Releases: draios/sysdig
Releases · draios/sysdig
0.19.0
New features
- Add per-cpu counters when a tracepoint is hit [#947]
Bug fixes
mq_unlinksyscall reports asptrace[#927]- Fixed copy-paste typo [#946]
- expose the event masking/unmasking mechanism at the inspector level [#951]
- Fix targetViewFilter for "Accessed Files" in wsysdig_summary chisel [#952]
- Various improvements and fixes for Sysdig Inspect
0.18.0
New features
- Changed language of CLA to also cover government contributions [#902]
- Support mapped container docker networking mode, currently used by k8s pods [#922]
- Allow an external event capture dumper object to be used together with an inspector object [#912]
- Handle reading large execve args/env that might otherwise cause a page fault [#920]
- Add container events (container start/stop/etc) to capture files. In the future, will also be used for orchestrator information. [#935]
- Add the executable path as a filterable/displayable item
proc.exepath[#845] [#934] - Small README changes [#936]
- Support additional flags to
clone()syscall [#909] - Support page faults as events [#904]
- Support for upcoming visualization product [#931]
Bug fixes
- Compilation fixes for sysdig monitor agent [#942]
- Fix minor problems found by valgrind [#938]
- Fix crash when reading large messages from docker daemon [#932]
- Better cleanup of failed installation of the sysdig driver under coreos [#926]
- Ensure that a parent's ptid is set when an execve fills in information on a new process [#914]
- Fix IN operator so it works with non-string values [#913]
- fix compile errors with newer versions of libcurl [#895] [#911]
- fix compile errors when O_DIRECTORY not defined [#907]
- Use session id, not process group id, for proc.sid [#904] [#905]
- Small docs fixes related to
container.mount.*[#901] - Update installation script to use latest version of EPEL repository [#897]
0.17.0
0.16.0
New features
- Support for Kernel 4.11
sysdig -Nis now the default option, server port decoding can be reenabled with-R- Decode
unsharesyscall
Bug fixes
- Fix rkt detection for containers created before sysdig runs
- Fix container detection if docker itself is running inside a container
- Fix detection of lxc containers
- Fix compilation issues on RHEL5
- Fix memory leak on
spy_userschisel
0.15.1
0.15.0
New Features
- Support for Linux Kernel 4.10
- Use
/proc/<pid>/statusinstead of custom ioctl to get process vpid for kernels >= 4.1
Bug fixes
- Various fixes on Kubernetes ingestion
- Fix some happening deadlocks in the driver when
ioctlwere exiting with error - Fix mkdir and rmdir events, they were skipped in case of page faults
- Bugfix on
topports_serverchisel - Avoid some cases of infinite loop when evaluating filters like
proc.aname
0.14.0
New Features
- JSON output is not: an object per event separated by newline, instead of objects inside array as before.
- New filter
proc.pcmdline, which represents the full command line (proc.name + proc.args) of the parent of the process generating the event
Bug fixes
- Updated embedded OpenSSL, CURL and jq to address security issues
- Fixes for kernel version 4.9.3
- Improved detection of Mesos containers
- fix compilation with
HAS_CAPTUREdisabled on Linux - Fixes for merged captures support
0.13.0
0.12.1
0.12.0
New features
- New filters
container.mount.*to match container mount points - New filter
container.privilegedto match containers running in privileged mode - Support latest kubernetes features:
k8s.deployment.*andk8s.rs.*filters are now available - Added
globoperator for strings, works as classic shell glob path matcher - Added
pmatchoperator - Add
lesspackage on docker image
Bug fixes
- Fix memory allocation of
PPM_IOCTL_GET_PROCLIST, caused csysdig crashes in certain cases - Now sysdig compiles on PPC64
- Install script fixes for EPEL and Unbreakable kernel
- Navigation issues on csysdig