent throughput and health metrics. You can learn more about Bindplane's use of Prometheus here.

Stand-alone installations of Bindplane will receive Prometheus v3 when upgrading to Bindplane v1.90.1+. If you are operating Bindplane in High Availability you will need to upgrade your Prometheus instance yourself. See the Prometheus Installation documentation for details.

Bug Fixes

Fixed an issue where Bindplane Collector v1.74.1 telemetry host and port was incorrectly configured.

Users with Kubernetes agents using the Kubernetes Prometheus source should upgrade to this version of Bindplane in order to resolve an issue where the Prometheus receiver fails to scrape the collector's telemetry endpoint.

Users who have modified Bindplane server's advanced.agent.telemetryPort should upgrade to this release as well.

Bug Fixes

Fixed an issue where the AWS S3 Event Source could not be configured.

New Features

• New SQL Query V2 Source
• New AWS S3 Event Source
• New GCS Rehydration Source
• New Netflow Source
• Honeycomb Destination: Support custom endpoint
• Kubernetes Gateway: Support pubsub on k8s gateway
• File Stats Source: Add support for the file.path attribute
• New Max Errors option for agent rollouts
• Apple macOS CLI binary signing and notarization

Bug Fixes

• Add service.instance.id to otel configuration
  • Fixes an issue where SecOps gRPC exporter uses a random ID on every agent reconfiguration or restart
• Allow routing connectors to be saved to the library
• Fix an issue where agent upgrade command required the --version flag

Misc

• Several performance improvements and optimizations

Bug Fixes

• Resolves a stability issue introduced in Bindplane v1.88.1.

New Features

• New Google Cloud Storage Destination
• New System Status page at /status
• New batch processor recommendation when using Google SecOps destination
• Timestamp Parser: Added support for Location and Locale to
• Bindplane Agent source: Added support for toggling on and off metrics groups
• S3 Destination: Added support for storage class and endpoint parameters
• Kubernetes Cluster Agent StatefulSet deployment option
• Azure Blob Rehydration and S3 Rehydration sources are now supported on Kubernetes Cluster Agent when using the StatefulSet deployment option
• Bindplane will now check for configuration compatibility before pushing a configuration to an agent

Bug Fixes

• The get commands --export flag will now omit metadata.id when exporting resources
• Fixed an issue with Configuration V2 routing connector, where the match_once parameter caused rollout failures
• Fixed an issue where the Healthcheck Extension failed when TLS was configured

Misc

• Several Postgres store performance improvements
• Several web interface GraphQL query performance improvements

New Features

• Google Cloud destination supports toggling telemetry types
• New destination Axiom
• New destination Dash0
• New source File Stats
• New source Filelog v2
  • Parsing has been removed in favor of using processors

Bug Fixes

• Kafka Stream source TLS insecure skip verify parameter
• Parse JSON recommendation will no longer appear if marshal processor is in use

Misc

• Removed batch processor from kafka stream source
  • Users should configure their own batch processor if needed

New Features

• Google Enterprise license type

New Features

• TCP, UDP and Syslog multi line support

Bug Fixes

• Deleting a project is prevented if doing so would remove your user from the organization
• Fixed an issue where Google SecOps Standardization recommendation was not displayed if chronicle_log_type was already set

Bug Fixes

• Resolved an issue where rollouts could become "stuck" if an event was dropped due to a network issue

New Features

• New Processors
  • Unroll
  • Split
• OpenShift Gateway Agent
• Web URL configuration option
• Postgres Max Connection Lifetime configuration option
• Splunk Search API source
• Bolt Store to Postgres migration command

Bolt Store to Postgres

Migrating from Bolt Store to Postgres is supported with system authentication.

1sudo BINDPLANE_CONFIG_HOME=/var/lib/bindplane \
2  /usr/local/bin/bindplane migrate-store <new database name> \
3  --config /etc/bindplane/config.yaml

New Beta Features

Beta features are subject to change and can contain bugs. Please use beta features with caution against non critical workloads.

Configuration V2 and Advanced Routing

Bindplane v1.85.0 introduces the new configuration topology with advanced routing capabilities.

Previously, users required the Filter by Condition processor for handling routing between sources and destinations. Now, users can connect sources and destinations explicitly, and avoid duplicating data across multiple destinations.

Existing configurations can be upgraded to to the new v2 topology by using the advanced "Upgrade to v2 beta" option.

Once upgraded, you will need to configure routing from source to destination.

This example shows the routing connector being used to route Prometheus source to Google Managed Prometheus, Kubelet to Google Cloud, and both sources to a Prometheus destination.

New Features

• OIDC Authentication
  • BindPlane web interface now supports OpenID Connect for authentication
• Postgres vacuum command
• Serve font files locally
  • All required fonts are now bundled within the BindPlane binary
• New Copy Field
  • Documentation coming soon!

Bug Fixes

• File source will now work with an empty Log Type parameter value

CLI: Vacuum Command

New commands admin vacuum-analyze to assist in managing your Postgres database. When directed by support, performing a manual Postgres Vacuum can help with performance issues. Generally a manual vacuum is not required.

The commands require system auth.

1$ bindplane admin vacuum-analyze
2
3? WARNING: This command will significantly degrade BindPlane's performance while it runs. Are you sure you want to continue? (y/n) y
4database vacuumed.

New Features

• Added Max Reads and Poll Interval parameters to the Windows Events source
• Added API timeout option to SecOps destination
• Added Parsing Level option to Kubernetes Container Log source
  • SecOps users can now disable parsing to send raw container logs to Google SecOps
• Added Add Attributes and Log Type options to Syslog source
• New delete processor option when viewing processor list in Live Preview
• Agent Configuration Encryption
• New SecOps Standardization processor

Bug Fixes

• Fixed default Azure Event Hub source consumer group name

New Features

• Added timeout option to OTLP and BindPlane Gateway sources
• Parse Timestamp Processor recommendation enhancements
  • Support RFC1123 format
  • Skip recommendation or fields generated by Log Deduplication processor
  • Recommend time parsing for unknown time formats when fields ts, datatime, and timestamp are detected

Bug Fixes

• Resolved an issue where ARM64 builds of BindPlane did not include the correct Transform Agent binary

Misc

• Postgres database migration errors are now saved to the database for simplified troubleshooting

New Features

• New Google SecOps Standardization processor
• New Organizations Usage page for displaying usage for projects within an organization
• Added format option to Azure Event Hub
  • The "raw" format supports arbitrary log data

Bug Fixes

• Deleting the last source from a configuration will no longer cause a blank screen

Bug Fixes

• Resolved an issue where Rename Fields processor would output incorrect field names.
• Resolved an issue where deleted agents would reconnect without their labels, causing them to receive a nop configuration from BindPlane.

Agent Version Compatibility

Bindplane Collector v1.63.0 or newer is not compatible with BindPlane OP server v1.59.1 or older. If you are using BindPlane OP v1.59.1 or older, it is recommended to upgrade to v1.79.0.

It is safe to upgrade from v1.59.1 to v1.79.0. However, if you are on v1.59.0 or older, it is recommended to first upgrade to v1.59.1 and then to v1.79.0.

License

Licenses have always been required when operating BindPlane OP. If a license was not configured, the web interface would prompt for one. As of v1.79.0, new installations of BindPlane OP will require a license key in the configuration file. If you are installing BindPlane OP with the installation script or the Helm chart, no further steps are required.

If you are installing BindPlane OP Linux packages without using the install script, you must run the init command or modify /etc/bindplane/config.yaml to configure a license before starting the service.

New Features

• New Marshal Processor
• New Elasticsearch OTLP Destination
• New v2 Add Field, Rename Field, and Delete field processors
  • Supports OTTL autocomplete
  • Simplified interface
  • v1 Processors have been deprecated, see Deprecated Resources
• Support UDP Async options for UDP and Syslog sources
• Support suppress_rendering_info option for Windows Event Log Source
• Support condition field for Log Deduplication Processor
• Web interface Organization switcher
  • Web interface will now filter projects by Organization

Bug Fixes

• Resolves an issue where Postgres migrations could happen out of order

Deprecated Resources

The following processors have been deprecated and replaced by a version 2 implementation.

• Add Fields v1
• Rename Fields v1
• Delete Fields v1

Deprecated resources are available to users who are already using them within a configuration. It is recommended that you replace your existing processors with the new v2 implementation.

New Features

• Expose Batch processor Options in Kafka Stream source
• Add max_log_size option to TCP and Syslog sources
• Add region option to Google SecOps destination
• Backup Boltstore database on version upgrade
• BindPlane SaaS Web interface support menu
  • SaaS users can interact with support directly from the BindPlane web interface
• Rename Fields processor recommendation
  • Google Cloud and Google Prometheus Engine configurations will recommend the rename fields processor if duplicate attribute and resource keys are detected

Bug Fixes

• Fixed an issue where users could configure two destinations with the same name

Upgrade Notes

Agent Version Support

BindPlane v1.76.0 is required for Bindplane Collector v1.63.0 or newer. Users with BindPlane agent version v1.60.0 or older must upgrade to v1.61.0 or v1.62.0 before upgrading to v1.63.0.

If you are not using the Couchbase source, you can ignore Agent Version Support upgrade notes.

New Features

• Honeycomb Refinery Destination
• Configurable minimum TLS version

Minimum TLS Version

When using TLS, BindPlane defaults to a minimum TLS version of 1.3. Users can opt into TLS 1.2 for supporting client devices that do not support TLS 1.3.

To configured TLS 1.2, update network.tlsMinVersion string value to "1.2".

1network:
2  tlsMinVersion: '1.2'

New Features

• Kafka Source: New advanced options
  • Max Message Bytes
  • Required Acks
  • Flush Max Messages
• New QRadar Destination
• Support OTTL conditions on Sample Logs Processor
• New Delete Fields processor recommendation.
  • Live Preview will recommend the deletion of severity and timestamp fields which were previously parsed to a log record.

Bug Fixes

• Kafka destination will no longer require a mutual TLS keypair when TLS is enabled

New Features

• Filter by Severity Processor: OTTL condition filter
• New Coalesce Processor
• Google Destination: Timeout option
• New parse timestamp processor recommendation
• Ephemeral agent cleanup
  • Support automatic disconnected agent deletion when agents have label ephemeral: true

Bug Fixes

• Coralogix Destination: Fix domain option and add support for USA2 and APAC3 regions
• S3 Destination: Fix file_prefix option
• Fixed an issue where deleting a configuration would not delete rollout history when using Bolt store

New Features

• Add HTTP DataPlane exporter option to SecOps
• Implement custom-message based throughput measurements
  • Agent v1.59.2 or newer throughput metrics are published over OpAMP instead of a dedicated HTTP connection.
• Okta source

Bug Fixes

• Fixed an issue where BindPlane v1.72 would render destinations incorrectly
  • New Relic
  • Sumo Logic
• Fixed an issue where un-linking a resource library source would cause processors to be removed

New Features

• Add NATS Event Bus option to the init command
• Add "Delete After Read" option to File source
• Add resize handles to snapshot console
• Support editing project names in the web interface

Bug Fixes

• Escape backslashes in filter by condition & add fields processors
• Kubernetes agents telemetry port binds to all network interfaces
  • Resolves an issue where agents' metrics port was not reachable by Prometheus scrapers
• Filter duplicate sources and destinations when adding new components to a configuration
• Fixed an issue where customer resources were not available on free edition

New Features

• TCP logs source: Support mutual TLS

Bug Fixes

• Syslog source: Set correct client ca file parameter
• Prometheus destination: Remove duplicate TLS CA certificate option

Other

• BindPlane will prevent a rollout from starting if the configuration is using unlicensed components
  • This can happen when downgrading the license

Bug Fixes

• Add additional sanitation and escaping to the /v1/agent-versions/:version/install-command API endpoint.

New Features

• BindPlane SaaS: Support Multi Factor authentication
  • Email authentication users are urged to opt into MFA
  • Google authentication users can continue to use Google MFA without configuring BindPlane MFA.
• Victoria Metrics destination

SaaS Multi Factor Authentication

Users can opt into multi factor authentication (MFA) by navigating to their project's "Users" tab and selecting the MFA toggle next to their username.

Once the user is enrolled in MFA, MFA will be required for all of the users projects.

Bug Fixes

• Resolved an issue with Bolt Store where agent status was reported incorrectly
• Improve agents table measurements sort performance
• Resolved an issue where mutual TLS would not use the configured certificate for verifying client certificates

Deprecations

Kafka Event Bus for BindPlane High Availability is deprecated, use the built in distributed eventbus. It is simpler to use and does not require additional infrastructure.

Miscellaneous

• Systemd: Increase default max open files from 55,000 to 65,000

New Features

• BindPlane Managed Agent Labels
• Added support for zstd compression to the Sumo Logic destination
• Various Postgresql backend performance improvements

Bug Fixes

• Fixed an issue with the Sumo Logic destination's compression settings
• Fixed an issue where the Summary page could show inaccurate data reduction values

BindPlane Managed Agent Labels

When an agent is connected for the first time, its OpAMP labels will be used as the initial set of labels. Future agent label changes will be stored on the BindPlane server only, they will not be sent to the agent.

This allows BindPlane to be the single source of truth for agent labels and it prevents an agent reconfiguration due to label changes.

New Features

• CLI: Support --selector and --query flags for label agents command
• CLI: New init license command, for updating a Linux server's license
• New CrowdStrike destination

Bug Fixes

• Fixed an issue with the Overview page's performance when working with an extreme amount of agents (> 100,000)
• Fixed an issue where the Google Filter by Regex processor would fail to filter on attributes
• Removed the Resource Detection from Live Preview to prevent confusing results
  • Resource Detection processor functionality should be checked by navigating to an individual agent and selecting "View Recent Telemetry".

Label Agents Command

You can now label agents based on criteria passed to the --selector or --query flags.

1# label agents where the label env has values dev, test, or stage
2bindplane label agents configuration=test --selector 'env in (dev,test,stage)' --overwrite
3
4# label agents where the label env has the value test
5bindplane label agents configuration=test --query 'env:test' --overwrite

Init License Command

A new command is available for updating BindPlane's license. Similar to the init server command, the BindPlane license can be updated by executing the init license command on the BindPlane host.

1sudo BINDPLANE_CONFIG_HOME=/var/lib/bindplane \
2  /usr/local/bin/bindplane init license \
3  --config /etc/bindplane/config.yaml

New Features

• Processor recommendation enhancements
  • When a processor is recommended, the processor node will be highlighted to notify the user.
  • Sumo Logic Windows Events recommendation will add the _sourceCategory and sumo.datasource attributes when sending Windows Events to Sumo Logic.
• Extract Metric Processor enhancements

Bug Fixes

• Resolved an issue where the Overview page could show incorrect agent counts and status for a brief time after server restart

Extract Metric Processor

The new extract metric processor allows multiple metrics to be created in a single processor instance. Improvements on the previous processor include specifying the metric type, using an OTTL autocomplete field for the metric field parameter, and a variety of default units that can be selected from while still allowing custom units to be specified.

Bug Fixes

• Skip client request retry on server 401 status.

New Features

• Configurable Measurement Interval
  • Review the Upgrade Notes for upgrade requirements
• Prometheus Metrics
• CLI Completion Command
• Multiple performance improvements for Postgres and Bolt Store
• Added the ability to specify a selector or query to the /agents/labels endpoint

Bug Fixes

• Fixed Configurations page telemetry sorting

Upgrade Notes

Prometheus

If you are not using BindPlane with high availability, no action is required.

BindPlane High Availability users should upgrade their Prometheus Linux Package. The latest version of the package will contain the new recording rules that enable Configurable Measurement Interval. After upgrading, no further action is required.

If you are managing Prometheus manually, you will need to re-review the documentation. Make sure to update your recording rules.

The new recording rules look like this.

1groups:
2- name: configuration-rollups
3  interval: 1m
4  rules:
5  - record: bindplane_agent_measurements:rollup:rate:1m
6    expr: sum without (agent) (rate(bindplane_agent_measurements{}[1m9s999ms] offset 10s))
7- name: 5m-configuration-rollups
8  interval: 5m
9  rules:
10  - record: bindplane_agent_measurements:rollup:rate:5m
11    expr: sum without (agent) (rate(bindplane_agent_measurements:1m{}[5m59s999ms] offset 10s))
12- name: 1h-configuration-rollups
13  interval: 1h
14  rules:
15  - record: bindplane_agent_measurements:rollup:rate:1h
16    expr: sum without (agent) (rate(bindplane_agent_measurements:15m{}[1h14m59s999ms] offset 10s))

Configurable Measurement Interval

Agents send configuration throughput metrics to BindPlane every 10 seconds. This interval is now configurable, supporting 10s, 1m, and 15m. It is recommended to use 1m or 15m intervals when managing large numbers of agents. At scale, 10s intervals can be responsible for high overhead.

The interval can be set by modifying a configuration's advanced settings. Select the gear icon on and choose "Advanced Configuration Options".

See the Upgrade Notes for important details regarding configurable measurement intervals.

Prometheus Metrics

BindPlane can expose APM metrics using a built-in Prometheus exporter. Metrics are disabled by default and can be enabled by updating your configuration file.

1type: prometheus
2interval: 10s
3prometheus:
4    endpoint: /metrics

CLI Completion Command

The CLI supports shell completion for bash, zsh, fish and powershell. After upgrading your CLI, use the bindplane completion -h command for more information.

New Features

• Add max log size option to Kubernetes Container source
• New Parse Severity processor
  • Supports flexible parsing, such as parsing HTTP status codes.
  • Parse Severity v1 has been deprecated and should be replaced by the new processor.
• New command bindplane init auth for updating the BindPlane server's authentication configuration

Bug Fixes

• Fail to save resources if all pipelines are disabled
  • The web interface will not allow you to save a resource that does not have logs, metrics, or traces enabled.

Bug Fixes

• Fix rendering Windows Events sources using remote collection and custom channels.

New Features

• Support multi line Kubernetes container logs
• Add remote option to Windows events log

Bug Fixes

• Fix deleting a Library Source from configuration

New Features

• New init ldap CLI command, for configuring and migrating authentication to ldap

Bug Fixes

• Return 401 for missing account header (measurements)
• Enforce NATS mutual TLS
• Conditional Builder Regex escaping
  • See Upgrade Procedure section.

Init LDAP

When operating BindPlane OP on Linux, you can migrate to LDAP by executing the following command on the Linux server.

1sudo BINDPLANE_CONFIG_HOME=/var/lib/bindplane \
2    /usr/local/bin/bindplane init ldap \
3    --config /etc/bindplane/config.yaml

The command will prompt for your ldap server information, and migrate your BindPlane accounts to the new authentication mechanism.

Upgrade Procedure

After upgrading to BindPlane v1.62.0, review your configurations for pending rollouts. Update any configurations that contain processors with conditions built using the condition builder. Previous versions of BindPlane will have required the user to handle regex escaping on their own. v1.62.0 handles the escaping for you, however, existing conditions will need to be updated to take this into account.

New Features

• NATS Event Bus
• Filter By Regex processor, available for Google licenses
• Agent's page is now sortable by labels
• SQL Query Source

Bug Fixes

• Add validation to guard against applying resources without metadata.name
• Correctly handle deleting multiple configs
• Handle duplicating configs without a current version

Other

• Rebrand Google Chronicle to Google SecOps

NATS Event Bus

Enterprise users operating BindPlane in High Availability can now use the NATS Event Bus. The NATS Event Bus eliminates the need for an external event bus such as Google Pub/Sub or Apache Kafka.

New Features

• Support setting agent metrics port with global config option
• OpAMP agent authentication configuration

Bug Fixes

• Fix transform processor in Couchbase source
• Fix small rollout segment width when configurations have a low agent count

Other

• Optimize agents GraphQL queries
• Return 452 status when there is no license for the organization
• Include error in log for BindPlane Transform Agent process
• Upgrade to opamp-go v0.15.0

Agent Metrics Port

Agents managed by BindPlane expose metrics on TCP port 8888 by default. The port is now configurable using a global setting. Modifying the port will affect all agents.

The BindPlane configuration file's advanced section can be updated to include the agent.telemetryPort option.

1advanced:
2  agent:
3    telemetryPort: 8888

Modifying advanced options should be considered an advanced operation, and is not recommended unless guided by BindPlane support.

OpAMP Authentication

A new configuration section agents allow users to configure OpAMP authentication. Currently, secretKey is the only supported authentication type. It supports one or more headers. In this example, the BindPlane control plane will check for X-Bindplane-Authorization first and then Authorization if the first header is not present.

1agents:
2  auth:
3    type: secretKey
4    secretKey:
5      headers: 
6      - X-Bindplane-Authorization
7      - Authorization

Modifying the agent authentication options should be considered an advanced operation, and is not recommended unless guided by BindPlane support.

New Features

• Organizations and Projects
• New Kubernetes Prometheus source
  • Detect and scrape Prometheus exporters using Prometheus Kubernetes service discovery.

Bug Fixes

• Google Cloud destination: Set location resource if not already set
  • Resolves an issue where Google rejects metric types that require a location.
• Audit log CSV exporter now respects users timezone
• Require configuration match labels
  • If match labels are not present, configuration=<configuration name> will be added automatically when creating a configuration using the API.

Other

• Agent's telemetry port 8888 will now bind to localhost on Linux, Windows, and macOS.
• Deprecated Filter by Field processor in favor of Filter by Condition processor

Organizations and Projects

Starting in 1.59 each deployment of BindPlane OP will have a new top-level Organization made up of all the previous existing Accounts on the deployment. Accounts will now be referred to as Projects, which still contain all of the Agents and Resources associated with the account.

Some things to note:

• Any previous Admin level users now also receive the Organization Admin role. Organization admins can see all projects in an organization and any user that uses those projects.
• Organization Admins can access the new Organization page found in the settings menu.
• New Project creation is now limited to Organization Admins only.

New Features

• Add metrics support to bindplane-agent source
• Progressive Rollouts

Bug Fixes

• Support nested fields in Add fields processor

Progressive Rollouts

With Progressive Rollouts you can now deploy your configuration changes incrementally, one stage at a time. Tag specific agents as belonging to dev, stage, and prod environments and then BindPlane will pause the rollout after it completes each stage.

The stages themselves are entirely configurable, so you can create the exact rollout that works best for your environment.

Get started

New Features

Updated telemetry displayed in the Edit Processors (Live Preview) dialog to show more detail.

• Log
  • Added fields
    • observed_time
    • severity_number
    • severity_text
    • span_id.string
    • trace_id.string
• Metrics
  • Support for histogram and exponential histogram metrics
  • Added fields
    • value_int
    • value_double
    • quantile_values
    • explicit_bounds
    • bucket_counts
    • count
    • sum
    • description
    • type
    • aggregation_temporality
    • is_monotonic
• Traces
  • Added fields
    • span_id.string
    • parent_span_id
    • trace_id.string
    • kind
    • kind.string
    • status.code
    • status.message

New Features

• Additional TLS options for Postgres
• An option to change the default gRPC max incoming message size on the OTLP and Bindplane Gateway sources
• Storing attributes specified on OpAMP AgentDescription
• Additional processor recommendations for parsing sev, severity field
• Better visibility of deleted telemetry fields in Live Preview

Fixes

• Delete fields properly deletes nested fields

New Features

• New AWS S3 Rehydration Source
• New Filter By Condition Processor
• Additional MYSQL Source Metrics
• Add date picker to Azure Blob Rehydration source

AWS S3 Rehydration Source

v1.55.0 adds a new source for rehydrating data stored in an AWS S3 bucket. Read the source documentation here.

Filter By Condition Processor

Filter By Condition is a new processor introduced in v1.55.0. It can be used to include or exclude telemetry based on a condition that is evaluated against the telemetry data. Read the processor documentation here.

New Features

• New nop destination
• Processor Recommendations
• Secret key management

Processor Recommendations

v1.54.0 introduces processor recommendations. BindPlane will recommend processors when viewing Live Preview.

The initial release recommendation feature set includes the following recommendations:

• Parse Log Body as JSON
• Parse Severity
• Remove Debug Logs
• Remove Empty Values

Secret Key Management

New CLI command for rotating secret keys. Run bindplane secret --help for details.

1Manage secret keys
2
3Usage:
4  bindplane secret [command]
5
6Available Commands:
7  add         Add secret key
8  default     Set default secret key
9  delete      Delete secret key
10  get         Get secret keys

New Features

• New Telemetry Selector for components that support multiple telemetry types
• Chronicle destinations are now supported when using a Google license

Fixes

• Improved agent heartbeat
  • Resolves an issue where agents could become disconnected when using a Kubernetes Service mesh such as Istio

New Features

• New processor Condition Builder
  • Easily create OTTL conditions for most processors
  • See Upgrade and Downgrade for upgrade considerations
• New Gateway source and destination
• Add force_flush_period and max_log_size parameters to file log source

Upgrade and Downgrade

Downgrades from 1.52.0 to previous versions of BindPlane are not supported if you make use of the new OTTL condition builder feature. BindPlane 1.52.0 introduces a new parameter type that will not render

Condition Builder

The new condition builder allows the user to easily create OTTL.

Bug Fixes

• Minor UI fixes

New Features

• New Resource Detection processor. The previous processor is deprecated, with this new one matching OTel capabilities.
  • New Detectors:
    • Consul
    • AWS EKS
    • Kubernetes
    • OpenShift
  • Adds support for user-provided list of detectors
• Synthetic Telemetry Generator Source Type

Bug Fixes

• Various fixes for large-scale environments (100k agents)
• Fix for connected agents sometimes appearing as disconnected in the UI

Other

• Improvements to resource display in Configuration topology

New Features

• Agent labeling
• New Logstash source

Labels

We added new functionality that allows users to assign custom labels to agents. Agent labels can be managed either individually or in bulk. To manage labels individually, users can click on the labels in the details of the agent. To manage labels in bulk, users can select multiple agents from the agents table and click the new “Manage Labels” button that will appear. In addition to this, labels are now displayed in the agents table. If labels are truncated in this view, users can use the hover interaction to display all labels.

Bug Fixes

• VMware vCenter: Resolved an issue where disabling TLS verification would not work
• Move Fields Processor: Fixed OTTL exists condition

New Features

• Splunk HEC source support for Kubernetes Gateway
• Parse XML processor
• Initial support for OpenTelemetry Contrib collector
  • See Connecting Other OpenTelemetry Collectors Using the OpAMP Extension

Bug Fixes

• Corrupted concurrent downloads of offline agent updates
• Prevent scroll jitter in snapshot console

New Features

• Resource Library adds the ability to unlink Sources and Processors
• Application onboarding
• Determining Agent capabilities from OpAMP

New Features

• New Resource Library page for reusable Sources, Destinations, and Processors.
• New Destination: Azure Monitor
• New Destination: Snowflake
• New Processor: Parse CSV
• New Processor: Key Value processor
• Add endpoint parameter to Honeycomb Destination.

Upgrade Notes

As of 1.46.0, Prometheus is required to store agent throughput measurements. Throughput measurement support has been removed from Bolt Store and PostgreSQL.

Single-instance users do not need to take action. BindPlane will spawn a Prometheus sub-process automatically.

High-availability users will need to make sure Prometheus is configured in their environment. Documentation for configuring Prometheus in a BindPlane HA architecture can be found here.

Helm users should upgrade to chart version 1.2.0. Consult the chart release notes before upgrading. Once upgraded to Chart version 1.2.0, it is safe to upgrade to Chart version 1.2.1, which contains BindPlane v1.46.0.

New Features

• Added Splunk TCP source to Kubernetes Gateway Agent
• Added Encoding param to Kafka destination
• Added Optional Path Prefix parameter to OTLP HTTP
• New Lookup Table processor
• Agent health monitoring
• Terraform Provider: Added support for Extensions

Bug Fixes

• Added missing TLS options to CLI

New Features

• New Dynatrace Destination

New Features

• Introduced search capability to processor live preview and agent recent telemetry
• Added support for metrics to Azure Event Hub Source
• Added TLS server name override option to OTLP destination

Bug Fixes

• Removed compression option from Splunk Cloud destination
  • Compression is always enabled

Bug Fixes

Fixes an issue where changing the system account username would cause the user to lose access to their account.

It is recommended that all users upgrade from 1.43.0 to 1.43.1.

New Features

• Introduced the ability to delete old summary rollups to improve system performance and data management.

Bug Fixes

• Fix an issue where unavailable processors were shown as available for Google Edition

Other

• BindPlane OP Server architecture docs
• BindPlane OP HA Prometheus Linux Packages docs

New Features

• Azure Event Hub Source

Bug Fixes and Improvements

• Improved OpAMP debugging

Migration Notes

This release includes a change that will break future downgrade compatibility for users with a single account boltstore installation of BindPlane. Before upgrading, those users should create a backup of their storage file, which can be used in the event of a downgrade.*

To downgrade, those users should follow these steps:

1. Stop the BindPlane service
2. Replace the storage file with the backed-up version
3. Restart the BindPlane service

Changes made after upgrading will not be persisted when performing this downgrade.

* If, instead, BindPlane is configured with either multi-account or postgres, this release is backward compatible and no action is needed to downgrade safely. BindPlane is multi-account if accounts.enable is true in its configuration:

1accounts:
2  enable: true

New Features

• New destinations
  • Observe, Inc
  • Chronicle Forwarder
• Source changes
  • TCP Logs: Added new encoding option

Bug Fixes and Improvements

• Resolved an issue where Prometheus backed agent measurements were inconsistent in some cases
  • See the Upgrade Procedure notes for upgrade information

Upgrade Procedure

Prometheus

Agent measurement values will be inconsistent in some situations. Upgrading to v1.41.0 solves this issue.

If you are using BindPlane's built in Prometheus service, no action is required. If you are unsure, generally this means your BindPlane server is managing it's own Prometheus service behind the scenes. You can skip this procedure.

If you are using a self managed Prometheus instance for your measurements backend, you must update your Prometheus recording rule at /etc/prometheus/rules.yml.

1groups:
2- name: configuration-rollups
3  interval: 1m
4  rules:
5  - record: bindplane_agent_measurements:rollup:rate:1m
6    expr: sum without (agent) (rate(bindplane_agent_measurements{}[1m9s999ms] offset 10s))

Once updated, restart the service.

1sudo systemctl restart prometheus

New Features

• UI will link out to resource (source, destination, processor, extension) documentation when viewing a given resource.
• Add Compression Param to Chronicle
• Support headers for http protocol on OTLP exporters
• Extension: Go Performance Profiler (pprof)
• Extension: Health Check

Bug Fixes and Improvements

• Improved live preview loading times

New Features

• Summary Page Beta
• Updated Configuration Editing flow
• Kubernetes Gateway agent installation as deployment
• File Source sort by mtime option.
• Extension Audit Events
• Automatic removal of unused deprecated resources
• Improved error messages for CLI

New Features

• Amazon Managed Prometheus destination
• Honeycomb destination
• Rename metric processor
• Add sort by mtime option to file source
• Extensions UI
• Added TTL parameter to ClickHouse destination
• Include support bundle script in releases
  • See /var/lib/bindplane/scripts/create-support-bundle.sh after upgrading

New Features

• ClickHouse Destination Type
• Jaeger OTLP Destination Type
• Sumo Logic Destination Type
• HTTPCheck Source Type
• Extension Support
• Optional Prometheus measurements database, promising much faster and more reliable measurements

Bug Fixes

• Ongoing UI polish
• Severity processor now handles numeric values
• Deleting configuration doesn’t leave zombie agents
• Named source measurement fixes
• Unmasking sensitive parameters in sources