Agent v2.5.0

September 4, 2025

New Features

• SNMP Trap Source Node: Added an SNMP Trap source node that listens for SNMP trap events, enabling real-time monitoring and alerting from network devices and infrastructure components.
• SNMP Pull Source Node: Introduced an SNMP Pull source node (previously SNMP) that actively polls SNMP data from devices, providing comprehensive network monitoring capabilities with configurable polling intervals.
• Syslog Source Node: Added a Syslog source node supporting both TCP and UDP protocols for receiving syslog messages, enabling centralized log collection from network devices, applications, and systems.
• Splunk TCP Source Node: Introduced a Splunk TCP source node for receiving data from Splunk Universal Forwarders, facilitating seamless migration and integration with existing Splunk deployments.
• HTTP Dispatcher Component: Added an HTTP dispatcher component that enables multiple HTTP sources to share the same port with request filtering and routing capabilities, eliminating port conflicts and simplifying configuration.
• EDXEncrypt and EDXDecrypt Functions: Introduced OTTL crypto functions EDXEncrypt and EDXDecrypt providing AES-256-CBC/GCM encryption capabilities with local key management for secure data transformation within pipelines.
• EDXRedis Extension: Added Redis integration to OTTL enabling advanced use cases such as stateful processing, caching, and cross-pipeline data sharing.
• EDXDecode Function: Introduced an OTTL function EDXDecode to decode URL-encoded and hex-encoded strings, simplifying data normalization tasks.

Improvements

• HTTP Pull Source Enhancements: Added URL following mode for APIs that return content URLs, implemented RFC 5988 Link header parsing for pagination, enabled parallel fetching with configurable concurrency, added OTTL expression support for dynamic endpoints and headers, implemented header inheritance for paginated requests with security controls, and added support for OAuth2 client credentials flow.
• Splunk Integration Enhancements: Enhanced Splunk HEC source with configurable header extraction to attributes for preserving authentication tokens and metadata. Updated Splunk destination to support dynamic token override via OTTL expressions and allow empty index values for improved flexibility.
• Source Detection Performance: Refactored source detection to use on-demand processing with Redis backing, significantly reducing detection time and improving onboarding speed. Fixed concurrent access issues and excluded Edge Delta internal sources from detection.
• Telemetry Generator Enhancements: Enhanced the Telemetry Generator with support for multiple metric configurations per template and introduced combined log format with separators for improved usability and template management.
• OTLP Support Enhancements: Added JSON encoding support for OTLP-based sources and destinations with HTTP protocol, improving compatibility with various OTLP implementations.
• GCS Destination Improvements: Enhanced the GCS destination with fixed path prefix handling to honor configured bucket paths correctly. Enhanced authentication support for Workload Identity and improved nil data handling for increased stability.
• Connector Metadata Support: Extended connector metadata enrichment to File, Kubernetes, Exec, and port-based sources, providing consistent context across all source types.
• Validation and Error Handling: Added validation for MinIO endpoints to require protocol specification, preventing configuration errors. Centralized node upload failure reporting for consistent error handling across all destination nodes. Enhanced capture payload handling with size thresholds to prevent oversized payloads.
• OTTL Function Improvements: Added EDXEnv function for retrieving environment variables with fallback support, enabling secure credential management in configurations.
• HTTP Source Rate Limiting: Added configurable rate limiting for HTTP-based sources to control data ingestion rates and prevent overwhelming the pipeline.

Bug Fixes

• GCS Path Prefix: Fixed an issue where GCS destination ignored configured path prefixes, causing files to be written to incorrect locations.
• Nil Pointer Fixes: Resolved nil pointer dereferences in GCS destination strategy and Telemetry Generator node that could cause agent crashes.
• Compactor Test Data Race: Fixed a data race condition in Compactor unit tests improving test stability.

Security

• OAuth2 Authentication: Added OAuth2 client credentials flow support to HTTP Pull source and HTTP destination nodes, enhancing security for API integrations.
• Encryption Support: Implemented local key management with AES-256 encryption for sensitive data processing within pipelines.
• Header Security: Added same-origin validation and automatic blocking of hop-by-hop headers in pagination requests to prevent token leakage.