Version 1.4 release notes
The Grafana Enterprise Logs (GEL) team is excited to announce the release of GEL 1.4.
GEL 1.4 is built off of Loki 2.5.0, so it inherits all the features, enhancements, and bug fixes of the upstream project. Refer to the Loki v2.5 release notes for more information.
Features and enhancements
- GEL 1.4 includes version 3 of the Admin API. It removes the ability to delete tenants, access policies, and tokens via the API. Instead, when users no longer want a tenant, access policy, or token, they are expected to soft delete it by marking it “disabled”. Moving to soft deletes allows us to eliminate race conditions and cache invalidation problems that caused unexpected behavior with hard deletes. For more information about the v3 API, refer to Admin API.
Upgrade considerations
- After upgrading to GEL 1.4, we suggest you upgrade your GEL plugin for Grafana Enterprise to version 2.4.0 or a more recent version. This ensures that the plugin uses v3 of the Admin API, and it contains a few other small fixes, all of which are detailed in the plugin Changelog.
Bug fixes
1.4.0 bug fixes
- Fixed a bug in which the
common
configuration block for setting up a shared cloud storage client also required settingtype
within the Admin client’s storage block. The Admin client’s type will now be correctly inferred from the parameters in thecommon
block. - Fixed a bug in which a user with a label-based access policy could see label names and label values (but not actual log content) that their access policy did not grant to them. With this bug fix, the GEL label names and label values API endpoints properly enforce to label-based access controls.
- [SECURITY] Fix of enterprise authentication bypass in Grafana Enterprise Logs component “querier”. (CVE-2022-28660)
- When Grafana Enterprise Logs is deployed in microservices mode and enterprise authentication is used (
-auth.type=enterprise
), the querier component is not enforcing authentication and can be queried just specifying the tenant ID in the X-Scope-OrgID header, when its HTTP port is exposed. The HTTP port should not be exposed to external traffic.
- When Grafana Enterprise Logs is deployed in microservices mode and enterprise authentication is used (
Related Enterprise Logs resources
Grafana Enterprise Logs: Logging with security and scale
Join us for this webinar, which will cover: Challenges with logging as organizations scale and the volume of logs explodes, how Grafana Enterprise Logs enables organizations to make logs available to any team members who need them, features available in GEL and how to get access, a live product demo so you can see GEL for the first time
VIDEO: Watch this first-look demo of the new Grafana Enterprise Logs
Based on Loki, Grafana Enterprise Logs is part of the Grafana Enterprise Stack for composing and scaling observability on your own infrastructure.
Introducing Grafana Enterprise Logs, a core part of the Grafana Enterprise Stack integrated observability solution
Powered by the Loki open source project, the Enterprise Logs offering joins metrics and dashboards in our enterprise-ready stack for self-managed observability.