Blog Cryostat 4.1.0 is Released!

November 27, 2025

Cryostat 4.1.0 is Released!

By 

Andrew Azores

: Principal Software Engineer

Table of Contents

Hello everyone,

Cryostat 4.1.0 has landed. It’s a minor release in semantic versioning terms, but it’s a big release in terms of functionality and features. Read on to find out what’s new.

Release Highlights

New Features

OpenShift-specific

  1. Console Plugin auto-configuration UI: Cryostat 4.0 introduced a Console Plugin and Cryostat Agent Autoconfiguration feature for OpenShift users. Cryostat 4.1 expands on that with a new feature allowing Agent Autoconfiguration to be performed graphically within the Console UI, rather than requiring you to manually edit your application Deployment YAML.

General

  1. New Navigation: the navigation sidebar has been reorganized into nested sections, and a few new navigable pages have been added (more details below). The old Automated Rules view is now under the Flight Recorder section, under the Capture subsection, as the Automated Rules item - or Flight Recorder/Capture/Automated Rules. Recordings has been split into Flight Recorder/Capture/Recordings and Flight Recorder/Analyze/Archives, and Events has been split into Flight Recorder/Capture/Events and Flight Recorder/Capture/Instrumentation.
  2. Automated Reports view: the new Flight Recorder/Analyze/Automated Reports view provides an overview of all recent automated analysis reports per target. It has controls to sort and filter the reports to help surface which JVMs in your deployment may require your attention.
  3. Diagnostics section: the new Diagnostics contains controls for performing garbage collection, capturing a thread dump, and capturing a heap dump. Performing garbage collection is still possible via a Dashboard card, and that same card also now contains the same thread and heap dump controls as this new navigable view. Thread and heap dumps are stored in new, separate buckets in Cryostat's object storage, and have similar Targets, All-Targets, and All-Archives viewing modes as Archived Recordings. They can also be downloaded, deleted, and labeled like archived recordings, but there are no analysis tools for these data types within the Cryostat UI.
  4. External object storage: since Cryostat 3.0, file-based data like archived recordings have been stored in a cryostat-storage S3-compatible object storage instance, as opposed to simply written to local filesystem within the Cryostat container. In Cryostat 4.1 the configuration knobs to choose your own S3-compatible object storage are now finally exposed, so when you install a Cryostat instance you can choose the batteries-included cryostat-storage option, or opt for your own choice of object storage provider. This may be your own self-hosted object storage which you manage or it can be a commercial service provider. For long-lived production Cryostat installations it is highly recommended that you should choose a commercial service provider or your own self-managed object storage, rather than relying on the simple object storage included with Cryostat. Various internal improvements have also been made for the communication between Cryostat, cryostat-storage, cryostat-reports, and jfr-datasource to optimize the transfer of files between containers.
  5. Declarative configurations have new additions. These are configurations that allow you to define ex. custom event templates by mounting a volume containing definition files to Cryostat, rather than needing to use the Cryostat UI or API to create these resources. In Kubernetes or OpenShift this can be achieved using ConfigMaps or Secrets. It is now also possible to define the following resource types declaratively:
    • automated rules
    • JMC agent probe templates
    • stored credentials
  6. Cryostat Agent Smart Triggers via file: similarly, Cryostat Agent Smart Triggers can be configured by providing the Agent with a path to a file containing Smart Triggers definitions, not only by passing them as command line parameters. Use the JVM flag -Dcryostat.agent.smart-trigger.config.path=/path/to/file or the environment variable CRYOSTAT_AGENT_SMART_TRIGGER_CONFIG_PATH=/path/to/file.
  7. Accessibility settings: the Settings view has a new General/Accessibility section, which allows you to select the colour palette and icon size used for components like the Automated Analysis Reports.
  8. Topology analysis filtering: the Settings view has a new Topology section which allows you to configure the behaviour of the Overview/Topology view. The Topology view indicates Automated Analysis scores on discovered targets using a status badge displaying the maximum (most critical) analysis score. However, some of these analysis scores are static, configuration-based scores which may not be of particular interest in all cases - for example, the Passwords in Environment Variables score. In many cases it is acceptable to include passwords in environment variables, so if this is the only detected "issue" with a target JVM, it may not be desirable for this to reflect as a critical status on the Topology view. You can use this new Settings configuration to control which analysis results are used for determining the Topology view status badges.
  9. Target-based automated analysis: along with the split of Recordings into Flight Recorder/Capture/Recordings and Flight Recorder/Analyze/Archives and the new Flight Recorder/Analyze,Automated Reports and autoanalyze=true feature described above, the workflow for manually generating an Automated Analysis report for a target JVM has been reworked. The new workflow guides you through creating a recording (with selected default values) if required, then creates, archives, and deletes a Snapshot recording with the `autoanalyze=true` label to trigger the automated analysis. The results will be viewable in the new Analyze panel in the Flight Recorder/Capture/Recordings view as well as at Flight Recorder/Analyze/Automated Reports, and will also be cached and connected to the archived recording copy viewable at Flight Recorder/Analyze/Archives. This reduces the number of clicks to get to an automated analysis report for a target application, as well as ensuring the results are easy to both view immediately and reference back to in the future.

Feature Enhancements

  1. Automatic Automated Analysis: when an Archived Recording with the label autoanalyze=true is created, Cryostat will automatically perform automated analysis of that recording. The results will be cached and viewable in the new Flight Recorder/Analyze/Automated Reports view. Hint: labels applied to Active Recordings are copied to Archived Recordings, so the act of archiving any active recording with this label applied will trigger this behaviour. You will notice that the active recording creation form and Automated Rule creation form have new controls to enable this feature, which is turned on by default. Cryostat will also automatically perform this function for "external recordings" - ones which Cryostat observes are available in a target JVM, which Cryostat did not initiate. Such recordings are often present due to the use of the -XX:StartFlightRecording JVM flag.
  2. External recording enhancements: continuing on the topic of external recordings, these are now handled completely as if they were started by Cryostat with the "archive on stop" and "automatically analyze" options enabled. Whether the recording is manually stopped or its fixed duration elapses, Cryostat will copy the recording data into the archives and automatically analyze the contents.
  3. Archive On Stop for Continuous Recordings: previously, the "archive on stop" option was only available for fixed-duration recordings, so that Cryostat would automatically copy JFR data to archives when the configured duration elapsed. This option is now available for continuous recordings (those without a fixed duration) and is enabled by default. When a continuous recording is manually stopped, Cryostat will also automatically copy the JFR data to archives.
  4. Automated Rule copying and editing has been implemented. Previously, if you wanted to use an existing Automated Rule from the Cryostat UI as a basis for a new rule, you would need to either: In the Automated Rule overflow menu there is a new Edit action which allows you to edit a Rule in-place (with some limitations), and a new Copy action which allows you to create a new Rule using the existing Rule as a template with the same configuration.
  5. JVM details modal anywhere: the Dashboard and Topology views contain a component which displays details about a selected JVM target. This also includes components where a miniature Topology view is included, such as Automated Rules and Security. Other views, such as Flight Recorder/Capture/Recordings provided no way to view JVM details beyond the alias and connection URL via the target selector dropdown. There is a new info button beside the dropdown which, when clicked, summons a modal dialog containing the same details component so that this information is visible anywhere a target selection has been made.
  6. Merged Target and All-Targets archives: the old Recordings view had a tab for target-specific archived recordings, and the old Archives view had a tab for All Targets. These were extremely similar and redundant. The new Flight Recorder/Capture/Recordings view focuses only on active recordings and removes the target-specific archives tab. The new Flight Recorder/Analyze/Archives view has a Targets tab with a target selector dropdown. If a target is selected this behaves just like the old Recordings view and its target-specific archives tab. If the target selection is cleared then this behaves just like the old Archives view and its All Targets tab.
  7. Grafana dashboard now includes a Frameworks row. This includes a chart for Hibernate ORM JFR events, and a chart and a table for Quarkus REST JFR events. Cryostat 4.0 previously shipped Preset Event Templates, Preset Automated Rules, and a Match Expression feature to help you take capture these JFR event types, so this new feature provides a convenient way for you to visualize this captured data.
  8. IPv6 targets: support for IPv6 is improved, including for Kubernetes/OpenShift EndpointSlice-based discovery. Kubernetes clusters using IPv6 or running IPv4/IPv6 dual-stack should pose no issue for Cryostat.

General Maintenance

  1. Container resource limits and requests: when deploying Cryostat via the operator or Helm chart, the default resource requests have been raised to avoid low-resource scenarios which were often seen in Cryostat 4.0, and there are now default resource limits applied so that Cryostat will not try to consume all available resources if you give it a lot of work to do.
  2. Routine maintenance: dependency version updates and container base image version updates.

For further details on these items, check the GitHub Discussions release announcement.

Where can I get the latest version of Cryostat?

You can install Cryostat using our Kubernetes operator on OperatorHub.io or via a Helm Chart . As always, you can also run Cryostat in other environments with a little more manual setup.

If this is your first time installing Cryostat on Kubernetes, you can Get Started right here on this website.

If you had previously installed Cryostat Operator 4.0.x with OLM, then you may have already been upgraded to 4.1.0, or else you should be able to approve and install the upgrade.

Feedback

Please reach out to the Cryostat mailing list or GitHub Discussion with any questions or comments.

CC by 3.0 | Privacy Policy | Sponsored by