EMQX v5.7.0

Enhancements

Security

• #12947 For JWT authentication, support new disconnect_after_expire option. When enabled, the client will be disconnected after the JWT token expires.

Note: This is a breaking change. This option is enabled by default, so the default behavior is changed. Previously, the clients with actual JWTs could connect to the broker and stay connected even after the JWT token expired. Now, the client will be disconnected after the JWT token expires. To preserve the previous behavior, set disconnect_after_expire to false.

Data Processing and Integration

• #12671 An unescape function has been added to the rule engine SQL language to handle the expansion of escape sequences in strings. This addition has been done because string literals in the SQL language don't support any escape codes (e.g., \n and \t). This enhancement allows for more flexible string manipulation within SQL expressions.

Extensibility

• #12872 Implemented Client Attributes feature. It allows setting additional properties for each client using key-value pairs. Property values can be generated from MQTT client connection information (such as username, client ID, TLS certificate) or set from data accompanying successful authentication returns. Properties can be used in EMQX for authentication, authorization, data integration, and MQTT extension functions. Compared to using static properties like client ID directly, client properties offer greater flexibility in various business scenarios, simplifying the development process and enhancing adaptability and efficiency in development work.
  Initialization of client_attrs
  The client_attrs fields can be initially populated from one of the following clientinfo fields:

  • cn: The common name from the TLS client's certificate.
  • dn: The distinguished name from the TLS client's certificate, that is, the certificate "Subject".
  • clientid: The MQTT client ID provided by the client.
  • username: The username provided by the client.
  • user_property: Extract a property value from 'User-Property' of the MQTT CONNECT packet.

  Extension through Authentication Responses
  Additional attributes may be merged into client_attrs from authentication responses. Supported
  authentication backends include:

  • HTTP: Attributes can be included in the JSON object of the HTTP response body through a
    client_attrs field.
  • JWT: Attributes can be included via a client_attrs claim within the JWT.

  Usage in Authentication and Authorization
  If client_attrs is initialized before authentication, it can be used in external authentication
  requests. For instance, ${client_attrs.property1} can be used within request templates
  directed at an HTTP server for authenticity validation.

  • The client_attrs can be utilized in authorization configurations or request templates, enhancing
    flexibility and control. Examples include: In acl.conf, use {allow, all, all, ["${client_attrs.namespace}/#"]} to apply permissions based on the namespace attribute.
  • In other authorization backends, ${client_attrs.namespace} can be used within request templates to dynamically include client attributes.

• #12910 Added plugin configuration management and schema validation. For EMQX enterprise edition, one can also annotate the schema with metadata to facilitate UI rendering in the Dashboard. See more details in the plugin template and plugin documentation.

Operations and Management

• #12923 Provided more specific error when importing wrong format into builtin authenticate database.

• #12940 Added ignore_readonly argument to PUT /configs API.
  Before this change, EMQX would return 400 (BAD_REQUEST) if the raw config included read-only root keys (cluster, rpc, and node).
  After this enhancement it can be called as PUT /configs?ignore_readonly=true, EMQX will in this case ignore readonly root config keys, and apply the rest. For observability purposes, an info level message is logged if any readonly keys are dropped.
  Also fixed an exception when config has bad HOCON syntax (returns 500). Now bad syntax will cause the API to return 400 (BAD_REQUEST).

• #12957 Started building packages for macOS 14 (Apple Silicon) and Ubuntu 24.04 Noble Numbat (LTS).

Bug Fixes

Security

• #12887 Fixed MQTT enhanced auth with sasl scram.

• #12962 TLS clients can now verify server hostname against wildcard certificate. For example, if a certificate is issued for host *.example.com, TLS clients is able to verify server hostnames like srv1.example.com.

MQTT

• #12996 Fixed process leak in emqx_retainer application. Previously, client disconnection while receiving retained messages could cause a process leak.

Data Processing and Integration

• #12653 The rule engine function bin2hexstr now supports bitstring inputs with a bit size that is not divisible by 8. Such bitstrings can be returned by the rule engine function subbits.

• #12657 The rule engine SQL-based language previously did not allow putting any expressions as array elements in array literals (only constants and variable references were allowed). This has now been fixed so that one can use any expressions as array elements.
  The following is now permitted, for example:

  select
  [21 + 21, abs(-abs(-2)), [1 + 1], 4] as my_array
  from "t/#"

• #12932 Previously, if a HTTP action request received a 503 (Service Unavailable) status, it was marked as a failure and the request was not retried. This has now been fixed so that the request is retried a configurable number of times.

• #12948 Fixed an issue where sensitive HTTP header values like Authorization would be substituted by ****** after updating a connector.

• #13118 Fix a performance issue in the rule engine template rendering.

Observability

• #12765 Make sure stats subscribers.count subscribers.max contains shared-subscribers. It only contains non-shared subscribers previously.

Operations and Management

• #12812 Made resource health checks non-blocking operations. This means that operations such as updating or removing a resource won't be blocked by a lengthy running health check.

• #12830 Made channel (action/source) health checks non-blocking operations. This means that operations such as updating or removing an action/source data integration won't be blocked by a lengthy running health check.

• #12993 Fixed listener config update API when handling an unknown zone.
  Before this fix, when a listener config is updated with an unknown zone, for example {"zone": "unknown"}, the change would be accepted, causing all clients to crash whens connected.
  After this fix, updating the listener with an unknown zone name will get a "Bad request" response.

• #13012 The MQTT listerners config option access_rules has been improved in the following ways:

  • The listener no longer crash with an incomprehensible error message if a non-valid access rule is configured. Instead a configuration error is generated.
  • One can now add several rules in a single string by separating them by comma (for example, "allow 10.0.1.0/24, deny all").

• #13041 Improved HTTP authentication error log message. If HTTP content-type header is missing for POST method, it now emits a meaningful error message instead of a less readable exception with stack trace.

• #13077 This fix makes EMQX only read action configurations from the global configuration when the connector starts or restarts, and instead stores the latest configurations for the actions in the connector. Previously, updates to action configurations would sometimes not take effect without disabling and enabling the action. This means that an action could sometimes run with the old (previous) configuration even though it would look like the action configuration has been updated successfully.

• #13090 Attempting to start an action or source whose connector is disabled will no longer attempt to start the connector itself.

Gateways

• #12909 Fixed UDP listener process handling on errors or closure, The fix ensures the UDP listener is cleanly stopped and restarted as needed if these error conditions occur.

• #13001 Fixed an issue where the syskeeper forwarder would never reconnect when the connection was lost.

• #13010 Fixed the issue where the JT/T 808 gateway could not correctly reply to the REGISTER_ACK message when requesting authentication from the registration service failed.

Breaking Changes

• #12947 For JWT authentication,...

EMQX v5.6.1

Bug Fixes

• #12759 EMQX now automatically removes invalid backup files that fail during upload due to schema validation errors. This fix ensures that only valid configuration files are displayed and stored, enhancing system reliability.

• #12766 Renamed message_queue_too_long error reason to mailbox_overflow

  mailbox_overflow. The latter is consistent with the corresponding config parameter: force_shutdown.max_mailbox_size.

• #12773 Upgraded HTTP client libraries.

  The HTTP client library (gun-1.3) incorrectly appended a :portnumber suffix to the Host header for
  standard ports (http on port 80, https on port 443). This could cause compatibility issues with servers or gateways performing strict Host header checks (e.g., AWS Lambda, Alibaba Cloud HTTP gateways), leading to errors such as InvalidCustomDomain.NotFound or "The specified CustomDomain does not exist."

• #12802 Improved how EMQX handles node removal from clusters via the emqx ctl cluster leave command. Previously, nodes could unintentionally rejoin the same cluster (unless it was stopped) if the configured cluster discovery_strategy was not manual. With the latest update, executing the cluster leave command now automatically disables cluster discovery for the node, preventing it from rejoining. To re-enable cluster discovery, use the emqx ctl discovery enable command or simply restart the node.

• #12814 Improved error handling for the /clients/{clientid}/mqueue_messages and /clients/{clientid}/inflight_messages APIs in EMQX. These updates address:

  • Internal Timeout: If EMQX fails to retrieve the list of Inflight or Mqueue messages within the default 5-second timeout, likely under heavy system load, the API will return 500 error with the response {"code":"INTERNAL_ERROR","message":"timeout"}, and log additional details for troubleshooting.
  • Client Shutdown: Should the client connection be terminated during an API call, the API now returns a 404 error, with the response {"code": "CLIENT_SHUTDOWN", "message": "Client connection has been shutdown"}. This ensures clearer feedback when client connections are interrupted.

• #12824 Updated the statistics metrics subscribers.count and subscribers.max to include shared subscribers. Previously, these metrics accounted only for non-shared subscribers.

• #12826 Fixed issues related to the import functionality of source data integrations and retained messages in EMQX. Before this update:

  • The data integration sources specified in backup files were not being imported. This included configurations under the sources.mqtt category with specific connectors and parameters such as QoS and topics.
  • Importing the mnesia table for retained messages was not supported.

• #12843 Fixed cluster_rpc_commit transaction ID cleanup procedure on replicator nodes after executing the emqx ctl cluster leave command. Previously, failing to properly clear these transaction IDs impeded configuration updates on the core node.

• #12885 Fixed an issue in EMQX where users were unable to view "Retained Messages" under the "Monitoring" menu in the Dashboard.

  The "Retained messages" backend API uses the qlc library. This problem was due to a permission issue where the qlc library's file_sorter function tried to use a non-writable directory, /opt/emqx, to store temporary files, resulting from recent changes in directory ownership permissions in Docker deployments.

  This update modifies the ownership settings of the /opt/emqx directory to emqx:emqx, ensuring that all necessary operations, including retained messages retrieval, can proceed without access errors.

EMQX Enterprise 5.6.1

Bug Fixes

• #12759 EMQX now automatically removes invalid backup files that fail during upload due to schema validation errors. This fix ensures that only valid configuration files are displayed and stored, enhancing system reliability.

• #12766 Renamed message_queue_too_long error reason to mailbox_overflow

  mailbox_overflow. The latter is consistent with the corresponding config parameter: force_shutdown.max_mailbox_size.

• #12773 Upgraded HTTP client libraries.

  The HTTP client library (gun-1.3) incorrectly appended a :portnumber suffix to the Host header for
  standard ports (http on port 80, https on port 443). This could cause compatibility issues with servers or gateways performing strict Host header checks (e.g., AWS Lambda, Alibaba Cloud HTTP gateways), leading to errors such as InvalidCustomDomain.NotFound or "The specified CustomDomain does not exist."

• #12802 Improved how EMQX handles node removal from clusters via the emqx ctl cluster leave command. Previously, nodes could unintentionally rejoin the same cluster (unless it was stopped) if the configured cluster discovery_strategy was not manual. With the latest update, executing the cluster leave command now automatically disables cluster discovery for the node, preventing it from rejoining. To re-enable cluster discovery, use the emqx ctl discovery enable command or simply restart the node.

• #12814 Improved error handling for the /clients/{clientid}/mqueue_messages and /clients/{clientid}/inflight_messages APIs in EMQX. These updates address:

  • Internal Timeout: If EMQX fails to retrieve the list of Inflight or Mqueue messages within the default 5-second timeout, likely under heavy system load, the API will return 500 error with the response {"code":"INTERNAL_ERROR","message":"timeout"}, and log additional details for troubleshooting.
  • Client Shutdown: Should the client connection be terminated during an API call, the API now returns a 404 error, with the response {"code": "CLIENT_SHUTDOWN", "message": "Client connection has been shutdown"}. This ensures clearer feedback when client connections are interrupted.

• #12824 Updated the statistics metrics subscribers.count and subscribers.max to include shared subscribers. Previously, these metrics accounted only for non-shared subscribers.

• #12826 Fixed issues related to the import functionality of source data integrations and retained messages in EMQX. Before this update:

  • The data integration sources specified in backup files were not being imported. This included configurations under the sources.mqtt category with specific connectors and parameters such as QoS and topics.
  • Importing the mnesia table for retained messages was not supported.

• #12843 Fixed cluster_rpc_commit transaction ID cleanup procedure on replicator nodes after executing the emqx ctl cluster leave command. Previously, failing to properly clear these transaction IDs impeded configuration updates on the core node.

• #12882 Fixed an issue with the RocketMQ action in EMQX data integration, ensuring that messages are correctly routed to their configured topics. Previously, when multiple actions shared a single RocketMQ connector, all messages were mistakenly sent to the topic configured for the first action. This fix involves starting a distinct set of RocketMQ workers for each topic, preventing cross-topic message delivery errors.

• #12885 Fixed an issue in EMQX where users were unable to view "Retained Messages" under the "Monitoring" menu in the Dashboard.

  The "Retained messages" backend API uses the qlc library. This problem was due to a permission issue where the qlc library's file_sorter function tried to use a non-writable directory, /opt/emqx, to store temporary files, resulting from recent changes in directory ownership permissions in Docker deployments.

  This update modifies the ownership settings of the /opt/emqx directory to emqx:emqx, ensuring that all necessary operations, including retained messages retrieval, can proceed without access errors.

EMQX v5.6.0

Enhancements

• #12251 Optimized the performance of the RocksDB-based persistent sessions, achieving a reduction in RAM usage and database request frequency. Key improvements include:

  • Introduced dirty session state to avoid frequent mria transactions.
  • Introduced an intermediate buffer for the persistent messages.
  • Used separate tracks of PacketIds for QoS1 and QoS2 messages.
  • Limited the number of continuous ranges of inflight messages to 1 per stream.

• #12326 Enhanced session tracking with registration history. EMQX now has the capability to monitor the history of session registrations, including those that have expired. By configuring broker.session_history_retain, EMQX retains records of expired sessions for a specified duration.

  • Session count API: Use the API GET /api/v5/sessions_count?since=1705682238 to obtain a count of sessions across the cluster that remained active since the given UNIX epoch timestamp (with seconds precision). This enhancement aids in analyzing session activity over time.

  • Metrics expansion with cluster sessions gauge: A new gauge metric, cluster_sessions, is added to better track the number of sessions within the cluster. This metric is also integrated into Prometheus for easy monitoring:

    # TYPE emqx_cluster_sessions_count gauge
    emqx_cluster_sessions_count 1234
    

    NOTE: Please consider this metric as an approximate estimation. Due to the asynchronous nature of data collection and calculation, exact precision may vary.

• #12338 Introduced a time-based garbage collection mechanism to the RocksDB-based persistent session backend. This feature ensures more efficient management of stored messages, optimizing storage utilization and system performance by automatically purging outdated messages.

• #12398 Exposed the swagger_support option in the Dashboard configuration, allowing for the enabling or disabling of the Swagger API documentation.

• #12467 Started supporting cluster discovery using AAAA DNS record type.

• #12483 Renamed emqx ctl conf cluster_sync tnxid ID to emqx ctl conf cluster_sync inspect ID.

  For backward compatibility, tnxid is kept, but considered deprecated and will be removed in 5.7.

• #12499 Enhanced client banning capabilities with extended rules, including:

  • Matching clientid against a specified regular expression.
  • Matching client's username against a specified regular expression.
  • Matching client's peer address against a CIDR range.

  Important Notice: Implementing a large number of broad matching rules (not specific to an individual clientid, username, or host) may affect system performance. It's advised to use these extended ban rules judiciously to maintain optimal system efficiency.

• #12509 Implemented API to re-order all authenticators / authorization sources.

• #12517 Configuration files have been upgraded to accommodate multi-line string values, preserving indentation for enhanced readability and maintainability. This improvement utilizes """~ and ~""" markers to quote indented lines, offering a structured and clear way to define complex configurations. For example:

  rule_xlu4 {
    sql = """~
      SELECT
        *
      FROM
        "t/#"
    ~"""
  }
  

  See HOCON 0.42.0 release notes for details.

• #12520 Implemented log throttling. The feature reduces the volume of logged events that could potentially flood the system by dropping all but the first occurance of an event within a configured time window.
  Log throttling is applied to the following log events that are critical yet prone to repetition:

  • authentication_failure
  • authorization_permission_denied
  • cannot_publish_to_topic_due_to_not_authorized
  • cannot_publish_to_topic_due_to_quota_exceeded
  • connection_rejected_due_to_license_limit_reached
  • dropped_msg_due_to_mqueue_is_full

• #12561 Implemented HTTP APIs to get the list of client's in-flight and message queue (mqueue) messages. These APIs facilitate detailed insights and effective control over message queues and in-flight messaging, ensuring efficient message handling and monitoring.

  To get the first chunk of data:

  • GET /clients/{clientid}/mqueue_messages?limit=100
  • GET /clients/{clientid}/inflight_messages?limit=100

  Alternatively, for the first chunks without specifying a start position:

  • GET /clients/{clientid}/mqueue_messages?limit=100&position=none
  • GET /clients/{clientid}/inflight_messages?limit=100&position=none

  To get the next chunk of data:

  • GET /clients/{clientid}/mqueue_messages?limit=100&position={position}
  • GET /clients/{clientid}/inflight_messages?limit=100&position={position}

  Where {position} is a value (opaque string token) of meta.position field from the previous response.

  Ordering and Prioritization:

  • Mqueue Messages: These are prioritized and sequenced based on their queue order (FIFO), from higher to lower priority. By default, mqueue messages carry a uniform priority level of 0.
  • In-Flight Messages: Sequenced by the timestamp of their insertion into the in-flight storage, from oldest to newest.

• #12590 Removed mfa meta data from log messages to improve clarity.

• #12641 Improved text log formatter fields order. The new fields order is as follows:

  tag > clientid > msg > peername > username > topic > [other fields]

• #12670 Added field shared_subscriptions to endpoint /monitor_current and /monitor_current/nodes/:node.

• #12679 Upgraded docker image base from Debian 11 to Debian 12.

• #12700 Started supporting "b" and "B" unit in bytesize hocon fields. For example, all three fields below will have the value of 1024 bytes:

  bytesize_field = "1024b"
  bytesize_field2 = "1024B"
  bytesize_field2 = 1024
  

• #12719 The /clients API has been upgraded to accommodate queries for multiple clientids and usernames simultaneously, offering a more flexible and powerful tool for monitoring client connections. Additionally, this update introduces the capability to customize which client information fields are included in the API response, optimizing for specific monitoring needs.

  Examples of Multi-Client/Username Queries:

  • To query multiple clients by ID: /clients?clientid=client1&clientid=client2
  • To query multiple users: /clients?username=user11&username=user2
  • To combine multiple client IDs and usernames in one query: /clients?clientid=client1&clientid=client2&username=user1&username=user2

  Examples of Selecting Fields for the Response:

  • To include all fields in the response: /clients?fields=all (Note: Omitting the fields parameter defaults to returning all fields.)
  • To specify only certain fields: /clients?fields=clientid,username

• #12381 Added new SQL functions: map_keys(), map_values(), map_to_entries(), join_to_string(), join_to_string(), join_to_sql_values_string(), is_null_var(), is_not_null_var().

  For more information on the functions and their usage, refer to Built-in SQL Functions the documentation.

• #12336 Performance enhancement. Created a dedicated async task handler pool to handle client session cleanup tasks.

• #12725 Implemented REST API to list the available source types.

• #12746 Added username log field. If MQTT client is connected with a non-empty username the logs and traces will include username field.

• #12785 Added timestamp_format configuration option to log handlers. This new option allows for the following settings:

  • auto: Automatically determines the timestamp format based on the log formatter being used.
    Utilizes rfc3339 format for text formatters, and epoch format for JSON formatters.

  • epoch: Represents timestamps in microseconds precision Unix epoch format.

  • rfc3339: Uses RFC3339 compliant format for date-time strings. For example, 2024-03-26T11:52:19.777087+00:00.

Bug Fixes

• #11868 Fixed a bug where will messages were not published after session takeover.

• #12347 Implemented an update to ensure that messages processed by the Rule SQL for the MQTT egress data bridge are always rendered as valid, even in scenarios where the data is incomplete or lacks certain placeholders defined in the bridge configuration. This adjustment prevents messages from being incorrectly deemed invalid and subsequently discarded by the MQTT egress data bridge, as was the case previously.

  When variables in payload and topic templates are undefined, they are now rendered as empty strings instead of the literal undefined string.

• #12472 Fixed an issue whe...

EMQX Enterprise 5.6.0

Enhancements

• #12326 Enhanced session tracking with registration history. EMQX now has the capability to monitor the history of session registrations, including those that have expired. By configuring broker.session_history_retain, EMQX retains records of expired sessions for a specified duration.

  • Session count API: Use the API GET /api/v5/sessions_count?since=1705682238 to obtain a count of sessions across the cluster that remained active since the given UNIX epoch timestamp (with seconds precision). This enhancement aids in analyzing session activity over time.

  • Metrics expansion with cluster sessions gauge: A new gauge metric, cluster_sessions, is added to better track the number of sessions within the cluster. This metric is also integrated into Prometheus for easy monitoring:

    # TYPE emqx_cluster_sessions_count gauge
    emqx_cluster_sessions_count 1234
    

    NOTE: Please consider this metric as an approximate estimation. Due to the asynchronous nature of data collection and calculation, exact precision may vary.

• #12398 Exposed the swagger_support option in the Dashboard configuration, allowing for the enabling or disabling of the Swagger API documentation.

• #12467 Started supporting cluster discovery using AAAA DNS record type.

• #12483 Renamed emqx ctl conf cluster_sync tnxid ID to emqx ctl conf cluster_sync inspect ID.

  For backward compatibility, tnxid is kept, but considered deprecated and will be removed in 5.7.

• #12495 Introduced new AWS S3 connector and action.

• #12499 Enhanced client banning capabilities with extended rules, including:

  • Matching clientid against a specified regular expression.
  • Matching client's username against a specified regular expression.
  • Matching client's peer address against a CIDR range.

  Important Notice: Implementing a large number of broad matching rules (not specific to an individual clientid, username, or host) may affect system performance. It's advised to use these extended ban rules judiciously to maintain optimal system efficiency.

• #12509 Implemented API to re-order all authenticators / authorization sources.

• #12517 Configuration files have been upgraded to accommodate multi-line string values, preserving indentation for enhanced readability and maintainability. This improvement utilizes """~ and ~""" markers to quote indented lines, offering a structured and clear way to define complex configurations. For example:

  rule_xlu4 {
    sql = """~
      SELECT
        *
      FROM
        "t/#"
    ~"""
  }
  

  See HOCON 0.42.0 release notes for details.

• #12520 Implemented log throttling. The feature reduces the volume of logged events that could potentially flood the system by dropping all but the first occurance of an event within a configured time window.
  Log throttling is applied to the following log events that are critical yet prone to repetition:

  • authentication_failure
  • authorization_permission_denied
  • cannot_publish_to_topic_due_to_not_authorized
  • cannot_publish_to_topic_due_to_quota_exceeded
  • connection_rejected_due_to_license_limit_reached
  • dropped_msg_due_to_mqueue_is_full

• #12561 Implemented HTTP APIs to get the list of client's in-flight and message queue (mqueue) messages. These APIs facilitate detailed insights and effective control over message queues and in-flight messaging, ensuring efficient message handling and monitoring.

  To get the first chunk of data:

  • GET /clients/{clientid}/mqueue_messages?limit=100
  • GET /clients/{clientid}/inflight_messages?limit=100

  Alternatively, for the first chunks without specifying a start position:

  • GET /clients/{clientid}/mqueue_messages?limit=100&position=none
  • GET /clients/{clientid}/inflight_messages?limit=100&position=none

  To get the next chunk of data:

  • GET /clients/{clientid}/mqueue_messages?limit=100&position={position}
  • GET /clients/{clientid}/inflight_messages?limit=100&position={position}

  Where {position} is a value (opaque string token) of meta.position field from the previous response.

  Ordering and Prioritization:

  • Mqueue Messages: These are prioritized and sequenced based on their queue order (FIFO), from higher to lower priority. By default, mqueue messages carry a uniform priority level of 0.
  • In-Flight Messages: Sequenced by the timestamp of their insertion into the in-flight storage, from oldest to newest.

• #12590 Removed mfa meta data from log messages to improve clarity.

• #12641 Improved text log formatter fields order. The new fields order is as follows:

  tag > clientid > msg > peername > username > topic > [other fields]

• #12670 Added field shared_subscriptions to endpoint /monitor_current and /monitor_current/nodes/:node.

• #12679 Upgraded docker image base from Debian 11 to Debian 12.

• #12700 Started supporting "b" and "B" unit in bytesize hocon fields.

  For example, all three fields below will have the value of 1024 bytes:

  bytesize_field = "1024b"
  bytesize_field2 = "1024B"
  bytesize_field2 = 1024
  

• #12719 The /clients API has been upgraded to accommodate queries for multiple clientids and usernames simultaneously, offering a more flexible and powerful tool for monitoring client connections. Additionally, this update introduces the capability to customize which client information fields are included in the API response, optimizing for specific monitoring needs.

  Examples of Multi-Client/Username Queries:

  • To query multiple clients by ID: /clients?clientid=client1&clientid=client2
  • To query multiple users: /clients?username=user11&username=user2
  • To combine multiple client IDs and usernames in one query: /clients?clientid=client1&clientid=client2&username=user1&username=user2

  Examples of Selecting Fields for the Response:

  • To include all fields in the response: /clients?fields=all (Note: Omitting the fields parameter defaults to returning all fields.)
  • To specify only certain fields: /clients?fields=clientid,username

• #12330 The Cassandra bridge has been split into connector and action components. They are backwards compatible with the bridge HTTP API. Configuration will be upgraded automatically.

• #12353 The OpenTSDB bridge has been split into connector and action components. They are backwards compatible with the bridge HTTP API. Configuration will be upgraded automatically.

• #12376 The Kinesis bridge has been split into connector and action components. They are backwards compatible with the bridge HTTP API. Configuration will be upgraded automatically.

• #12386 The GreptimeDB bridge has been split into connector and action components. They are backwards compatible with the bridge HTTP API. Configuration will be upgraded automatically.

• #12423 The RabbitMQ bridge has been split into connector, action and source components. They are backwards compatible with the bridge HTTP API. Configuration will be upgraded automatically.

• #12425 The ClickHouse bridge has been split into connector and action components. They are backwards compatible with the bridge HTTP API. Configuration will be upgraded automatically.

• #12439 The Oracle bridge has been split into connector and action components. They are backwards compatible with the bridge HTTP API. Configuration will be upgraded automatically.

• #12449 The TDEngine bridge has been split into connector and action components. They are backwards compatible with the bridge HTTP API. Configuration will be upgraded automatically.

• #12488 The RocketMQ bridge has been split into connector and action components. They are backwards compatible with the bridge HTTP API. Configuration will be upgraded automatically.

• #12512 The HStreamDB bridge has been split into connector and action components. They are backwards compatible with the bridge HTTP API. Configuration will be upgraded automatically, however, it is recommended to do the upgrade manually as new fields have been added to the configuration.

• #12543 The DynamoDB bridge has been split into connector and action components. They are backwards compatible with the bridge HTTP API. Configuration will be upgraded automatically.

• #12595 The Kafka Consumer bridge has been split into connector and source components. They are backwards compatible with the bridge HTTP API. Configuration will be upgraded automatically.

• #12619 The Microsoft SQL Server bridge has been split into connector...

EMQX v5.5.1

5.5.1

Bug Fixes

• #12471 Fixed an issue that data integration configurations failed to load correctly during upgrades from EMQX version 5.0.2 to newer releases.

• #12598 Fixed an issue that users were unable to subscribe to or unsubscribe from shared topic filters via HTTP API.

  The affected APIs include:

  • /clients/:clientid/subscribe

  • /clients/:clientid/subscribe/bulk

  • /clients/:clientid/unsubscribe

  • /clients/:clientid/unsubscribe/bulk

• #12601 Fixed an issue where logs of the LDAP driver were not being captured. Now, all logs are recorded at the info level.

• #12606 The Prometheus API experienced crashes when the specified SSL certificate file did not exist in the given path. Now, when an SSL certificate file is missing, the emqx_cert_expiry_at metric will report a value of 0, indicating the non-existence of the certificate.

• #12620 Redacted sensitive information in HTTP headers to exclude authentication and authorization credentials from debug level logs in the HTTP Server connector, mitigating potential security risks.

• #12632 Fixed an issue where the rule engine's SQL built-in function date_to_unix_ts produced incorrect timestamp results for dates starting from March 1st on leap years.

EMQX Enterprise e5.5.1

Enhancements

• #12497 Improved MongoDB connector performance, resulting in more efficient database interactions. This enhancement is supported by improvements in the MongoDB Erlang driver as well (mongodb-erlang PR).

Bug Fixes

• #12471 Fixed an issue that data integration configurations failed to load correctly during upgrades from EMQX version 5.0.2 to newer releases.

• #12598 Fixed an issue that users were unable to subscribe to or unsubscribe from shared topic filters via HTTP API.

  The affected APIs include:

  • /clients/:clientid/subscribe

  • /clients/:clientid/subscribe/bulk

  • /clients/:clientid/unsubscribe

  • /clients/:clientid/unsubscribe/bulk

• #12601 Fixed an issue where logs of the LDAP driver were not being captured. Now, all logs are recorded at the info level.

• #12606 The Prometheus API experienced crashes when the specified SSL certificate file did not exist in the given path. Now, when an SSL certificate file is missing, the emqx_cert_expiry_at metric will report a value of 0, indicating the non-existence of the certificate.

• #12608 Fixed a function_clause error in the IoTDB action caused by the absence of a payload field in query data.

• #12610 Fixed an issue where connections to the LDAP connector could unexpectedly disconnect after a certain period of time.

• #12620 Redacted sensitive information in HTTP headers to exclude authentication and authorization credentials from debug level logs in the HTTP Server connector, mitigating potential security risks.

• #12632 Fixed an issue where the rule engine's SQL built-in function date_to_unix_ts produced incorrect results for dates starting from March 1st on leap years.

EMQX Enterprise 5.6.0-alpha.2

Merge pull request #12644 from thalesmg/prepare-560-alpha1-r56-20240304

fix docker repository enumeration and prepare `e5.6.0-alpha.2`

EMQX v5.5.1-rc.1

chore: bump version to 5.5.1-rc.1

EMQX Enterprise 5.5.1-rc.1

e5.5.1-rc.1

chore: bump version to 5.5.1-rc.1