DataDog DataDog Update Version 7.78.0

Views
5

Your rating
Rate update installation process

Log in to rate this update.
Login

Risk factor
No ratings yet. Be the first to rate this update.

Smooth installs 0%
Minor issues 0%
Major issues 0%

Update Summary

7.78.0 introduces new Agent capabilities including AWS cloud auth for API key exchange, dd-procmgrd process management, SBOM generation, and Kubernetes CRD-based KSM scheduling. It also changes APM OTLP attribute precedence, adds security hardening, and includes multiple bug fixes.

Update Details

Security

  • The CMD API gRPC server now requires client certificates (mTLS).
  • Security enrichment for SBOMs now flags SUID binaries and processes running as root.
  • secrets-generic-connector now supports X-Vault-AWS-IAM-Server-ID for HashiCorp Vault AWS authentication to help prevent replay attacks.
  • Bumped the Security Agent policies to v0.78.0.

Bug Fixes

  • APM SQL stats now handle long resources correctly by truncating after obfuscation, avoiding trace-agent parse errors.
  • APM workload selection policy files are now written atomically to prevent readers from seeing partial files.
  • Logs auditor flush logic now drains pending payloads before writing the registry, reducing duplicate log processing after transport changes.
  • DBM table name extraction now correctly collects all tables from comma-separated lists.
  • The diagnose command now returns an error when no API key is configured.
  • KSM Core no longer panics when advanced dispatching is disabled in cluster check mode.
  • Kafka actions now support configurations where kafka_connect_str is a list.
  • diskv2 on Windows now respects the configured timeout during partition discovery and avoids duplicate goroutines when offline volumes are present.

New Features

  • APM OTLP now uses per-concept precedence when resolving equivalent OpenTelemetry semantic convention attributes.
  • The Agent can now exchange AWS cloud authorization proof for an API key, removing the need to manage an API key manually.
  • The autoscaling vertical controller now supports in-place vertical pod resizing.
  • A new configuration provider can schedule KSM checks from CustomResourceDefinitions using the kube_crd listener.
  • CNM now collects seven additional per-connection TCP congestion signals via eBPF on Linux.
  • dd-procmgrd can now read process definitions, manage child lifecycles, supervise restarts, and control DDOT lifecycle management.
  • Automatic SBOM generation for running containers is now available via system-probe, including runtime usage tracking and gRPC forwarding.
  • The APM SSI installer on Windows now automatically enables system-probe to report injection telemetry from the ddinjector driver.
  • A new CLI command, agent validate-pod-annotation, validates pod check annotation JSON before applying it.
  • The Agent now supports cluster names that start with a digit or contain underscores.
  • The disk check now falls back to lsblk when blkid fails, improving disk label tagging for non-root users.
  • The kafka_actions check now inherits Schema Registry settings from kafka_consumer automatically.
  • Podman monitoring now supports multiple database paths and improved auto-discovery for root and rootless users.
  • FIPS variants of the ddot-collector and agent -full images are now published.

Hints

  • Upgrade note: APM OTLP attribute lookup behavior changed for concepts represented by different old/new semantic convention keys across span and resource attributes.
  • The new KSM CRD provider must use the standard Kubernetes GroupVersionKind format in AdvancedADIdentifier and otherwise uses standard KSM configuration.
  • Remote Agent Management is enabled by default on FIPS environments when Remote Configuration is explicitly enabled.
  • The resource discovery agent (system-probe-lite) now wraps system-probe and falls back to it when discovery is disabled, discovery.useSystemProbeLite is false, or any non-discovery system-probe feature is enabled.
  • Agents are now built with Go 1.25.8.
  • DDOT now sets deployment_type to daemonset by default, or gateway when Gateway mode is enabled.
  • The podman_db_path option can accept a comma-separated list of paths; if unset, the Agent auto-discovers Podman databases for root and users under /home/.
  • The kubernetes_use_endpoint_slices flag is documented.
  • The X-Datadog-Additional-Tags header now includes hostname and agent version on data-streams-message HTTP requests.
  • The release notes reference the 7.78.0 tag on integrations-core for Core Checks changes.

Links

Product Information

Vendor: DataDog

Product: DataDog

Version: 7.78.0

Release date: Apr 15, 2026

View All Updates