Download the release on GitHub.
Features
Section titled “Features”Add support for per-plugin configuration files
Section titled “Add support for per-plugin configuration files”Plugins load their respective configuration from
<configdir>/vast/plugin/<plugin-name>.yaml in addition to the regular
configuration file at <configdir>/vast/vast.yaml. The new plugin-specific file
does not require putting configuration under the key plugins.<plugin-name>.
This allows for deploying plugins without needing to touch the
<configdir>/vast/vast.yaml configuration file.
By @dominiklohmann in #1724.
Optionally read environment variable for VAST endpoint
Section titled “Optionally read environment variable for VAST endpoint”It’s now possible to configure the VAST endpoint as an environment variable
by setting VAST_ENDPOINT. This has higher precedence than setting
vast.endpoint in configuration files, but lower precedence than passing
--endpoint= on the command-line.
By @rolandpeelen in #1714.
Rework the plugin loading logic
Section titled “Rework the plugin loading logic”The options vast.plugins and vast.plugin-dirs may now be specified on the
command line as well as the configuration. Use the options --plugins and
--plugin-dirs respectively.
Add the reserved plugin name bundled to vast.plugins to enable load all
bundled plugins, i.e., static or dynamic plugins built alongside VAST, or use
--plugins=bundled on the command line. The reserved plugin name all causes
all bundled and external plugins to be loaded, i.e., all shared libraries
matching libvast-plugin-* from the configured vast.plugin-dirs.
By @dominiklohmann in #1703.
Add option for configurable post-start hooks
Section titled “Add option for configurable post-start hooks”The new option vast.start.commands allows for specifying an ordered list of
VAST commands that run after successful startup. The effect is the same as first
starting a node, and then using another VAST client to issue commands. This is
useful for commands that have side effects that cannot be expressed through the
config file, e.g., starting a source inside the VAST server that listens on a
socket or reads packets from a network interface.
By @dominiklohmann in #1699.
Changes
Section titled “Changes”Rework the plugin loading logic
Section titled “Rework the plugin loading logic”VAST no longer loads static plugins by default. Generally, VAST now treats static plugins and bundled dynamic plugins equally, allowing users to enable or disable static plugins as needed for their deployments.
By @dominiklohmann in #1703.
PRs 1721-1734
Section titled “PRs 1721-1734”VAST merges lists from configuration files. E.g., running VAST with
--plugins=some-plugin and vast.plugins: [other-plugin] in the
configuration now results in both some-plugin and other-plugin being
loaded (sorted by the usual precedence), instead of just some-plugin.
By @dominiklohmann in #1721.
Change chat from Gitter to Slack
Section titled “Change chat from Gitter to Slack”The VAST community chat moved from Gitter to Slack. Join
us in the #vast channel for vibrant discussions.
Remove support for building without Arrow
Section titled “Remove support for building without Arrow”Apache Arrow is now a required dependency. The previously deprecated build
option -DVAST_ENABLE_ARROW=OFF no longer exists.
By @dominiklohmann in #1683.
Fixup repository-internal symlinks in Dockerfile
Section titled “Fixup repository-internal symlinks in Dockerfile”The tenzir/vast Docker image bundles the PCAP plugin.
By @dominiklohmann in #1705.
Bug Fixes
Section titled “Bug Fixes”Fix log rotation threshold option
Section titled “Fix log rotation threshold option”The vast.log-rotation-threshold option was silently ignored, causing VAST to
always use the default log rotation threshold of 10 MiB. The option works as
expected now.
By @dominiklohmann in #1709.
Fix a bunch of smaller issues
Section titled “Fix a bunch of smaller issues”Building plugins against an installed VAST no longer requires manually
specifying -DBUILD_SHARED_LIBS=ON. The option is now correctly enabled by
default for external plugins.
By @dominiklohmann in #1697.
Remove dead condition and fix Docker release tags
Section titled “Remove dead condition and fix Docker release tags”Additional tags for the tenzir/vast
Docker image for the release versions exist, e.g., tenzir/vast:2021.05.27.
Fix shutdown hang in sources on SIGTERM/SIGINT
Section titled “Fix shutdown hang in sources on SIGTERM/SIGINT”Import processes no longer hang on receiving SIGINT or SIGKILL. Instead, they shut down properly after flushing yet to be processed data.
By @dominiklohmann in #1718.
Make unix dgram metrics sink connectionless
Section titled “Make unix dgram metrics sink connectionless”The UDS metrics sink continues to send data when the receiving socket is recreated.
Handle arbitrary types in bloom filter synopsis
Section titled “Handle arbitrary types in bloom filter synopsis”VAST no longer crashes when querying for string fields with non-string values. Instead, an error message warns the user about an invalid query.
Handle quoted strings in CSV parser
Section titled “Handle quoted strings in CSV parser”The import csv command handles quoted fields correctly. Previously, the
quotes were part of the parsed value, and field separators in quoted strings
caused the parser to fail.
By @dominiklohmann in #1712.