Sysdig On-Premises Release Notes

Here are the most recent release notes for the On-Premises version of Sysdig Platform. Review the entries to learn about the latest features and enhancements.

Supported Web Browsers: Sysdig supports, tests, and verifies the latest versions of Chrome and Firefox. Other browsers may also work but are not tested with the same rigour.
Falco Rules: You may also want to review the update log for Falco Rules. used in the Sysdig Secure Policy Editor.

7.0.0 Release, February 2025

Upgrade Process

Supported Upgrades From: 6.x

For the full supportability matrix, see the On-Premises Install Documentation. This repository also includes the on-premises Installation documentation.

Sysdig Platform

Next Gen Sysdig API Documentation

The Next Gen API Docs are the new and standardized documentation for both Sysdig Secure and Monitor APIs. To access them, see Next Gen API Docs.

Sysdig Secure

Zones

You can now use Zones to filter the results across Vulnerability Findings and the Events feed. A zone is a collection of scopes that represent logical groupings of your infrastructure or workloads. For example, you can create a zone for your production environment, a staging environment, or a region. They allow you to scope the infrastructure based on specific attributes for Hosts, Kubernetes, Image and Git. For more information, see Zones.

Configurable Data Retention for Scan Results

You can now configure the data retention period for Pipeline and Registry scan results, up to a maximum of 90 days. For more information, See Scan Results Retention.

Automations for Vulnerability Findings (Technical Preview)

You can use the new Sysdig Secure Automations feature to create automated actions, such as sending notifications via email and Slack, in response to conditions you specify. You can use this feature to create automations to alert on any new Vulnerability Findings. For more information, see Automations.

The feature is not enabled by default and requires a new Graph datastore added to the Sysdig On-Premise backend. As a result, this release may require additional hardware resources. Contact Sysdig Support to open a support case for guidance and assistance with the upgrade process.

Sysdig Monitor

Enhanced IOPS & NFS Visibility

Sysdig introduced the following metrics to enhance IOPS and NFS visibility at the filesystem mount level:

NFS Host

sysdig_host_fs_nfs_op_count
sysdig_host_fs_nfs_op_request_count
sysdig_host_fs_nfs_op_sent_bytes
sysdig_host_fs_nfs_op_recv_bytes
sysdig_host_fs_nfs_op_queue_time_us
sysdig_host_fs_nfs_op_round_trip_time_us
sysdig_host_fs_nfs_op_total_client_time_us

NFS Container

sysdig_container_fs_nfs_op_count
sysdig_container_fs_nfs_op_request_count
sysdig_container_fs_nfs_op_sent_bytes
sysdig_container_fs_nfs_op_recv_bytes
sysdig_container_fs_nfs_op_queue_time_us
sysdig_container_fs_nfs_op_round_trip_time_us
sysdig_container_fs_nfs_op_total_client_time_us

IOPS

sysdig_fs_file_total_time
sysdig_fs_file_open_count
sysdig_fs_file_error_total_count
sysdig_fs_file_total_bytes
sysdig_fs_file_in_bytes
sysdig_fs_file_out_bytes

For additional details, see Metrics Dictionary.

Defect Fixes

Fixed the login issue when using OpenID Connect integration.
Fixed the issue with setting up a Custom Role when using LDAP integration.

6.14.3 Hotfix Release, February 2025

Upgrade Process

Supported Upgrades From: 5.0.x, 5.1.x, 6.x

For the full supportability matrix, see the On-Premises Install Documentation. This repository also includes the on-premises Installation documentation.

Defect Fixes

This hotfix fixes an issue with setting up a Custom Role when using the lightweight directory access protocol (LDAP) integration.

6.16.2 Hotfix Release, January 2025

Upgrade Process

Supported Upgrades From: 5.0.x, 5.1.x, 6.x

For the full supportability matrix, see the On-Premises Install Documentation. This repository also includes the on-premises Installation documentation.

Defect Fixes

This hotfix fixes the issue with authentication when using OpenID Connect.

6.16.1 Release, January 2025

Upgrade Process

Supported Upgrades From: 5.0.x, 5.1.x, 6.x

For the full supportability matrix, see the On-Premises Install Documentation. This repository also includes the on-premises Installation documentation.

Sysdig Secure

Platform Audit Logs for CLI Scanner

Sysdig Platform Audit Logs now record the following CLI Scanner actions:

vm-collector-write
vm-policies-read
vm-policies-write
vm-riskacceptance-read-scanner
vm-riskacceptance-read-ui
vm-riskacceptance-write-ui

Track Risk Acceptance Actions of Users

Sysdig has enhanced its Vulnerability Management (VM) capabilities by introducing the ability to track user actions related to risk acceptance. You can now easily discover:

Which user created the risk
Which user last updated the risk
When these actions occurred

These enhancement provide greater transparency and control over risk acceptance and update workflows, enabling you to manage vulnerabilities more effectively. For more information, See Accepted Risks for Vulnerabilities.

Hide Accepted Risks

You can now hide accepted risks. This lets you focus on unresolved vulnerabilities. To support this, the Sysdig Vulnerability Overview pages and the Vulnerabilities tab on the scanning result pages now include a Risk Acceptance filter. This filter help you view All Risks or Accepted Risks, or hide accepted risks by selecting Risk Not Accepted. For more information, see, Filters.

SBOM Download Button

You can now download a complete Software Bill of Materials (SBOM) from your scan results in CycloneDX JSON format. For more information, see SBOM Download.

Feedback

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.