Fixed installation issue on native RHEL 7.x installs

The agent installer script has been updated to refer to an updated epel repository.

Improved JMX metrics reporting

Fixed an issue when retrieving JMX metrics which could result in missing samples.

(Sysdig Secure): Improvement in Kubernetes Audit events

Fixed runtime policy scopes for Kubernetes audit events.

(Sysdig Secure) Fixed audit event exception

The system now catches JSON object-type exceptions when parsing Kubernetes audit events.

Improved error message

Improved the error message reported when the Sysdig agent cannot find a pre-installed kernel header or cannot download a sysdigcloud-probe.

Performance improvement in dragent logging

Fixed issue with Prometheus metrics names

Corrected a problem that resulted in the suffix _total to be removed from Prometheus counter metric names.

Mask the customer ID in log files

The Customer ID is no longer output in the agent log, to avoid inadvertent exposure when sharing of log files.

Kubernetes role node label included by default

The kubernetes.node.label.kubernetes.io/role label is available by default

Update Kubernetes API used, in order to expand support of Kubernetes v1.16

Replaced usage of the extensions/v1beta1 Kubernetes API with apps/v1 in the agent. This is required for supporting Kubernetes v1.16 using the agent's legacy Kubernetes integration (when new_k8s is not enabled).

Introduced a new config option in ElasticSearch app check

Introduced a new config option to generate cluster-wide primary shard metrics from a master node: pshard_stats_master_node_only. See Elasticsearch (Example 3).

Enhanced Postgresql app check

The Postgres app check has been enhanced to provide new metrics and examples. See PostgreSQL.

Agent preparation for upcoming Policy Advisor feature in Sysdig Secure

The agent will support new Rules generated by Sysdig's Kubernetes Policy Advisor. This agent is the minimum version required to use the upcoming feature.

Improved system events handling for Ubuntu 19.10

On kernels 5.1 and newer, some syscall events were incorrectly dropped. This has been fixed.

Stopped Kubernetes pause containers (pods) from being reported

Fixed an issue where Kubernetes pause containers were also showing up in Kubentes events. This fix filters them out from the events being reported.

Fixed rare issue on OpenShift

Fixed an issue where, in a rare case, a dropped event could cause a kernel deadlock and crash the node.

Fixed issue preventing kernel module creation for Debian Buster

This change adds support for building the Sysdig Monitor agent kernel module for Debian Buster.

Improved event timestamp in Kubernetes

This fix ensures that user events get the correct timestamp with Kubernetes v1.16 when thego_k8s_user_events option is set to true.

Updated Kubernetes API used, in order to expand support of Kubernetes v1.16

In dragent.yaml, the Kubernetes API extensions/v1beta1 is updated to apps/v1. This enables agent support for Kubernetes v1.16 even when the new_k8s option is set to false.

Fixed a Kubernetes event reporting issue

Fixed an issue with Kubernetes Events where the host MAC scope was not populated correctly, resulting in not showing up on the dashboard.

Improved Kubernetes events handling from delegated agents

When using go_k8s_user_events, kubernetes events from non-delegated agents are no longer sent.

Eliminated legacy "BASELINES" message

Stopped processing legacy BASELINES messages from the backend collector.

Performance improvement at startup

The agent now defers initialization of Secure-related components slightly to reduce excess resource usage at startup.

Included Example of a Prometheus Matching Rule Using HTTPS

The Sysdig agent will use HTTPS for scraping when target's annotation has "kuberentes.pod.annotation.prometheus.io/scheme: https".

Kubernetes versions older than 1.9 no longer supported.

The Sysdig agent has replaced the use of the extensions/v1beta1 Kubernetes API with apps/v1.

Included Example of a Prometheus Matching Rule Using HTTPS

The Sysdig agent will use HTTPS for scraping when target's annotation has "kuberentes.pod.annotation.prometheus.io/scheme: https".

The RabbitMQ app check has a new config option: filter_by_node

Without this option, each node reports cluster-wide information (as presented by rabbitmq itself). This option makes it easier to view the metrics in the UI by removing redundant information reported by individual nodes. See RabbitMQ for details.

Asynchronous metadata collection for CRI-O and containerd

The collection of container metadata from CRI-based runtimes was previously synchronous with other agent tasks.

Prioritize and filter how process metrics are reported in Sysdig Monitor. 

In addition to filtering data by container, it is also possible to filter independently by process. Broadly speaking, this refinement helps ensure that relevant data is reported while noise is reduced. See Include/Exclude Processes for details.