SaaS: Sysdig Monitor Release Notes
November 27, 2024
Service Account Expiry Notifications
We have expanded the Sysdig Monitor UI to support configuring notifications for expiring Team Based Service Accounts. This builds on existing API capabilities, making token management more accessible for all users.
By enabling these notifications, you can ensure your service account tokens are renewed on time.
For more details, see Expiry Notifications.
November 18, 2024
Alert Terminology
- The Over the Last parameter in Threshold Alerts, defining the time window for metric aggregation, is now called Time Aggregation.
- The For the Last parameter in Event Alerts, defining the time window that events are counted, is now called Count Over Last.
Embedded Images in Alert Notifications now supported for Microsoft Teams
- Threshold Alerts forwarding to Microsoft Teams now include an image of the time series data that triggered the alert rule. This feature was previously available only for Slack, Email, and Pagerduty.
October 14, 2024
The second set of usability enhancements for Dashboards is now available:
- Dashboard Popularity: Dashboard Manager now surfaces the popularity of a dashboard across your Sysdig team. Dashboard popularity is calculated based on several factors, including the number of visits, how recently it was visited, and number of unique users who visit.
- Fuzzy Search for Dashboards: Dashboard search now supports partial matches, misspellings, and approximate terms. You can also search by metrics, dashboard descriptions, as well as dashboard panels.
- The shared by my team section of the Dashboards navigation menu has been replaced by Most popular with my team.
October 7, 2024
Terraform Support for AWS Cloud Accounts
You can now integrate between AWS CloudWatch Metric Streams and Sysdig Monitor with the AWS CloudWatch Metrics Terraform Module. To forward CloudWatch metrics to Sysdig Monitor, see CloudWatch Monitoring.
October 4, 2024
Dashboard Quality of Life Enhancements
The first set of usability enhancements for Dashboards is now available:
- Recently Selected Values: Dashboard label values previously chosen will now be saved and displayed as “Recently Selected”, streamlining troubleshooting and allowing quicker access to recently used values.
- Dashboard Visibility: We’ve improved the distinction between private dashboards, shared dashboards, and those from the Library, making it easier to identify and manage different types of dashboards.
These updates are designed to enhance the overall dashboard experience and improve efficiency.
August 8, 2024
Alert Terminology
- Metric Alerts are now called Threshold Alerts.
- Threshold Alerts now include a Duration setting, specifying how long an alert condition must be continuously satisfied before triggering the alert rule.
- PromQL Alerts are now called Prometheus Alerts.
- Standarized terminology:
- Range refers to the time period over which a metric is aggregated. The Alert Editor still refers to this field with “over the last”.
- Duration refers to how long an alert condition must be continuously met to trigger an alert rule.
- Standarized API fields to
duration_seconds
andrange_seconds
for consistency.
August 2, 2024
Microsoft Deprecates Office 365 Connectors
Microsoft is deprecating Office 365 Connectors for Microsoft Teams notifications. According to the official deprecation notice, new connectors cannot be created after August 15, 2024, and existing ones will require a URL update to function after December 31, 2024. To avoid any interruption in notifications, see migrate from Office 365 Connects to Power Automate.
July 30, 2024
Alert Inhibition
You can now set up Alert Inhibition rules for Prometheus alerts. This feature stops secondary alert notifications from being forwarded if an upstream alert occurrence is already active. This helps reduce alert noise by preventing notifications from known downstream effects. To learn more, see Alert inhibition.
Alert Inhibition can only be configured via the API and is only available for Prometheus Alert Rules.
Improved Alert Preview Accuracy
The Alert preview for Metric Alerts and PromQL Alerts now more accurately reflects alert rule checks. The data points in the alert preview aligns with the actual alert evaluation intervals, ensuring a realistic representation of alert behavior, since each point in the alert preview corresponds to an actual alert rule check.
Unified Search
The Event feed now integrates scope-based search and free-text search in the same search bar, allowing you to filter events by both criteria from one convenient location.
Disable Metric Collection for a Prometheus Job
You can now exclude metrics from being collected by the Sysdig Agent via Metrics Usage or the Metrics Collection API. This feature is useful for managing integrations or Prometheus jobs that collect a large number of metrics, helping to reduce time series consumption.See Disable Collection of a Single Metric for a specific Prometheus job.
Metrics consumed with Prometheus Remote Write and Sysdig Agent metrics such as sysdig_container_cpu_used_percent
are not eligible for filtering.
July 26, 2024
Metric And Events Retention Increase
Sysdig has increased the data retention default for Monitor Metrics and Events.
Metrics Retention Increases Details
Metric Retention changes currently only applies to AWS regions: US East (Virginia), US West AWS (Oregon), AP Australia (Sydney), European Union (Frankfurt).
10s samples
from 4 hours to 7 days.1m samples
from 2 days to 14 days.10m samples
from 14 days to 30 days.
Events Retention Increases Details
Total Limit
from 1 Million to 2 Million events.Custom Events Retention
from 14 days to 30 days.
For more details, see Data Retention Limits.
June 20, 2024
New Costs Metrics with Custom Labels Support
Cost Explorer, part of the Costs module has been upgraded with new cost metrics, bringing support for Custom Kubernetes Labels from workloads and namespaces. For teams tagging their workloads, this enables more detailed cost breakdown.
Additionally, you can easily query cost metrics, thanks to the new simplified metrics. Dashboards and Alerts (Sysdig Cost Advisor section) have been added to the Library to showcase these new capabilities.
June 10, 2024
New UI Themes
Sysdig introduces new themes for the Sysdig Monitor UI, featuring new colors, shapes, typefaces, and artwork in both Light and Dark modes.
With the introduction of the new themes, you can experience a cleaner and more contemporary user interface, enhancing the data narrative. The refined lines of the new font and the minimalist color palette aim to provide additional space for the story Sysdig wants to convey with your data.
The older Light and Dark themes are automatically updated to the new ones, so no action is required on your part. The previous themes will remain accessible as Light - Legacy and Dark - Legacy for the next few months.
April 12, 2024
Alert Editor
When creating alerts, the Alert Editor displays the optimal time window for your alert rule, and every data point in the alert preview corresponds to an evaluation of an alert rule. You can also Explore Historical Data for Threshold Alerts.
March 15, 2024
Cost Advisor Adds Custom Pricing Support
You can now refine the pricing of your on-prem clusters for more control and precision. See Billing Profiles.
Global Service Accounts
Sysdig has extended the functionality of team-based service accounts with global service accounts. Unlike team-based service accounts, global service accounts can perform actions that require system level permissions. Admins can create a global service account through the API. See Global Service Accounts
March 5, 2024
Deactivate User Option
Sysdig has added the ability to configure a period of inactivity for a user, after which the user is deactivated. This helps large enterprises manage users automatically rather than manually deleting users from Sysdig.
This feature is deactivated by default. Currently, it can be enabled via API only.
For details, access the API documentation under User-Deactivation.
February 22, 2024
Label Enrichment in Alert Notifications
Sysdig has enriched labels for Metric and PromQL Alerts. This feature enhances alert notifications by automatically appending contextual labels upon triggering an alert rule. Beyond user-defined segmentation labels, it enriches notifications with useful contextual labels such as host_hostname
, cloud_provider_region
, and kube_cluster_name
. This additional context aids in faster issue identification, troubleshooting, and resolution.
January 29, 2024
Metrics Usage Improvements
Metrics Usage has been improved to help you navigate and understand your metrics more intuitively. Now, labels are automatically sorted by their cardinality for any given metric. This refinement streamlines analyzing Custom Metrics, making it simpler to pinpoint labels responsible for high cardinality.
January 17, 2024
Sysdig Default Pricing for Cost Advisor
Cost Advisor will now use Sysdig Default prices in instances where pricing information is unavailable, such as when viewing on-premises Kubernetes clusters. Additionally, Cost Advisor has been enhanced to help you identify the billing profile associated with a specific Kubernetes cluster.
December 22, 2023
Panel Search Is Generally Available
Dashboards have been enhanced with a Panel Search capability. It’s an effective and fast way to find metrics, labels, and text within a given Dashboard.
Group Outlier Alerts Is Generally Available
Group Outlier Alerts are now available as a new alert type in Sysdig Monitor, allowing users to identify entities that deviate significantly from the group’s normative behavior. Use Group Outlier Alerts to pinpoint web servers, containers, or databases exhibiting atypical behavior.
Embedded Images in Alert Notifications Supported in Slack, Email, and PagerDuty
Alert Notifications for Threshold Alerts sent to Slack, Email, and Pagerduty include a snapshot of the time series that triggered the alert rule. This provides visual insight into the entities that trigger the alert rules, facilitating faster responses and reducing the need for context switching. This also applies to Threshold Alerts configured with Form or with PromQL.
Enriched Kubernetes Troubleshooting with Labels and Annotations
Kubernetes Troubleshooting now displays your Kubernetes Metadata. View Labels and Annotations for each cluster, namespace, and workload in your Kubernetes environment by accessing the Overview tab in Troubleshooting. This additional context helps you to identify different parts of your infrastructure and understand their importance.
October 12, 2023
Enhanced Metrics Usage
Metrics Usage now displays which Dashboards and Alerts are using a given metric, enabling you to better understand the value a given metric provides.
September 19, 2023
Controlled Availability of Notification Snapshot
Metric Alert notifications forwarded to Slack or Email now offer a snapshot of the triggering time series data.
For the Slack notification channels, you can toggle the snapshot within the notification channel settings. When the channel is configured to Notify when Resolved, a snapshot of the time series data that resolves the alert is also provided in the notification.
This feature is released as controlled availability.
September 6, 2023
General Availability of Cost Advisor
Cost Advisor is now generally available boasting significant improvements. This feature enables teams to optimize visibility and reduce their Kubernetes costs.
Private Billing
Private Billing, currently available for Amazon Web Services (AWS), reconciles costs with your specific AWS billing agreements. Usage of reserved and spot instances, as well as savings plans and other discounts, will be used to calculate costs. This integration will be useful for users who want accurate costs instead of relying on public on-demand pricing.
You can view storage, load balancer, and idle costs. This paints a fuller picture of your Kubernetes costs where workloads are leveraging persistent volumes and load balancers, and idle costs give platform teams insights into the cost of used cluster capacity—a great indicator as to whether a cluster can be reshaped or scaled down.
Cost Explorer
Cost Explorer empowers you to explore costs in detail with granular segmentation. This helps you understand, for example, the cost of a workload that is running across multiple clusters.
Cost Reports
Cost Reports streamlines cost reporting processes with the ability to set up period report generation that can be exported to third-party systems, Slack, and email notifications, which in turn helps create a culture of cost discipline.
Workload rightsizing has been improved to give you more control over the recommendations provided. Depending on whether a workload is production or HA (high availability) grade, in staging or development setup, you can choose between more conservative or aggressive recommendations when rightsizing a workload.
Querying Improvements
PromQL Query
When adding a label to a metric, the query builder takes the metric into account and prompts you with only relevant labels and label values. Previously, all the labels in the system were displayed.
When writing a query, the query builder automatically selects all the labels used in the query and displays them in the table. This improves the user experience, allowing you to explore further based on the used label.
cloud_provider_* metrics
The label autocomplete capability has been enhanced for cloud metrics to display only relevant labels for a given metric. For cloud metrics, such as cloud_provider_*
, you no longer see a long list of labels for every metric, which in turn improves the accuracy of label autocomplete and makes the search faster.
August 09, 2023
Metrics Usage
Metrics Usage has been updated with a detailed per-metric view offering two new capabilities:
- Time Series Churn Over Time
- Label Exploration
Resolve Alert Occurrence Manually
Sysdig supports manually resolving a single alerting segment, all alerting segments for an alert rule, or even resolving every single alert in your infrastructure with bulk actions. For more information, see Manual Alert Resolution.
Deactivating Orphaned Alert Occurrences Automatically
If you don’t want to resolve alerts manually, you can configure Sysdig Monitor to do it automatically. Sysdig can now automatically mark orphaned alert occurrences as deactivated
. Orphaned alert occurrences are alerts triggered by entities that no longer report data. This can happen when cloud infrastructure is cycled, creating potentially outdated and obsolete alert occurrences. By leveraging this feature, you can ensure that alert occurrences are coming from entities that are actually reporting data into the system, instead of the database that was decommissioned months ago. See Orphaned Alerts.
Deprecation Notice
In the following weeks, the Legacy Explore module will be decommissioned from Sysdig Monitor. Sysdig recommends that you use Explore going forward.
Users wanting access to the Agent Console page, see Sysdig Agents.
August 04, 2023
Metrics Usage TS count
Metrics Usage has been enhanced with a “Total in the last 20 minutes” Time Series (TS) count.
Alert Resolution Delay
Alert Resolution Delay is available for Prometheus Alerts. This feature helps prevent noisy alert resolutions by ensuring that an alert condition has been resolved for a custom time before marking the alert as resolved. For more information, see Alert Resolution Delay.
Monitoring Integrations
- Added support for Istio 1.16.
- Added an option in Windows Installer to change the Prometheus agent port.
- Added time charts for CPU and Memory usage in Cluster Capacity Planning Dashboard.
July 24, 2023
Metrics Usage
Sysdig introduces Metrics Usage providing insights into your metrics cardinality and thus helping you understand which custom metrics are responsible for your time series usage and which are being scraped across your entire environment. See Metrics Usage for more information.
OpenID Single Logout Support
Sysdig added support for OpenID Single Logout. With Single Logout, a user can initiate a logout and terminate all sessions without having to log out from each one individually.
For more information, see Configure OpenID Single Logout.
Enhanced Sysdig Platform Audit
The Sysdig Platform Audit has been enhanced to include username and team name in the audit information in addition to user ID and team ID. The feature is now Generally Available.
For more information, see Sysdig Platform Audit.
Support for Inspecting and Initiating Captures
The Captures page has been improved by providing you with the ability to inspect captures as well as initiate captures. Earlier, you could initiate captures only in the old Explore.
For more information, see Captures.
June 16, 2023
Unified Subscription Page
The Subscription page has been enhanced to provide a unified look and feel for both Sysdig Monitor and Sysdig Secure. This improvement is particularly useful to Sysdig Platform users as it now shows all the relevant subscription information, regardless of which product is currently selected. The feature is Generally Available.
For more information, see Subscription.
June 06, 2023
Change Alerts
Sysdig introduces a new alert type, Change Alerts, to help you receive alerts when a metric dynamically changes over time. Change Alerts detect cases such as sudden spikes in network traffic or a sharp fall in the number of healthy nodes.
Change Alerts have advantages over alerts based on static threshold in the following scenarios:
Distributed infrastructure that has varying levels of traffic across different regions. In regions with significant activity, you may need to set different static thresholds for your alerts compared to the regions with lower levels of traffic. Change Alerts allow you to configure a more generic alert and to be notified when the database disk usage decreases 20% over the last 1 hour compared to the last 24 hours.
Static thresholds can be less useful when dealing with seasonal traffic patterns. In such cases, it is effective to focus on monitoring changes rather than relying on fixed thresholds.
For more information, see Change Alerts.
Group Mapping Settings API
Sysdig introduced a configuration API for Group Mapping. The API allows you to define how the Group Mapping will behave when the user has no groups or when conflicting groups exist. For example, in cases where several groups place the user in the same team with a different role. For more information, see the [Group Mapping API (/en/group-mapping-settings-api).
The feature is Generally Available.
Enhanced Agent Licenses Management API
The Agent Licenses Management API has been enhanced with several features. The API allows you to define limits, reservations, team ownership, and metadata for each access key. For more information, see Manage Access Keys.
The feature is Generally Available.
Silence by Alert
Silence rules have been enhanced by introducing the ability to silence alert notifications by alerts in addition to alert silences by scope. For more information, see Silence Alert Notifications.
Service Limit for Alerts
Service limits are the usage thresholds to help ensure that your Sysdig Monitor environment stays healthy and performs optimally. Alerts that exceed service limits will result in alert deactivation. For the conditions and service limits, see Service Limits.
Monitoring integrations
Integrations
- Introduced the new Rancher Kubernetes Control Plane (API Server, cAdvisor, Controller Manager, Scheduler, CoreDNS) integrations.
- Added support for Redis Cluster option in the Redis integration.
- Enhanced the Windows Prometheus bundle.
- Added PromQL filters and troubleshooting metrics to Kubernetes Control Plane integrations.
- Modified the configuration for Prometheus integrations jobs that use pod discovery to scrape running pods.
IBM Cloud Integrations
- IBM Cloud VMware shared
- IBM Cloud VPC VSI
Dashboards and Alerts
- Added timecharts for CPU and Memory usage in Cluster Capacity Planning dashboard.
- Added alert for Sysdig Monitor entitlement.
- Added
go_info
metric to the Go integration.
For more information, see Integration Library.
April 26, 2023
Availability of Sysdig Agent Overview Page in Data Sources
The Sysdig Agents page is now available in Sysdig Monitor. The page allows you to quickly determine which Agents are up to date, out of date, or soon to be out of date. For more information, see Sysdig Agents. The feature is Generally Available.
April 04, 2023
Translate Metric Alerts to PromQL
Metric alerts configured in form-based query can now be translated to PromQL, allowing you to choose between the convenience of Form and the flexibility of PromQL. Translation to PromQL allows you to define more complex and composite queries to create alerts that are not possible with Form. For more information, see Translate Metric Alerts to PromQL.
Monitoring integrations
Integrations
- k8s-cAdvisor
- Microsoft IIS
- Microsoft SQL Server Exporter
- KNative (integration with jobs only)
- Added the following:
- Zone label to the GCP integrations
- Security updates to the UBI image of exporters
- New ports and certificate path to the Etcd default job
IBM Cloud Integrations
The IBM cloud Integrations add new easy-to-use dashboards, focused on relevant metrics, and support specific alerts for these integrations.
- IBM Cloud PostgreSQL
- IBM Cloud MongoDB
Dashboards and Alerts
- Improved the CoreDNS integration dashboard and alerts with latency metrics.
- Deprecated the Linux Memory Usage dashboard.
- Moved the Linux Host Integration dashboard to the Host Infrastructure category.
- Improved the Memory Usage dashboard for Linux VMs.
- Removed the _AWS CloudWatch: DynamoDB Overview By Operation dashboard.
For more information, see Integration Library.
January 30, 2023
Cost Advisor
Cost Advisor, the predictable cost analysis tool for Kubernetes is available in preview. Cost Advisor features include:
- Visibility into Kubernetes cost allocation by team and business unit.
- Exportable reports with detailed spending data to include in your chargeback model.
- Easy identificaition of areas in your Kubernetes environments that can be optimized.
- Recommendations to reduce wasted resources by an average of 40%.
Cost advisor is currently supported only in AWS Environments.
Advisor Enhancements
Advisor has been improved to provide you the ability to:
- Navigate from a pod to Metrics Explorer without losing context.
- Create a scoped alert directly from an Advisory.
- View pod YAML, which is similar to
kubectl get pod <pod> -o yaml
. (Pod YAML requires agent 12.9.0 or newer)
Custom Webhook Notification Channel
You can now create a Custom Webhook Notification Channel and fully customize the HTTP payload of an alert notification forwarded to a third party webhook-based integration. Using Sysdig Templating Language, you can dynamically interpolate alert metadata such as alert name and severity as well as event context such as infrastructure labels and timestamp. This allows users to integrate with integrations beyond those natively supported by Sysdig Monitor.
Multi-Threshold Alerts
You can now configure optional warning threshold for metrics and events. For more information, see Multi-Threshold Alerts.
Alert on No Data
When a metric stops reporting, Sysdig Monitor shows no data where you would normally expect data points. To detect incidents that fail silently, you can configure alerts to notify you when a metric ceases to report data. For more information, see Create an Alert on No Data.
Dashboards & Explore enhancements
Dashboards have been improved to provide you the ability to:
- Find dashboards that you have recently accessed via the navigation menu.
- Delete dashboards in bulk.
- Alternate between viewing one or all segments in Timecharts with contextual tooltips.
- Find, search and understand labels easily with the refreshed PromQL Query Explorer module.
Monitoring integrations
Integrations
Fixed the following images with critical vulnerabilities:
- promcat-jmx-exporter
- postgresql-exporter
Added the following integrations:
- Linux Host
- GCP Memorystore for Redis
- GCP Cloud SQL MySQL
- GCP Cloud SQL PostgreSQL
- GCP Cloud SQL SQLServer
- GCP Compute Engine
Dashboards and Alerts
The following changes were made to Dashboards and Alerts:
- Updated the VM dashboards with new panels in the Windows and Linux dashboards.
- Added “Exporter Down” alert to detect offline exporters before you notice missing metrics.
- Added additional Windows alerts using Windows default metrics and process collector metrics.
- Added new Cloud Provider labels to help scoping for Time Series (TS) consumption and AWS dashboards.
- Added new TS dashboard (
Agents and Jobs Time Series
) for tracking TS consumption from Monitor Integrations. - Refreshed Red Hat OpenShift (RHOS) dashboards and alerts.
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.