Watch this page for updates — click the 3-dot menu upper right, then subscribe
Want to receive all monthly Product Updates? Click to subscribe to the series
Revised January 27, 2022
In December, we released the 21.12.0 Controller and Enterprise Console—as well as key product enhancements and agent updates.
A number of updates were made in response to the Log4j zero-day Apache vulnerability first discovered on December 9, 2021. We also resolved issues associated with the previous release.
Table of Contents
What release highlights should I know about?
These release highlights include the newest features and capabilities this month, at a glance. In the grid below, we’ve flagged who within your organization may be most interested or impacted for each enhancement.
CATEGORY
|
ENHANCEMENT
|
USER and
PERFORMANCE ANALYST
|
ADMIN and IMPLEMENTER
|
DEVELOPER
|
|
|
|
✓ |
✓ |
|
|
|
|
✓
|
✓
|
|
|
|
✓
|
✓
|
|
|
|
✓ |
✓ |
|
|
|
✓
|
✓
|
|
|
|
✓
|
✓
|
|
|
|
|
✓ |
✓ |
|
|
|
✓
|
✓
|
✓ |
|
|
✓
|
✓ |
|
Full-stack Observability
Cisco Secure Application for .NET
- With the latest Cisco Secure Application enhancement, you can now monitor the security of .NET Core applications, supporting the monitoring of both libraries and vulnerabilities. Available in .NET agent version 21.12.0 or newer (Released December 17, 2021)
Agent Updates
Log4j zero-day Apache vulnerability updates
- To account for the Apache Log4j vulnerability, the following Agents have upgraded log4j libraries that address the CVE-2021-44228 and CVE-2021-45046 vulnerabilities
- Apache Web Server Agent
- Database Agent
- Java Agent
- Machine Agent
- PHP Agent
- Python Agent
For more information about this security vulnerability and what fixes have been put in place, please refer to the AppDynamics Security Advisory: Apache Log4j Vulnerability page. (Released December 11, 2021)
iOS Agent
- This release includes a local config setting for the fetch flag in JavaScript Agent Injection. This setting can be found in the SDK documentation. (Released December 7, 2021)
JavaScript Agent
- Angular 12 support with JS Agent 21.12.0. Optimization to detect Content Security Policy (CSP) violations. (Released December 16, 2021)
.NET Agent
- Refactored all HTTP-based communications including adding support for HttpClient.
- Avoids instrumenting default Azure processes OOTB.
- Usage of a Default Logger (console/file) will log even if no log file exists. Please see Log Configuration Options documentation for more details.
- Support of monitoring libraries and vulnerabilities with Cisco Secure Application with .NET Core.
(Released December 17, 2021)
Cluster Agent
- The AppDynamics Operator 21.12.0 is a major release and is compatible with Cluster Agent >= 21.12.0 only.
- Cluster Agent Helm Charts version 1.1.0 is a major release. It is only compatible with Cluster Agent >= 21.12.0 and AppDynamics Operator >= 21.12.0.
- You can now use Cluster Agent Helm charts to install Cluster Agent and Infrastructure Visibility individually or simultaneously.
- You can get the Operator artifacts embedded in the Cluster Agent artifacts from the download portal to create custom Operator Images.
- AppDynamics Operator Github account will be deprecated after December 31, 2021.
(Released December 20, 2021)
System Admin Updates
SAML Federation with AppDynamics Accounts
- Company Administrators are now able to use SAML 2.0 to federate your identity provider with AppDynamics Accounts. By federating with AppDynamics, you will be able to ensure that your Accounts users can log in through your enterprise IDP using their corporate credentials.
As with any SAML federation, all identity credentials remain in your control, but the users themselves can be granted access to AppD resources through the Account Management Portal. Learn more about SAML federation in the documentation, under the Account Management Portal area. (December 13, 2021)
Controller
Log4j vulnerability patches
The Log4j vulnerability was addressed in release version 21.12.1 rather than base version 21.12.0.
For more information about this security vulnerability and the fixes that have been put in place, please refer to the AppDynamics Security Advisory: Apache Log4j Vulnerability page.
Show/hide setting for Schedule End Date column
With the new show/hide Schedule End Date setting on the Browser Synthetic monitoring jobs page, there is no need to open each synthetic job individually to identify its scheduled end date.
NOTE | To view all technical documentation associated with this month’s releases, please visit Product Announcements, Alerts, and Hot Fixes in our documentation portal.
To Table of Contents | To Resource List
Heads up - What else you should know
- AppDynamics University just launched a new website designed with usability in mind. It includes comprehensive details about course offerings, as well as a page for the new Learning Recognition digital badge program.
- More new instructor-led classes have been added to the AppDynamics University catalog! Check out the Short Focused Topics, which allow Premium University subscription holders to attend a single-topic, instructor-led training.
|
COURSE CODE
|
COURSE DESCRIPTION
|
|
SFRT234
|
Expand Your Troubleshooting Capabilities with Development-level Monitoring
|
|
SFT235
|
Capture Transaction Snapshots with Diagnostic Sessions
|
|
SFT236
|
Monitor Key Performance Metrics with Health Rules
|
|
SFT262
|
Create Dynamic Dashboards with Dash Studio
|
Other recently added courses include: DEV310 (Developers: AppDynamics for release comparison and validation); PRO 520 (Pro Series: Building effective dashboards with AppDynamics); and SAP210 (AppDynamics essentials for SAP).
To learn more about these offerings, go to AppDynamics University and search for the course code. (December 15, 2021)
- Earlier this year, the AppDynamics University team launched a new collection of official digital learning recognition credentials—distinct from the technical certification badges released prior. To date, 2,000+ recognition badges and 1,800+ certification badges have been issued!
Learn more in AppDynamics Learning Recognition Badges - FAQs, in the AppD University Group Hub. (June 17, 2021)
- Want to learn about those small adjustments that make a big difference? We invite you to our Share a tip space, where AppD Community members can exchange peer-to-peer advice. Be sure to add your own insights too.
To Table of Contents | To Resource List
Share your feedback! Participate in a Beta today
We’re currently running the following Beta program and looking for your feedback:
- Submit feedback on the Dash Studio through the in-product feedback button, or in Community here.
To Table of Contents | To Resource List
Resolved Issues
The following key issue was resolved this month. To see a complete listing of this month's resolved issues, see Resolved Issues by Month.
- (DBMON-8432) Apache Log4j2 version 2.0 <= Apache log4j2 <= 2.14.1 Vulnerable to RCE. Fixed.
- (DBMON-8436) Apache Log4j2 version 2.0 Vulnerable to RCE. Fixed.
- (DBMON-8443) Apache Log4j2 version 2.16 Vulnerable to DOS attack. Fixed.
- (LIC-1525) ABL: Current License consumption is not displayed for license rule for each module type. Fixed.
For information about the log4j Apache vulnerability,
see the Agent Updates section, above
Get Started
PLEASE NOTE: customers are advised to check backward compatibility in the Agent and Controller Compatibility documentation.
Can’t find what you’re looking for? Need more assistance?
Ask a question in the Latest Release forum.
To Table of Contents
