Download the release on GitHub.
Features
Section titled “Features”Add a nix package expression for VAST
Section titled “Add a nix package expression for VAST”For users of the Nix package manager, expressions have
been added to generate reproducible development environments with nix-shell.
Changes
Section titled “Changes”Revert “Annotate schemas with
Section titled “Revert “Annotate schemas with”Hash indices have been disabled again due to a performance regression.
Remove default option for historical queries
Section titled “Remove default option for historical queries”The option --historical for export commands has been removed, as it was the
default already.
By @dominiklohmann in #754.
Update VAST for Apache Arrow 0.16
Section titled “Update VAST for Apache Arrow 0.16”VAST now supports (and requires) Apache Arrow >= 0.16.
By @dominiklohmann in #751.
Add a nix package expression for VAST
Section titled “Add a nix package expression for VAST”The build system will from now on try use the CAF library from the system, if one is provided. If it is not found, the CAF submodule will be used as a fallback.
Allow for separating persistent state and log directories
Section titled “Allow for separating persistent state and log directories”The option --directory has been replaced by --db-directory and
log-directory, which set directories for persistent state and log files
respectively. The default log file path has changed from vast.db/log to
vast.log.
By @dominiklohmann in #758.
Bug Fixes
Section titled “Bug Fixes”Continuous import of Zeek logs in VAST is broken
Section titled “Continuous import of Zeek logs in VAST is broken”Continuously importing events from a Zeek process with a low rate of emitted events resulted in a long delay until the data would be included in the result set of queries. This is because the import process would buffer up to 10,000 events before sending them to the server as a batch. The algorithm has been tuned to flush its buffers if no data is available for more than 500 milliseconds.