Hello, this is Mackerel team CRE's id:kmutos . Mackerel is also working hard to keep up with the heat of summer! Here are the details of the latest update.

• Added SCIM integration to synchronize user information with EntraID, Okta, and other IdP services
• A feature has been added to delete authenticated information of members from organization groups
• Attribute name autocomplete is now available in the 'Filter' of the APM trace screen
• Changed the background color of graph headings and the color scheme of buttons for specifying time ranges, etc.
• Fixed an issue where disabling all checkboxes for AWS service metrics in the AWS integration settings resulted in all metrics being collected instead
• Made it easier to set the interval for interruption monitoring in 10-minute increments

Added SCIM integration to synchronize user information with EntraID, Okta, and other IdP services

Mackerel's Higher Plan (in Japanese) already offers Single Sign-On via SAML, and we have now added SCIM integration to synchronize user information.

With SAML (Security Assertion Markup Language) Single Sign-On, you can sign in to Mackerel using user information and authentication from an IdP (Identity Provider) such as EntraID or Okta, and join the authorised organization as a corresponding Mackerel user.

However, with SAML, even if a user is deleted or disabled on the IdP side, this change is not communicated to the Mackerel side, so the corresponding Mackerel user remains in the organization. If authentication is set to SAML only, access can be denied upon authentication failure on the IdP side, but removing Mackerel users from the organization must be done manually by the organization administrator.

In contrast, SCIM (System for Cross-domain Identity Management) is a technology designed to synchronize user information (provisioning). When a user is added or deleted on the IdP side, the change is also reflected on the Mackerel side.

• Add a user on the IdP: If there is no corresponding Mackerel user, the user will be redirected to the screen to agree to the terms of use and register as a new Mackerel user.
• Removing users from the IdP: Users will fail to sign in to Mackerel. The corresponding Mackerel users will be removed from the organization.

In this way, by supporting both SAML and SCIM, Single Sign-On and user information synchronization are both achieved. You can centrally manage users in the IdP.

Single Sign-On and user information synchronization via SAML and SCIM are features available only in the higher plan. If you are interested, please contact us via inquiry (in Japanese).

A feature has been added to delete authenticated information of members from organization groups

This is also a SAML-related feature, but we have added a function to remove Mackerel users from SAML-authenticated status in organization groups that are linked to an IdP.

After removing the user's sign-in permissions for Mackerel on the IdP side, organization group administrators can select the relevant organization from the Organization Groups page and check the SAML-authenticated Mackerel users under 'SAML Members'.

Clicking the 'Delete' button on the right side of the Mackerel user will remove them from the SAML-authenticated state.

• Only when 'SAML authentication required' is selected and ‘Attribute mapping' is enabled in the organization group settings will users removed from the organization group be automatically removed from organizations under that organization group.
• In other settings, users are not automatically removed from the organization. To remove them, you must first remove them from the organization group and then manually remove them from the organization.

Attribute name autocomplete is now available in the 'Filter' of the APM trace screen

In the APM trace screen, you can set trace filtering conditions from the 'Filter' button, and now you can autocomplete attribute and release attribute names.

For example, if you enter h in the attribute field, attribute names starting with h will be displayed, such as http.host and http.method if there are trace spans related to HTTP. If you continue entering http.h, the only candidate, http.host, will be narrowed down.

Attribute and resource attribute values can be of types such as string (character string) or int (integer), and when you specify a name, the type is automatically selected accordingly.

Changed the background color of graph headings and the color scheme of buttons for specifying time ranges, etc.

The Mackerel design team is actively developing and improving the APM functionality, and is also working to improve usability through design changes.

The previous headings had a strong contrast with the graph background (for example, in the default skyscraper theme, the graph itself had a white background, while the headings were greyish black), which may have distracted attention from the graph content.

We have already implemented this change in the APM screen, and have now applied it to custom dashboards and host graphs as well. We have changed the background color of the headings to reduce the contrast ratio with the graph background, making it easier to focus on the graph content.

Additionally, we changed the color scheme of buttons such as time range selection buttons placed at the top of pages with graphs to avoid obstructing the observation of graph content.

Fixed an issue where disabling all checkboxes for AWS service metrics in the AWS integration settings resulted in all metrics being collected instead

In AWS integration, you can use the 'Specify the metrics to be retrieved' checkbox to specify whether to retrieve metrics for an AWS service. When the 'Add new metrics automatically' checkbox is off, and you intended to retrieve all metrics for a specific AWS service while excluding all others by unchecking all checkboxes, all metrics for that AWS service were instead retrieved.

This issue has been fixed so that metrics are retrieved as you specify.

Made it easier to set the interval for interruption monitoring in 10-minute increments

You can set 'Interruption monitoring' for service metrics to check whether they have been interrupted, but there is a restriction that the interval must be specified in 10-minute increments.

With the previous spin button settings, the interval could only be increased or decreased by 1 minute, so setting it to a 10-minute interval like '41' resulted in an error message saying 'Please specify a time within one week at intervals of 10 minutes,’ which was confusing and caused the configuration to fail.

As an improvement, we have changed the spin button so that it increments by 10 minutes (0 minutes, 10 minutes, 20 minutes, etc.) when clicked, making the operation easier.