1.34.3 - histograms large and small 📊

Fixed a bug with the default histogram when there are larger differences between histogram bar document counts.

What's Changed

• Fix histogram when there are larger differences in document count by @heyLu in #38

Full Changelog: 1.34.2...1.34.3

1.34.2 - repairin' some emoji(s)

They got broken at some point, why may remain a mystery across time. Now they are fixed. :)

What's Changed

• Fix emoji (to use some that actually exist) by @heyLu in #37
• Fix build on Python 3.12 by updating dependencies by @heyLu in #36
• Lots of dependency updates courtesy of @dependabot

Full Changelog: 1.34.1...1.34.2

1.34.1 - nanosecond, what nanosecond? 🕰️

Some components send sub-microsecond timestamps, which Python can't parse by itself. We now support these timestamps by chopping off the sub-microsecond timestamps and moving happily along. The UI will still display the original timestamps, but we ignore it internally.

What's Changed

• Accept (but ignore) doc timestamps with nanosecond precision by @heyLu in #26

Full Changelog: 1.34.0...1.34.1

1.34.0 - highlight unaggregated values 👻

When using aggregation_terms we now display bars in the histogram for values that don't have
the aggregated field. E.g. when aggregating on status.code we now show gray bars if there are
documents that don't have that field. In practice it looks like this:

Other than that we now support Python 3.12 and a bunch of dependencies have been updated.

What's Changed

• Bump jinja2 from 3.1.2 to 3.1.3 by @dependabot in #20
• Bump aiohttp from 3.9.0 to 3.9.2 by @dependabot in #21
• Add buckets for values without the aggregated field by @heyLu in #24
• Bump fastapi from 0.97.0 to 0.109.1 by @dependabot in #23
• Update Python version to 3.12 by @heyLu in #25

Full Changelog: 1.33.0...1.34.0

1.33.0 - support multiple elasticsearch hosts 🤹🏼

es-stream-logs now supports multiple elasticsearch hosts for each endpoint. This is supported by all ElasticSearch clients, now we do as well, making the config a bit more flexible.

This is a breaking change to the config, but the change is simple to do, endpoints is now a map from a string to a list of hosts:

diff --git a/config.json b/config.json
index ab037b9..66a77a2 100644
--- a/config.json
+++ b/config.json
@@ -1,10 +1,10 @@
 {
   "default_endpoint": "local",
   "endpoints": {
-    "local": {"url": "http://localhost:9200"},
-    "dc3": {"url": "https://elasticsearch-dc3.example.com:443"},
-    "dc1": {"url": "https://elasticsearch-dc1.example.com:443"},
-    "dc2": {"url": "https://elasticsearch-dc2.example.com:443"}
+    "local": ["http://localhost:9200", "http://localhost:9201"],
+    "dc3": ["https://elasticsearch-dc3.example.com:443"],
+    "dc1": ["https://elasticsearch-dc1.example.com:443"],
+    "dc2": ["https://elasticsearch-dc2.example.com:443"]

1.32.3 - more small fixes

This release contains one fix to error handling where a now-removed exception was used and a few dependency updates courtesy of @dependabot.

What's Changed

• Bump urllib3 from 1.26.14 to 1.26.17 by @dependabot in #13
• Bump urllib3 from 1.26.17 to 1.26.18 by @dependabot in #14
• Bump aiohttp from 3.8.5 to 3.8.6 by @dependabot in #16
• Bump werkzeug from 2.2.3 to 3.0.1 by @dependabot in #15
• Use correct exceptions after elasticsearch-py 8.x update by @heyLu in #17

Full Changelog: 1.32.2...1.32.3

1.32.2 - fix xss vulnerability 🔓

This fixes an XSS vulnerability that was possible when an attacker has control over the fields used in field_format. See #12 for details.

Our CSP header prevented execution of injected inline JavaScript, but may not have caught everything. If you'd like to look for more security issues like this, have a look at the following:

• the HTML renderer: https://github.com/spreadshirt/es-stream-logs/blob/main/render/render_html.py
• the JavaScript component rendering client-side dynamic enhancements: https://github.com/spreadshirt/es-stream-logs/blob/main/static/enhance.js
• our CSP policy: https://github.com/spreadshirt/es-stream-logs/blob/main/es_stream_logs.py#L777-L785

What's Changed

• Escape values in field_format templates by @heyLu in #12
• Bump aiohttp from 3.8.4 to 3.8.5 by @dependabot in #10
• Bump certifi from 2022.12.7 to 2023.7.22 by @dependabot in #11

Full Changelog: 1.32.1...1.32.2

1.32.1 - dependency updates!

Some updates to dependencies, as pointed out by @dependabot.

• #9 Bump requests from 2.28.2 to 2.31.0
• #8 Bump starlette from 0.25.0 to 0.27.0 (includes fastapi update)

1.32.0 - aggregation colours per-line

The colours that were displayed in the histogram based on the aggregation_terms parameter, are now also displayed on each log line. This should make the different types of log lines easier to distinguish at a glance, e.g. with aggregation_terms=level they could be coloured based on the log level.

The colours should match the ones in the histogram, e.g. yellow for WARN level and red for ERROR level.

Here's an example of what this looks like:

1.31.0 - view single documents

This adds better support for queries that have a single result, including _id queries.