Ops & Security improvements in the new release of Chronograf

By Tim Hall / Product
Feb 02, 2022

Chronograf 1.9.3 – Release Notes

This latest release of Chronograf includes the following new improvements and fixes:

Security

• Upgraded bluemonday component to resolve CVE-2021-29272.
• Ensure enforcement of access to one and only one organization between multiple tabs.

Kapacitor Integration

• You can now rename a TICKscript. Chronograf already extracts the TICKscript name from the name variable within the script itself. If no name variable is present, the TICKscript's ID is used as its name. This improvement inserts or modifies the name variable in the script upon a name change. The TICKScript thus must be saved to persist the change. Users are warned about unsaved changes when exiting without saving, which is consistent with all other types of changes on the page (editor, type, database, retention policy, etc.).

Operational Improvements

InfluxDB Query Management

• • Two important additions to the InfluxDB Query Management tab have been made:
    1. Query status is now displayed, allowing you to see if a query is running or has been killed.
    2. You can now download the contents of the tab into a CSV.

HTTP Proxy Support

• • The HTTP client used by Chronograf now consistently honors the HTTP proxy settings from environment variables. Improvements were made to:
    • Token command within chronoctl
    • OAuth client
    • Kapacitor client
    • Flux client

Enhanced Logging

• • Improved logging by capturing the URL of the InfluxDB instance when a ping fails. In the case where Chronograf is connected to multiple InfluxDB instances, it's helpful to identify which connection is having an issue.

Grab the latest bits from our downloads page under “Are you interested in InfluxDB 1.x Open Source?”

If you find issues or have questions, please join our InfluxDB Community Slack, post them in our Chronograf GitHub Repo or our Community Site and we will take a look.