SaaS: Sysdig Monitor Release Notes

Supported Web Browsers

Sysdig supports, tests, and verifies the latest versions of Chrome and Firefox. Other browsers may also work but are not tested with the same rigour.

April 12, 2024

Alert Editor

When creating alerts, the Alert Editor now automatically displays the optimal time window for your alert rule, and every data point in the alert preview now corresponds with an evaluation of an alert rule. You can also Explore Historical Data for Metric alerts.

March 15, 2024

Cost Advisor Adds Custom Pricing Support

You can now refine the pricing of your on-prem clusters for more control and precision. See Billing Profiles.

Global Service Accounts

Sysdig has extended the functionality of team-based service accounts with global service accounts. Unlike team-based service accounts, global service accounts can perform actions that require system level permissions. Admins can create a global service account through the API. See Global Service Accounts

March 5, 2024

Deactivate User Option

Sysdig has added the ability to configure a period of inactivity for a user, after which the user is deactivated. This helps large enterprises manage users automatically rather than manually deleting users from Sysdig.

This feature is deactivated by default. Currently, it can be enabled via API only.

For details, access the API documentation under User-Deactivation.

February 22, 2024

Label Enrichment in Alert Notifications

Sysdig has enriched labels for Metric and PromQL Alerts. This feature enhances alert notifications by automatically appending contextual labels upon triggering an alert rule. Beyond user-defined segmentation labels, it enriches notifications with useful contextual labels such as host_hostname, cloud_provider_region, and kube_cluster_name. This additional context aids in faster issue identification, troubleshooting, and resolution.

January 29, 2024

Metrics Usage Improvements

Metrics Usage has been improved to help you navigate and understand your metrics more intuitively. Now, labels are automatically sorted by their cardinality for any given metric. This refinement streamlines analyzing Custom Metrics, making it simpler to pinpoint labels responsible for high cardinality.

January 17, 2024

Sysdig Default Pricing for Cost Advisor

Cost Advisor will now use Sysdig Default prices in instances where pricing information is unavailable, such as when viewing on-premises Kubernetes clusters. Additionally, Cost Advisor has been enhanced to help you identify the billing profile associated with a specific Kubernetes cluster.

December 22, 2023

Panel Search Is Generally Available

Dashboards have been enhanced with a Panel Search capability. It’s an effective and fast way to find metrics, labels, and text within a given Dashboard.

Group Outlier Alerts Is Generally Available

Group Outlier Alerts are now available as a new alert type in Sysdig Monitor, allowing users to identify entities that deviate significantly from the group’s normative behavior. Use Group Outlier Alerts to pinpoint web servers, containers, or databases exhibiting atypical behavior.

Embedded Images in Alert Notifications Supported in Slack, Teams, Email, and PagerDuty

Alert Notifications for Metric Alerts sent to Slack, Email, and Pagerduty now include a snapshot of the time series that triggered the alert rule. This addition provides instant visual insight into the entities that trigger the alert rules, facilitating faster responses and reducing the need for context switching. This enhancement applies to Metric Alerts configured with Form as well as Metric Alerts configured in PromQL.

Enriched Kubernetes Troubleshooting with Labels and Annotations

Kubernetes Troubleshooting now displays your Kubernetes Metadata. View Labels and Annotations for each cluster, namespace, and workload in your Kubernetes environment by accessing the Overview tab in Troubleshooting. This additional context helps you to identify different parts of your infrastructure and understand their importance.

October 12, 2023

Enhanced Metrics Usage

Metrics Usage now displays which Dashboards and Alerts are using a given metric, enabling you to better understand the value a given metric provides.

September 19, 2023

Controlled Availability of Notification Snapshot

Metric Alert notifications forwarded to Slack or Email now offer a snapshot of the triggering time series data.

For the Slack notification channels, you can toggle the snapshot within the notification channel settings. When the channel is configured to Notify when Resolved, a snapshot of the time series data that resolves the alert is also provided in the notification.

This feature is released as controlled availability.

September 6, 2023

General Availability of Cost Advisor

Cost Advisor is now generally available boasting significant improvements. This feature enables teams to optimize visibility and reduce their Kubernetes costs.

Private Billing

Private Billing, currently available for Amazon Web Services (AWS), reconciles costs with your specific AWS billing agreements. Usage of reserved and spot instances, as well as savings plans and other discounts, will be used to calculate costs. This integration will be useful for users who want accurate costs instead of relying on public on-demand pricing.

You can view storage, load balancer, and idle costs. This paints a fuller picture of your Kubernetes costs where workloads are leveraging persistent volumes and load balancers, and idle costs give platform teams insights into the cost of used cluster capacity—a great indicator as to whether a cluster can be reshaped or scaled down.

Cost Explorer

Cost Explorer empowers you to explore costs in detail with granular segmentation. This helps you understand, for example, the cost of a workload that is running across multiple clusters.

Cost Reports

Cost Reports streamlines cost reporting processes with the ability to set up period report generation that can be exported to third-party systems, Slack, and email notifications, which in turn helps create a culture of cost discipline.

Workload rightsizing has been improved to give you more control over the recommendations provided. Depending on whether a workload is production or HA (high availability) grade, in staging or development setup, you can choose between more conservative or aggressive recommendations when rightsizing a workload.

Querying Improvements

PromQL Query

• When adding a label to a metric, the query builder takes the metric into account and prompts you with only relevant labels and label values. Previously, all the labels in the system were displayed.

• When writing a query, the query builder automatically selects all the labels used in the query and displays them in the table. This improves the user experience, allowing you to explore further based on the used label.

cloud_provider_* metrics

The label autocomplete capability has been enhanced for cloud metrics to display only relevant labels for a given metric. For cloud metrics, such as cloud_provider_*, you no longer see a long list of labels for every metric, which in turn improves the accuracy of label autocomplete and makes the search faster.

August 09, 2023

Metrics Usage

Metrics Usage has been updated with a detailed per-metric view offering two new capabilities:

• Time Series Churn Over Time
• Label Exploration

Resolve Alert Occurrence Manually

Sysdig supports manually resolving a single alerting segment, all alerting segments for an alert rule, or even resolving every single alert in your infrastructure with bulk actions. For more information, see Manual Alert Resolution.

Deactivating Orphaned Alert Occurrences Automatically

If you don’t want to resolve alerts manually, you can configure Sysdig Monitor to do it automatically. Sysdig can now automatically mark orphaned alert occurrences as deactivated. Orphaned alert occurrences are alerts triggered by entities that no longer report data. This can happen when cloud infrastructure is cycled, creating potentially outdated and obsolete alert occurrences. By leveraging this feature, you can ensure that alert occurrences are coming from entities that are actually reporting data into the system, instead of the database that was decommissioned months ago. See Orphaned Alerts.

Deprecation Notice

Users wanting access to the Agent Console page, see Sysdig Agents.

August 04, 2023

Metrics Usage TS count

Metrics Usage has been enhanced with a “Total in the last 20 minutes” Time Series (TS) count.

Alert Resolution Delay

Alert Resolution Delay is available for PromQL Alerts. This feature helps prevent noisy alert resolutions by ensuring that an alert condition has been resolved for a custom time before marking the alert as resolved. For more information, see Alert Resolution Delay.

Monitoring Integrations

• Added support for Istio 1.16.
• Added an option in Windows Installer to change the Prometheus agent port.
• Added time charts for CPU and Memory usage in Cluster Capacity Planning Dashboard.

July 24, 2023

Metrics Usage

Sysdig introduces Metrics Usage providing insights into your metrics cardinality and thus helping you understand which custom metrics are responsible for your time series usage and which are being scraped across your entire environment. See Metrics Usage for more information.

OpenID Single Logout Support

Sysdig added support for OpenID Single Logout. With Single Logout, a user can initiate a logout and terminate all sessions without having to log out from each one individually.

For more information, see Configure OpenID Single Logout.

Enhanced Sysdig Platform Audit

The Sysdig Platform Audit has been enhanced to include username and team name in the audit information in addition to user ID and team ID. The feature is now Generally Available.

For more information, see Sysdig Platform Audit.

Support for Inspecting and Initiating Captures

The Captures page has been improved by providing you with the ability to inspect captures as well as initiate captures. Earlier, you could initiate captures only in the old Explore.

For more information, see Captures.

June 16, 2023

Unified Subscription Page

The Subscription page has been enhanced to provide a unified look and feel for both Sysdig Monitor and Sysdig Secure. This improvement is particularly useful to Sysdig Platform users as it now shows all the relevant subscription information, regardless of which product is currently selected. The feature is Generally Available.

For more information, see Subscription.

June 06, 2023

Change Alerts

Sysdig introduces a new alert type, Change Alerts, to help you receive alerts when a metric dynamically changes over time. Change Alerts detect cases such as sudden spikes in network traffic or a sharp fall in the number of healthy nodes.

Change Alerts have advantages over alerts based on static threshold in the following scenarios:

• Distributed infrastructure that has varying levels of traffic across different regions. In regions with significant activity, you may need to set different static thresholds for your alerts compared to the regions with lower levels of traffic. Change Alerts allow you to configure a more generic alert and to be notified when the database disk usage decreases 20% over the last 1 hour compared to the last 24 hours.

• Static thresholds can be less useful when dealing with seasonal traffic patterns. In such cases, it is effective to focus on monitoring changes rather than relying on fixed thresholds.

For more information, see Change Alerts.

Group Mapping Settings API

Sysdig introduced a configuration API for Group Mapping. The API allows you to define how the Group Mapping will behave when the user has no groups or when conflicting groups exist. For example, in cases where several groups place the user in the same team with a different role. For more information, see the [Group Mapping API (/en/group-mapping-settings-api).

The feature is Generally Available.

Enhanced Agent Licenses Management API

The Agent Licenses Management API has been enhanced with several features. The API allows you to define limits, reservations, team ownership, and metadata for each access key. For more information, see Manage Access Keys.

The feature is Generally Available.

Silence by Alert

Silence rules have been enhanced by introducing the ability to silence alert notifications by alerts in addition to alert silences by scope. For more information, see Silence Alert Notifications.

Service Limit for Alerts

Service limits are the usage thresholds to help ensure that your Sysdig Monitor environment stays healthy and performs optimally. Alerts that exceed service limits will result in alert deactivation. For the conditions and service limits, see Service Limits.

Monitoring integrations

Integrations

• Introduced the new Rancher Kubernetes Control Plane (API Server, cAdvisor, Controller Manager, Scheduler, CoreDNS) integrations.
• Added support for Redis Cluster option in the Redis integration.
• Enhanced the Windows Prometheus bundle.
• Added PromQL filters and troubleshooting metrics to Kubernetes Control Plane integrations.
• Modified the configuration for Prometheus integrations jobs that use pod discovery to scrape running pods.

IBM Cloud Integrations

• IBM Cloud VMware shared
• IBM Cloud VPC VSI

Dashboards and Alerts

• Added timecharts for CPU and Memory usage in Cluster Capacity Planning dashboard.
• Added alert for Sysdig Monitor entitlement.
• Added go_info metric to the Go integration.

For more information, see Integration Library.

April 26, 2023

Availability of Sysdig Agent Overview Page in Data Sources

The Sysdig Agents page is now available in Sysdig Monitor. The page allows you to quickly determine which Agents are up to date, out of date, or soon to be out of date. For more information, see Sysdig Agents. The feature is Generally Available.

April 04, 2023

Translate Metric Alerts to PromQL

Metric alerts configured in form-based query can now be translated to PromQL, allowing you to choose between the convenience of form and the flexibility of PromQL. Translation to PromQL also allows you to define more complex and composite queries to create alerts that are not possible with form. For more information, see Translate Metric Alerts to PromQL.

Monitoring integrations

Integrations

• k8s-cAdvisor
• Microsoft IIS
• Microsoft SQL Server Exporter
• KNative (integration with jobs only)
• Added the following:
  • Zone label to the GCP integrations
  • Security updates to the UBI image of exporters
  • New ports and certificate path to the Etcd default job

IBM Cloud Integrations

The IBM cloud Integrations add new easy-to-use dashboards, focused on relevant metrics, and support specific alerts for these integrations.

• IBM Cloud PostgreSQL
• IBM Cloud MongoDB

Dashboards and Alerts

• Improved the CoreDNS integration dashboard and alerts with latency metrics.
• Deprecated the Linux Memory Usage dashboard.
• Moved the Linux Host Integration dashboard to the Host Infrastructure category.
• Improved the Memory Usage dashboard for Linux VMs.
• Removed the _AWS CloudWatch: DynamoDB Overview By Operation dashboard.

For more information, see Integration Library.

January 30, 2023

Cost Advisor

Cost Advisor, the predictable cost analysis tool for Kubernetes is available in preview. Cost Advisor features include:

• Visibility into Kubernetes cost allocation by team and business unit.
• Exportable reports with detailed spending data to include in your chargeback model.
• Easy identificaition of areas in your Kubernetes environments that can be optimized.
• Recommendations to reduce wasted resources by an average of 40%.

Cost advisor is currently supported only in AWS Environments.

Advisor Enhancements

Advisor has been improved to provide you the ability to:

• Navigate from a pod to Metrics Explorer without losing context.
• Create a scoped alert directly from an Advisory.
• View pod YAML, which is similar to kubectl get pod <pod> -o yaml. (Pod YAML requires agent 12.9.0 or newer)

Custom Webhook Notification Channel

You can now create a Custom Webhook Notification Channel and fully customize the HTTP payload of an alert notification forwarded to a third party webhook-based integration. Using Sysdig Templating Language, you can dynamically interpolate alert metadata such as alert name and severity as well as event context such as infrastructure labels and timestamp. This allows users to integrate with integrations beyond those natively supported by Sysdig Monitor.

Multi-Threshold Alerts

You can now configure optional warning threshold for metrics and events. For more information, see Multi-Threshold Alerts.

Alert on No Data

When a metric stop reporting, Sysdig Monitor show no data where you would normally expect data points. To detect such incidents that fail silently, you can configure alerts to notify you when a metric ceases to report data. For more information, see Create an Alert on No Data.

Dashboards & Explore enhancements

Dashboards have been improved to provide you the ability to:

• Find dashboards that you have recently accessed via the navigation menu.
• Delete dashboards in bulk.
• Alternate between viewing one or all segments in Timecharts with contextual tooltips.
• Find, search and understand labels easily with the refreshed PromQL Query Explorer module. Read more

Monitoring integrations

Integrations

Fixed the following images with critical vulnerabilities:

• promcat-jmx-exporter
• postgresql-exporter

Added the following integrations:

• Linux Host
• GCP Memorystore for Redis
• GCP Cloud SQL MySQL
• GCP Cloud SQL PostgreSQL
• GCP Cloud SQL SQLServer
• GCP Compute Engine

Dashboards and Alerts

The following changes were made to Dashboards and Alerts:

• Updated the VM dashboards with new panels in the Windows and Linux dashboards.
• Added “Exporter Down” alert to detect offline exporters before you notice missing metrics.
• Added additional Windows alerts using Windows default metrics and process collector metrics.
• Added new Cloud Provider labels to help scoping for Time Series (TS) consumption and AWS dashboards.
• Added new TS dashboard (Agents and Jobs Time Series) for tracking TS consumption from Monitor Integrations.
• Refreshed Red Hat OpenShift (RHOS) dashboards and alerts.