April 15, 2026 - v1.99.1

Deprecations

Bindplane BBolt store (not to be confused with Persistent Queue BBolt) was deprecated in February 2025 and removed in Bindplane v1.99.1. If using BBOLT store, please upgrade to v1.98.2 and migrate to Postgres before proceeding with v1.99.1.

bindplane migrate-store --help

See the migration command documentation here.

Features

New Processors

• Parse with Grok – New Parse with Grok processor with a Grok editor featuring pattern autocomplete, syntax highlighting, and regex highlighting inside grok literals

• GeoIP Processor – New GeoIP processor for enriching telemetry with geographic data

• OCSF Standardization Processor (Beta) – New OCSF Standardization processor with support for profiles, class autocomplete, from/to/default field autocomplete, schema validation, and nested required-field validation

New Destinations

• Amazon Security Lake – New Amazon Security Lake destination with a built-in OCSF standardization recommendation

Source & Destination Enhancements

• REST API Source – Added epoch timestamp support, tokenized offset pagination, NDJSON support, custom headers, and ISO basic date format handling

• Prometheus Source – Added authorization bearer token support

• Google Cloud Storage Destination – Exposed exporter timeout setting

• Google Pub/Sub – Added Google Pub/Sub as an event source

• File Destination – Added encoding extension support

• Webhook Destination – Added payload format configuration option

• Kubelet Source – Exposed metadata labels option

• k8s_cluster / k8s_kubelet Sources – Added metric filtering support

• AWS CloudWatch Source – Added Kubernetes and OpenShift deployment platform support

• Transform Agent – Added TLS support when connecting to the Transform Agent

Windows Improvements

• Windows Event Log – Added SID resolution configuration UI and an include_log_record_original parameter for the Windows Event Trace receiver

• Pipeline Intelligence – Pipeline Intelligence can now generate XML queries for Windows Events

User & Access Management

• Multiple API Keys per User – Users can now create multiple API keys, each with an optional expiration date

• API Key Last Used Tracking – API keys now record the last-used timestamp

• SSO Enhancements – SSO is now available in BGE

CLI

• apply Command – The apply command now supports directories and glob patterns as input

Blueprints

• Added example telemetry previews to multiple blueprints including Parse Timestamp, Remove Windows Event Messages, Rewrite Timestamps to RFC5424, Windows SecOps Standardization, and others

• Added a blueprint link to the Failed Delete dialog

License & Account

• License Expiration UI – License expiration is now surfaced in the UI

Fleets

• Users can now rename fleets directly from the UI

Bug Fixes

• File Source – Added missing top_n and exclude_older_than parameters

• SSO – Fixed account linking by email not working in some cases

• SSO – Fixed Google OAuth rejecting verified email addresses

• S3 (Enhanced Indexing) – Corrected config generation for enhanced indexing

• Kubernetes – Node agents now run on all nodes regardless of node taints

• Kafka Source – Fixed topics parameter not being used correctly

• Kafka Destination – Moved top-level topic and encoding to per-signal config keys

• Windows Event Log – Fixed syntax error in custom channel loop; updated event_data format to flat map; quoted provider names to prevent YAML map parsing errors

• OCSF – Fixed nested validation for required fields when mapped; fixed null check in standardization processor; fixed "Validate OCSF Schema" button not appearing with library resources

• Agents – Fixed agents stuck in pending upgrade status being blocked from upgrading

• Duplicate Agents – Fixed a blocking issue when multiple duplicate agents were being reassigned simultaneously; fixed duplicate cache not clearing after a successful connection

• Custom Resources – YAML output for custom resources is now deterministic

• Extensions – Fixed extension modal header display and save behavior

• OTTL – Fixed OTTL conditions not rendering correctly after save

• REST API Source – Fixed ISO basic date format parsing; fixed scopes field handling

• Pipeline Intelligence – Fixed empty blueprint recommendation; fixed Global PI recommendations not saving

• Blueprints – Fixed deleted library processors causing errors in the blueprint UI

• Regex Editor – Fixed cursor being unable to move past named capture groups

• System Status Page – Replaced raw internal error messages with user-friendly messages

• Resource Creation – Fixed visual bugs in the resource creation flow

• Configuration Search – Fixed search returning no results when it should return empty

• Integrations – Fixed live integration status not displaying on the project page

• VMware vCenter Source – Synced metric names with the upstream receiver

• Cloudflare Source – Fixed TLS settings

• ClickHouse – Updated event restructuring and processors per ClickHouse team requirements

• AWS Security Lake – Fixed destination pointing to the wrong distribution

• QuickStart Checklist – Fixed a permission error when dismissing the checklist

• SecOps Parser – Validator now accepts non-string log body data

Misc

• Updated EULA and privacy policy acceptance flow

• SSO login removed from private preview