Red Hat Summit Red Hat SummitSupportKonsoleEntwicklerDemo startenKontakt

Dieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.

Chapter 1. Logging 6.2 Release Notes

1.1. Logging 6.2.9 Release Notes
Link kopieren

This release includes RHSA-2026:4500.

1.1.1. Bug fixes
Link kopieren

  • Before this update, syslog output could become corrupted when Eventrouter log messages contained newline characters (\n). The syslog sink interpreted newlines as delimiters. It split a single event across multiple malformed records and populated metadata fields such as hostname and syslogtag with invalid data. With this update, the system escapes newline characters in log payloads. As a result, the syslog sink emits a single, well-formed line with correct metadata. (LOG-8892)

1.1.2. CVEs
Link kopieren

1.2. Logging 6.2.8 Release Notes
Link kopieren

This release includes RHBA-2026:2565.

1.2.1. New features and enhancements
Link kopieren

  • With this update, the log collector is updated to Vector 0.47.0. (LOG-8137)

1.2.2. Bug fixes
Link kopieren

  • Before this update, requests exceeding the Kafka broker message.max.size setting were rejected because the collector tuning did not correctly configure the Kafka producer. With this update, the Kafka client configuration allows messages up to the configured MaxSize. As a result, the Kafka sink correctly processes log messages within the allowed size limit. (LOG-7754)
  • Before this update, the ClusterLogForwarder API required OpenTelemetry Protocol (OTLP) endpoint URLs to terminate with v1/logs, which made validation too restrictive for some receivers. With this update, the validation allows any HTTP or HTTPS URL. As a result, you can configure OTLP endpoints with more flexible URL structures. (LOG-8003)
  • Before this update, the collector merged large application log messages without size restrictions. As a consequence, merged lines could overflow an output buffer. With this update, the MaxMessageSize tuning parameter is introduced for application logs. As a result, the collector discards messages that exceed the configured threshold, which prevents buffer overflows and helps ensure collector stability. (LOG-8292)

1.3. Logging 6.2.7 Release Notes
Link kopieren

This release includes RHSA-2025:23534.

1.3.1. Bug fixes
Link kopieren

  • Before this update, clusters with a large number of nodes could overwhelm the Kubernetes API server with requests during collector upgrade. This update enables caching of Kubernetes API server calls and introduces the MaxUnavailable field in the ClusterLogForwarder custom resource (CR) to tune collector rollout strategy. Use the MaxUnavailable field for collectors during upgrade so as to not overwhelm the Kubernetes API server with requests. (LOG-7597)
  • Before this update, Vector could not recover from silently closed TCP connections. With this update, Vector uses keepalive probes to detect and automatically re-establish unresponsive TCP connections. (LOG-7753)
  • Before this update, buffer corruption following an out-of-memory (OOM) event caused deserialization errors that blocked log forwarding and reduced OpenShift Logging resilience. This update improves the recovery logic for corrupted buffer files and prevents log forwarding issues after OOM events. The collector now successfully recovers from OOM events and subsequent buffer corruption, ensuring continuous log forwarding. (LOG-7873)

1.3.2. CVEs
Link kopieren

1.4. Logging 6.2.6 Release Notes
Link kopieren

This release includes RHBA-2025:19347.

1.5. Logging 6.2.5 Release Notes
Link kopieren

This release includes RHBA-2025:16075.

1.5.1. Bug fixes
Link kopieren

  • Before this update, the vector_buffer_byte_size and vector_buffer_events metrics incorrectly reported negative values under certain system load and timing conditions. This led to unreliable monitoring, potentially masking buffer issues. With this update, a concurrent, centralized state tracker ensures that these metrics are always reported as non-negative values. This ensures that the metrics correctly report buffer sizes helping with accurate monitoring. (LOG-7593)
  • Before this update, a change to the container image format caused issues when mirroring the images to image registries that do not support the new format. With this update, the container images are published using the older format again resolving the issue. (LOG-7700)

1.6. Logging 6.2.4 Release Notes
Link kopieren

This release includes RHSA-2025:13241.

1.6.1. Bug Fixes
Link kopieren

  • Before this update, using the prune filter to remove Kubernetes metadata fields such as .kubernetes.namespace_name caused a remapping error during Syslog output generation. This prevented the appname and tag fields from being correctly initialized and could prevent forwarding of logs. With this update, this issue is fixed. Improved error handling initializes these fields with an empty string if the source metadata is missing, ensuring successful log processing. (LOG-7267)
  • Before this update, a ClusterLogForwarder custom resource (CR) that was configured for a LokiStack output with the OpenTelemetry (OTEL) data model incorrectly passed validation without the tech preview annotation. With this update, a ClusterLogForwarder CR that is configured for a LokiStack output with the OTEL data model correctly fails validation unless the tech preview annotation is included. (LOG-7280)
  • Before this update, the diagnostic tool of the Red Hat OpenShift Logging Operator did not automatically collect certain diagnosis data. With this update, the operators.openshift.io/must-gather-image annotation has been added to the Operator’s ClusterServiceVersion. As a result, you can now use the --all-images flag to automatically collect the Operator’s diagnostic data successfully. (LOG-7304)
  • Before this update, you could not create the AlertingRule CR for the infrastructure logs without specifying a namespace label. This limitation prevented alerts from being created in certain scenarios. With this update, you can create the RecordingRule and AlertingRule CRs in the infrastructure and audit logs without specifying a namespace label. (LOG-7317)
  • Before this update, the ClusterLogForwarder API did not validate the URL scheme for Kafka outputs, which could lead to configuration errors. With this update, the ClusterLogForwarder API validates the URL scheme for Kafka outputs, and the API documentation reflects the valid URL scheme. (LOG-7387)
  • Before this update, a log record with a malformed timestamp could cause the Vector agent to panic when attempting to forward logs to Loki. With this update, error handling for out-of-range timestamp values has been improved resolving the issue. (LOG-7599)

1.6.2. CVEs
Link kopieren

1.7. Logging 6.2.3 Release Notes
Link kopieren

This release includes RHBA-2025:8138.

1.7.1. Bug Fixes
Link kopieren

  • Before this update, the cluster logging installation page contained an incorrect URL to the installation steps in the documentation. With this update, the link has been corrected, resolving the issue and helping users successfully navigate to the documentation. (LOG-6760)
  • Before this update, the API documentation about default settings of the tuning delivery mode for log forwarding lacked clarity and sufficient detail. This could lead to users experiencing difficulty in understanding or optimally configuring these settings for their logging pipelines. With this update, the documentation has been revised to provide more comprehensive and clearer guidance on tuning delivery mode default settings, resolving potential ambiguities. (LOG-7131)
  • Before this update, merging data from the message field into the root of a Syslog log event caused inconsistencies with the ViaQ data model. These inconsistencies could overwrite system information, duplicate data, or corrupt the log event. This update makes Syslog parsing and merging consistent with the other output types and resolves the issue (LOG-7185)
  • Before this update, log forwarding failed when the cluster-wide proxy configuration included a URL with a username containing an encoded @ symbol; for example, user%40name. This update adds the correct support for URL-encoded values in proxy configurations and resolves the issue. (LOG-7188)

1.7.2. CVEs
Link kopieren

1.8. Logging 6.2.2 Release Notes
Link kopieren

This release includes RHBA-2025:4526.

1.8.1. Bug Fixes
Link kopieren

  • Before this update, logs without the responseStatus.code field caused parsing errors in the Loki distributor component. This happened when using the OpenTelemetry data model. With this update, logs without the responseStatus.code field are parsed correctly. (LOG-7012)
  • Before this update, the Cloudwatch output supported log events up to 256 KB in size. With this update, the Cloudwatch output supports up to 1 MB in size to match the updates published by Amazon Web Services (AWS). (LOG-7013)
  • Before this update, auditd log messages with multiple msg keys could cause errors in collector pods, because the standard auditd log format expects a single msg field per log entry that follows the msg=audit(TIMESTAMP:ID) structure. With this update, only the first msg value is used, which resolves the issue and ensures accurate extraction of audit metadata. (LOG-7014)
  • Before this update, collector pods would enter a crash loop due to a configuration error when attempting token-based authentication with an Elasticsearch output. With this update, token authentication with an Elasticsearch output generates a valid configuration. (LOG-7017)

1.9. Logging 6.2.1 Release Notes
Link kopieren

This release includes RHBA-2025:3908.

1.9.1. Bug Fixes
Link kopieren

  • Before this update, application programming interface (API) audit logs collected from the management cluster used the cluster_id value from the management cluster. With this update, API audit logs use the cluster_id value from the guest cluster. (LOG-4445)
  • Before this update, issuing the oc explain obsclf.spec.filters command did not list all the supported filters in the command output. With this update, all the supported filter types are listed in the command output. (LOG-6753)
  • Before this update the log collector flagged a ClusterLogForwarder resource with multiple inputs to a LokiStack output as invalid due to incorrect internal processing logic. This update fixes the issue. (LOG-6758)
  • Before this update, issuing the oc explain command for the clusterlogforwarder.spec.outputs.syslog resource returned an incomplete result. With this update, the missing supported types for rfc and enrichment attributes are listed in the result correctly. (LOG-6869)
  • Before this update, empty OpenTelemetry (OTEL) tuning configuration caused validation errors. With this update, validation rules have been updated to accept empty tuning configuration. (LOG-6878)
  • Before this update the Red Hat OpenShift Logging Operator could not update the securitycontextconstraint resource that is required by the log collector. With this update, the required cluster role has been provided to the service account of the Red Hat OpenShift Logging Operator. As a result of which, Red Hat OpenShift Logging Operator can create or update the securitycontextconstraint resource. (LOG-6879)
  • Before this update, the API documentation for the URL attribute of the syslog resource incorrectly mentioned the value udps as a supported value. With this update, all references to udps have been removed. (LOG-6896)
  • Before this update, the Red Hat OpenShift Logging Operator was intermittently unable to update the object in logs due to update conflicts. This update resolves the issue and prevents conflicts during object updates by using the Patch() function instead of the Update() function. (LOG-6953)
  • Before this update, Loki ingesters that got into an unhealthy state due to networking issues stayed in that state even after the network recovered. With this update, you can configure the Loki Operator to perform service discovery more often so that unhealthy ingesters can rejoin the group. (LOG-6992)
  • Before this update, the Vector collector could not forward Open Virtual Network (OVN) and Auditd logs. With this update, the Vector collector can forward OVN and Auditd logs. (LOG-6997)

1.9.2. CVEs
Link kopieren

1.10. Logging 6.2.0 Release Notes
Link kopieren

This release includes Logging for Red Hat OpenShift Bug Fix Release 6.2.0.

1.10.1. New Features and Enhancements
Link kopieren

1.10.1.1. Log Collection
Link kopieren

  • With this update, HTTP outputs include a proxy field that you can use to send log data through an HTTP proxy. (LOG-6069)

1.10.1.2. Log Storage
Link kopieren

  • With this update, time-based stream sharding in Loki is now enabled by the Loki Operator. This solves the issue of ingesting log entries older than the sliding time-window used by Loki. (LOG-6757)
  • With this update, you can configure a custom certificate authority (CA) certificate with Loki Operator when using Swift as an object store. (LOG-4818)
  • With this update, you can configure workload identity federation on Google Cloud Platform (GCP) by using the Cluster Credential Operator in OpenShift 4.17 and later releases with the Loki Operator. (LOG-6158)

1.10.2. Technology Preview
Link kopieren

Important

The OpenTelemetry Protocol (OTLP) output log forwarder is a Technology Preview feature only. Technology Preview features are not supported with Red Hat production service level agreements (SLAs) and might not be functionally complete. Red Hat does not recommend using them in production. These features provide early access to upcoming product features, enabling customers to test functionality and provide feedback during the development process.

For more information about the support scope of Red Hat Technology Preview features, see Technology Preview Features Support Scope.

  • With this update, OpenTelemetry support offered by OpenShift Logging continues to improve, specifically in the area of enabling migrations from the ViaQ data model to OpenTelemetry when forwarding to LokiStack. (LOG-6146)
  • With this update, the structuredMetadata field has been removed from Loki Operator in the otlp configuration because structured metadata is now the default type. Additionally, the update introduces a drop field that administrators can use to drop OpenTelemetry attributes when receiving data through OpenTelemetry protocol (OTLP). (LOG-6507)

1.10.3. Bug Fixes
Link kopieren

  • Before this update, the timestamp shown in the console logs did not match the @timestamp field in the message. With this update the timestamp is correctly shown in the console. (LOG-6222)
  • The introduction of ClusterLogForwarder 6.x modified the ClusterLogForwarder API to allow for a consistent templating mechanism. However, this was not applied to the syslog output spec API for the facility and severity fields. This update adds the required validation to the ClusterLogForwarder API for the facility and severity fields. (LOG-6661)
  • Before this update, an error in the Loki Operator generating the Loki configuration caused the amount of workers to delete to be zero when 1x.pico was set as the LokiStack size. With this update, the number of workers to delete is set to 10. (LOG-6781)

1.10.4. Known Issues
Link kopieren

  • The previous data model encoded all information in JSON. The console still uses the query of the previous data model to decode both old and new entries. The logs that are stored by using the new OpenTelemetry data model for the LokiStack output display the following error in the logging console: 

    __error__ JSONParserErr
__error_details__ Value looks like object, but can't find closing '}' symbol

    You can ignore the error as it is only a result of the query and not a data-related error. (LOG-6808)

  • Currently, the API documentation incorrectly mentions OpenTelemetry protocol (OTLP) attributes as included instead of excluded in the descriptions of the drop field. (LOG-6839).

1.10.5. CVEs
Link kopieren

Red Hat logoGithubredditYoutubeTwitter

Lernen

Testen, kaufen und verkaufen

Communitys

Über Red Hat Dokumentation

Wir helfen Red Hat Benutzern, mit unseren Produkten und Diensten innovativ zu sein und ihre Ziele zu erreichen – mit Inhalten, denen sie vertrauen können. Entdecken Sie unsere neuesten Updates.

Mehr Inklusion in Open Source

Red Hat hat sich verpflichtet, problematische Sprache in unserem Code, unserer Dokumentation und unseren Web-Eigenschaften zu ersetzen. Weitere Einzelheiten finden Sie in Red Hat Blog.

Über Red Hat

Wir liefern gehärtete Lösungen, die es Unternehmen leichter machen, plattform- und umgebungsübergreifend zu arbeiten, vom zentralen Rechenzentrum bis zum Netzwerkrand.

Theme

© 2026 Red HatNach oben