Skip to content

DAVE-6.3.1 release notes

This document is a summary of content, changes, limitations and fixes of this release as compared to DAVE-6.3.0 release

Refer to the the punchplatform official site if you look for the complete documentations and resources.

The documentation for this release can be found inside the deployment archives (standalone and deployer versions), and at

The documentation for the most recent release can be found at

Note about upgrades: Please carefully review the upgrade documentation for this release thoroughly before upgrading your clusters. The upgrade notes (e.g. upgrade from 6.2 to 6.3) discuss every critical information about incompatibilities and breaking changes, performance changes, and any other configuration changes that might impact your production deployment of Punchplatform.

Release main features and enhancements


The 6.3 release is elected as punch LTS release. Check the roadmap documentation for details.

Zookeeper Update

Zookeeper has been updated to 3.5.7. Make sure you update your platform.

SSL/TLS and other Punchplatform security secrets deployment


Prior to version 6.3.3, consider extraction feature as not working although in some very simple use-case you might be getting the desired behavior.

Other Improvements

  • #1311 Improve syslog udp output node to read bytes from a kafka output node
  • #1298 ES API wrapper for easy 'curls' with operator credentials
  • #1290 allow credential folders settings to be relative to PUNCHPLATFORM_CONF_DIR
  • #1289 Foreground execution of punchline through Gateway should use HTTP Streaming / Long polling
  • #1255 configuration auditing
  • #1252 make all clis generate well defined json output
  • #1002 channelctl start should report errors in punchlines and punchlets syntax
  • #1325 added a new aleter module for elastalert: Zabbix Alerter

Bug Fixes

  • #1275 some kibana plugins configuration cannot be updated/deployed
  • #1310 security breach in elasticsearch housekeeping
  • #1301 punchplatform log injector cannot read kafka with ssl
  • #1297 Missing security2.conf file while deploying modsecurity on redhat os
  • #1296 typo errors while generating metricbeat configuration file with kafka-reporters
  • #1294 punchlinectl resolve wrongly connects to kafka, preventing debug of resolution
  • #1293 Elastic Beats Kafka outputs cannot be deployed with ssl
  • #1287 not working with ssl on operator node hosting zookeper daemon
  • #1286 default (empty) user_secrets.json not created for operator
  • #1279 bad (mandatory/default) settings for ssl settings

Release main open-sources components integrated versions

Open-source punch is integrated with Version by default for this Punchplatform release Previously
Elastic stack (Elasticsearch, Kibana, Beats, Logstash) upgraded to 7.8.0 7.4.2 since Dave 6.0.0
Spark 2.4.3 (hadoop 2.7) unchanged since Dave 6.0.0
Storm upgraded to 2.2.0 2.1.0 since Dave 6.0.0
Kafka 2.11_2.4.0 unchanged since Dave 6.0.0
Python 3.6.8 unchanged since Dave 6.0.0
Zookeeper 3.5.7 3.5.5 since Dave 6.0.0
Elastalert 0.2.4 unchanged since Dave 6.0.0
Opendistro stack (opendistro-security) since Dave 6.0.0
Clickhouse server unchanged since Dave 6.0.0
Minio 2020-08-26T00-00-49Z 2019-12-17T23-16-33Z since 6.0.0
Ansible 2.9.7 unchanged since Dave 6.0.0
Apache Modsecurity module 2.9.0-1 unchanged since Dave 6.0.0
Ceph 13.2.5 unchanged since Craig 5.0
Elasticsearch Curator 5.5.4 5.5.4 since Dave 6.0.0
siddhi-core library 4.3.17 unchanged since Dave 6.0.0