Skip to main content

Version 2.0.0 Released

RegionRelease Date
USJune 18, 2026, Thursday — 07:40 EST (12:40 UTC)
AUSJune 19, 2026, Friday — 06:20 AEST (20:20 UTC)
EuropeJune 18, 2026, Thursday — 23:00 CEST (21:00 UTC)

Version 2.0.0 is a landmark release that takes the Director core to the next level — building on its proven foundation to deliver even faster processing, higher throughput, and more resilient operation at scale. New Rules & Alerts, Library, and REST API capabilities give teams richer visibility into system health, far less repetitive configuration work, and powerful new automation. Ten new device integrations and six new targets extend DataStream's reach even further across cloud, streaming, network flow, and protocol-based destinations, bringing more of your environment into the platform right out of the box.

🚀 New Features

  • Director 2.0 — The next generation of the Director core elevates everything teams already rely on. Log collection and processing are noticeably faster, the platform sustains even higher throughput under the heaviest loads, and operation is more robust and resilient than ever in the most demanding production environments — an outstanding, future-ready foundation that scales effortlessly as your data grows.

  • Rules & Alerts — Define powerful rules around log volume and the performance of Directors, devices, and targets, and let matched rules raise alerts automatically. Teams enjoy continuous, end-to-end visibility into system health and can stay comfortably ahead of emerging issues before they ever affect operations.

  • Library — A polished central home for the lookup tables, schemas, and Grok patterns your pipelines and targets rely on. Define each once and reuse it everywhere — eliminating duplicated effort, banishing inconsistencies, and making configuration faster and more enjoyable than ever.

  • Director Proxy — Proxy settings now live elegantly within Director configurations, giving teams a single, predictable place to manage connectivity wherever traffic is routed through proxies — and a remarkably smooth setup experience even in tightly restricted networks.

  • Director TLS — Director-to-Agent communication can now be effortlessly encrypted in transit, giving teams complete confidence that sensitive data stays protected and making security and compliance requirements easy to satisfy.

  • REST API Support — Rich programmatic access is now available right across the platform, with handy inline API examples on every create screen. Teams can automate provisioning and configuration with ease, integrate DataStream seamlessly with existing tooling, and reclaim valuable time from repetitive manual work.

  • Account Termination — Tenant owners can confidently remove their tenant and all associated data entirely on their own terms, giving organizations complete control over their data and making data-ownership and compliance obligations simple to honor.

🔧 Improvements

New Devices

  • SMTP — Effortlessly bring email-protocol logs into your telemetry so mail-flow activity is fully covered.
  • TFTP — Capture Trivial File Transfer Protocol activity for even richer network visibility.
  • IPFIX — Ingest standardized network flow data for a sharper, deeper understanding of traffic across your environment.
  • NetFlow — Bring Cisco NetFlow into the platform for best-in-class network traffic monitoring.
  • sFlow — Sample network traffic to keep effortless watch over high-volume environments without overwhelming collection.
  • Datagen — Generate synthetic data to test and validate pipelines with total confidence before going live.
  • File — Ingest log data straight from files, making even your existing log stores wonderfully easy to onboard.
  • Datastream Stats — Collect the platform's own statistics and metrics for powerful, deeper operational insight.
  • Microsoft Graph API — Pull Microsoft 365 and Azure AD data to extend coverage seamlessly across your entire Microsoft estate.
  • Google Cloud Pub/Sub — Tap Google Cloud managed messaging as an input to reach even more of your cloud workloads.

New Targets

  • Google Cloud Logging — Send logs to Google Cloud's managed logging service to centralize visibility beautifully in GCP.
  • Google Cloud Pub/Sub — Stream logs into Google Cloud messaging to feed downstream cloud workflows with ease.
  • Google Cloud Storage — Archive logs to Google Cloud object storage for wonderfully cost-effective, durable retention.
  • ClickHouse — Deliver logs to a high-performance analytics database for blazing-fast querying at scale.
  • HTTP — Forward logs to any HTTP endpoint, making integration with custom and third-party systems delightfully simple.
  • Syslog — Send logs to Syslog-compatible receivers to fit perfectly into your existing infrastructure.

Content Hub

Now ships with 328 ready-to-use packs, up from 92—a major expansion of out-of-the-box coverage across vendors and platforms.

Configuration

  • TLS Format Validation — Certificate and key formats are now checked right at configuration time on every device and target that supports TLS, so misconfigurations are caught early and teams sail past the troubleshooting headaches that used to follow deployment.

  • Input Validation — Throughout the GUI, invalid values are now caught the moment they're entered, sparing teams avoidable errors down the line.

Monitoring

  • Log Stream Column Update — The log stream now zeroes in on the most recent 15-minute window, giving teams a wonderfully clear, current picture of activity across devices, targets, Directors, and Clusters.

🐛 Bug Fixes

Cluster Management

  • Immediate Update Despite User Action Configuration — Clusters set for user-initiated updates now wait for confirmation exactly as intended, keeping teams firmly in control of when changes are applied.

  • Edit Blocked When Update Notification Present — A pending update notification no longer blocks editing, so Clusters can be managed smoothly and without interruption.

  • Incorrect Director Count in Cluster List — The Cluster listing now shows the correct Director count, giving teams accurate, trustworthy information at a glance.

Devices & Targets

  • Connection Status Shown as Connected When Disabled — Disabled devices and targets now correctly show as disconnected, so teams always have a clear, accurate view of what's actually running.

  • Target Deletion Allowed When Linked to Advanced Route — Targets tied to an Advanced Route are now safely protected from accidental deletion; teams are gently guided to remove the association first, preventing any unexpected disruption.

  • Field Display Errors in Certain Devices and Targets — Configuration screens now display every field correctly, making setup clearer and more pleasant than ever.

  • Vault Selection Causing Config Corruption — Selecting a Vault entry now works flawlessly, fully protecting target configurations from any corruption.

  • WEC Device Authentication Field Not Saved — WEC authentication settings now persist reliably, so collection just works without any repeated reconfiguration.

Live Data

  • Filter and Default Value Errors — Filters and default values in the Live Data view now behave perfectly, giving teams a real-time picture they can fully trust.

Profile

  • Agent Status Incorrectly Displayed — Linked agent status now displays accurately in Profile screens, so teams can rely on exactly what they see.

User Management

  • User Preferences Not Editable in Sub-Tenant — An error preventing the users from editing fields in account preferences was fixed.

General

  • Render Issues on Certain Pages — Pages across the platform now render reliably and beautifully, for a smoother day-to-day experience.

  • SSH Key Multiline Issue — SSH key fields now accept full multiline content gracefully.