🚀 Features
Section titled “🚀 Features”Introduce an experimental sigma operator
Section titled “Introduce an experimental sigma operator”Aug 31, 2023 · @dominiklohmann · #3138
The new sigma operator filters its input with Sigma rules and outputs matching
events alongside the matched rule.
Bump the tenzir-plugins submodule pointer to include the pipeline manager’s failure and rendered diagnostics functionality
Section titled “Bump the tenzir-plugins submodule pointer to include the pipeline manager’s failure and rendered diagnostics functionality”Aug 31, 2023 · @Dakostu · #3479
The rendered field in the pipeline manager diagnostics delivers a displayable
version of the diagnostic’s error message.
Pipelines that encounter an error during execution are now in a new failed
rather than stopped state.
Bump the tenzir-plugins submodule pointer to include the pipeline manager’s resuming and pausing functionality
Section titled “Bump the tenzir-plugins submodule pointer to include the pipeline manager’s resuming and pausing functionality”Aug 25, 2023 · @Dakostu · #3471
The pause action in the /pipeline/update endpoint suspends a pipeline and
sets its state to paused. Resume it with the start action.
Newly created pipelines are now in a new created rather than stopped state.
Make show pipelines a thing
Section titled “Make show pipelines a thing”The new show pipelines aspect displays a list of all managed pipelines.
Implement show config
Section titled “Implement show config”Aug 14, 2023 · @dominiklohmann · #3455
The show config aspect returns the configuration currently in use, combining
options set in the configuration file, the command-line, environment options.
Implement compress and decompress operators
Section titled “Implement compress and decompress operators”Aug 10, 2023 · @dominiklohmann · #3443
The compress [--level <level>] <codec> and decompress <codec> operators
enable streaming compression and decompression in pipelines for brotli, bz2,
gzip, lz4, and zstd.
🔧 Changes
Section titled “🔧 Changes”Refactor show aspects and rewrite version
Section titled “Refactor show aspects and rewrite version”The version operator no longer exists. Use show version to get the Tenzir
version instead. The additional information that version produced is now
available as show build, show dependencies, and show plugins.
🐞 Bug Fixes
Section titled “🐞 Bug Fixes”Tweak the execution node behavior
Section titled “Tweak the execution node behavior”Aug 24, 2023 · @dominiklohmann · #3470
Pipeline operators that create output independent of their input now emit their
output instantly instead of waiting for receiving further input. This makes the
shell operator more reliable.
The show <aspect> operator wrongfully required unsafe pipelines to be allowed
for some aspects. This is now fixed.