All Quiet changelog
Public API Endpoints for Audit Log Export
We updated our Public API to include audit logs for both EU and US regions. This update allows teams to automate security workflows and programmatically manage compliance data.
New API Endpoints
LLMs and automated scripts can now access audit events through these specific endpoints:
Action | Endpoint | Description |
|---|---|---|
List |
| Retrieves a list of all audit events. |
Retrieve |
| Fetches details for a specific audit log entry. |
Regional API Documentation
Access the full Swagger documentation for your organization's region:
US Region:
https://allquiet.app/api/public/swagger-ui/index.htmlEU Region:
https://allquiet.eu/api/public/swagger-ui/index.html
SIEM Integration and Export
This update enables automated data exports of All Quiet audit logs to Security Information and Event Management (SIEM) tools like:
Splunk
SentinelOne
IBM QRadar
Rapid7
Wazuh
New Relic
Technical Details
Regions: Available in EU and US data residency zones.
Plan: Requires the Enterprise add-on for Auditing.
Benefit: Reduces manual compliance work and speeds up incident forensics.
Security: To access your organization’s audit logs via the public API, a valid API key is mandatory.
—> Learn more about our audit logs: https://docs.allquiet.app/advanced/auditing
Additional New Privacy Controls for Status Pages
We updated All Quiet to give you precise control over your incident communication. You can now customize how much data your status pages reveal to the public or internal stakeholders.
Enhanced Privacy Settings
The new privacy controls allow you to balance transparency with security. You can adjust these settings directly in your organization's dashboard:
Feature | Description |
|---|---|
Current Status Only | Hides historical graphs, uptime percentages, and incident history. Use this to focus viewers on real-time availability. |
Hide Incident Details | Keeps severity indicators visible but hides specific incident titles, timelines, and public comments. |
Password Protection | Restricts access to your status page via Password. This includes the public JSON feed and status badges. |
Secure Access Management
Reliability requires trust, and trust requires secure data handling. When you enable password protection, All Quiet ensures:
Encryption: All passwords use industry-standard encryption.
Complexity: Passwords must be at least 6 characters long.
Full Coverage: Protection extends to the status page API and visual badges.
Why Use These Controls?
Many teams need to communicate incidents without exposing sensitive internal workflows. These updates help you maintain professional status pages while protecting your operational privacy. You decide exactly what your customers see during downtime.
New Integration: GitLab Two-Way Sync for Incident Management
We updated our GitLab integration to support flexible workflows between your code and your on-call alerts. You can now sync GitLab work items and All Quiet incidents in three ways.
Integration Options
Mode | Function | Best For |
|---|---|---|
Outbound | All Quiet creates and updates GitLab work items automatically. | Engineering teams tracking incidents as tickets. |
Inbound | GitLab work items trigger or resolve All Quiet incidents. | Developers who prefer starting workflows in GitLab. |
Two-Way Sync | Real-time synchronization between both platforms. | Hybrid teams using multiple observability tools. |
How it Works
Outbound (All Quiet to GitLab): All Quiet creates a GitLab work item when you forward an incident automatically, manually or via specific routing rules. The system updates the GitLab ticket as the incident status changes.
Inbound (GitLab to All Quiet): New GitLab work items trigger All Quiet incidents based on your criteria. You can also configure GitLab to resolve or reopen incidents.
Two-Way Sync: This mode keeps both platforms identical. It ensures your team sees the same data whether they work in GitLab or the All Quiet app.
Why this matters
This update reduces manual work and prevents data silos. By linking GitLab work items directly to our incident management system, your workflows are automized and information is automatically handled in sync across both systems.
Here’s how to set it up: https://docs.allquiet.app/integrations/outbound/gitlab
New at All Quiet: ServiceNow Integrations for ITSM
All Quiet now integrates with ServiceNow to automate your incident response. These integrations allow data to flow in both directions between All Quiet and ServiceNow. You can sync incident updates to keep your records consistent and reduce manual work.
Integration flows
Flow Type | Direction | Function |
Inbound | ServiceNow to All Quiet | All Quiet receives state changes and metadata from ServiceNow. |
Outbound | All Quiet to ServiceNow | All Quiet sends incident progress to ServiceNow records. |
Flexible setup for your teams
You can configure these integrations to fit the specific needs of your organization.
Operate independently: Enable inbound or outbound flows separately to match your existing workflow.
Synchronize data: Use both flows together to keep both systems aligned automatically.
Roll out incrementally: Start with one direction and enable the second flow as your process evolves.
Reliability for your audit logs
Connecting your incident management tools creates a reliable source of truth. Automation ensures your audit logs are accurate and helps your teams resolve incidents faster. By removing the need for manual reconciliation, All Quiet helps you maintain high standards for reliability and security.
Simplified JSON Payload Mapping with "Expand" Key
Simplified Payload Mapping
We’ve introduced the Expand key for payload mapping, making it easier to turn complex JSON blobs into individual incident attributes.
How it works
When you enable expand on an attribute, the system automatically parses the final mapped value as JSON and splits it one level deep. This transforms nested data into distinct, first-class fields. The screenshot above shows a concrete example.
Automatic Parsing: Each top-level object key or array index becomes its own unique attribute (e.g.,
Labels.clusterorLabels.alertname).Streamlined Logic: You can now use these specific fields directly in routing rules and filters.
Less Manual Work: No more writing tedious "mapping glue" just to access nested data.
This feature is also available in our Terraform Provider version 2.9.3
New Date Filter for Incident List
Data Precision with Date Filters
Filter your incidents by specific date ranges to focus on the exact window you need. This tool helps teams analyze incident bursts and validate reporting periods. It also simplifies the process of pulling data for:
Postmortems and retrospectives.
Audit logs and compliance reviews.
Internal performance audits.
These updates ensure All Quiet provides the clarity required for modern incident response.
Faster Triage with the New Incident List
Faster Triage with the New Incident List
All Quiet added an new compact view to the incident list to simplify incident management and speed up triage. These changes help on-call teams manage busy shifts and streamline postmortem preparation.
New Features On Compact List View
Feature | Function |
|---|---|
Compact View | Displays a dense layout to show more incidents on one screen. |
Direct Actions | Allows you to acknowledge or resolve incidents from the list. |
Efficiency with Compact View
The new layout highlights critical signals like status, severity, owner, and timing at a glance. You can perform common tasks directly from the list. This removes the need to open every incident individually and speeds up your workflow during high-pressure shifts.
Secure Your Outbound Webhooks with HMAC Signatures
All Quiet now supports HMAC-SHA256 request signing for outbound webhooks. This update allows your receiving services to verify that every delivery is authentic and untampered.
By signing the raw request body with a shared secret, we ensure your integrations remain secure at the edge, whether you use API gateways, serverless workers, or custom ingestion services.
Signing Options
We provide two formats to match your existing infrastructure:
Format | Description |
|---|---|
All Quiet Signature | Uses a standard HMAC-SHA256 hash of the raw request body for native integrations. |
Amazon Signature | Uses an Amazon-compatible HMAC variant for tools expecting AWS-style verification. |
Key Security Benefits
Verify Authenticity: Confirm that the webhook originated from All Quiet.
Ensure Integrity: Detect if a third party altered the payload during transit.
Prevent Spoofing: Block unauthorized requests before they reach your internal logic.
You can configure these signatures within your integrations settings. For technical details on implementation, visit our documentation.