diff --git a/CHANGELOG.md b/CHANGELOG.md
index c6d431b0d..f169ee9e9 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,39 +1,81 @@
 # Changelog
 
+## 2.28.0 - 2023-07-18
+#### New
+- New output: **Redis** ([PR#396](https://github.com/falcosecurity/falcosidekick/pull/396) thanks to [@pandyamarut](https://github.com/pandyamarut))
+- New output: **Telegram** ([PR#431](https://github.com/falcosecurity/falcosidekick/pull/431) thanks to [@zufardhiyaulhaq](https://github.com/zufardhiyaulhaq))
+- New output: **N8N** ([PR#462](https://github.com/falcosecurity/falcosidekick/pull/462))
+- New output: **Grafana OnCall** ([PR#470](https://github.com/falcosecurity/falcosidekick/pull/470))
+- New output: **OpenObserve** ([PR#509](https://github.com/falcosecurity/falcosidekick/pull/509))
+
+#### Enhancement
+- Add `output` in the description annotation for `AlertManager` output ([PR#341](https://github.com/falcosecurity/falcosidekick/pull/478))
+- Allow to set the http method for `Webhook` output ([PR#399](https://github.com/falcosecurity/falcosidekick/pull/399))
+- Add `hostname` as prometheus label ([PR#420](https://github.com/falcosecurity/falcosidekick/pull/420) thanks to [@Lowaiz](https://github.com/Lowaiz))
+- Allow to replace the brackets ([PR#421](https://github.com/falcosecurity/falcosidekick/pull/421))
+- Allow to set custom http headers for `Loki`, `Elasticsearch` and `Grafana` outputs ([PR#428](https://github.com/falcosecurity/falcosidekick/pull/428))
+- Add `hostname`, `tags`, `custom` and `templated fields` for `TimescaleDB` output ([PR#438](https://github.com/falcosecurity/falcosidekick/pull/438) thanks to [@hileef](https://github.com/hileef))
+- Allow to set thresholds for the dropped events in `AlertManager` ouput ([PR#439](https://github.com/falcosecurity/falcosidekick/pull/439) thanks to [@Lowaiz](https://github.com/Lowaiz))
+- Match the `priority` with `AlertManager` severity label ([PR#440](https://github.com/falcosecurity/falcosidekick/pull/440) thanks to [@Lowaiz](https://github.com/Lowaiz))
+- Add `rolearn` and `externalid` for the assume role for `AWS` outputs ([PR#494](https://github.com/falcosecurity/falcosidekick/pull/494))
+- Allow to set the `region` for `PagerDuty` output ([PR#500](https://github.com/falcosecurity/falcosidekick/pull/500))
+- Add TLS option + rewrite send method for the `SMTP` output ([PR#502](https://github.com/falcosecurity/falcosidekick/pull/502))
+- Add attributes to `GCP PubSub` messages ([PR#505](https://github.com/falcosecurity/falcosidekick/pull/505) thanks to [@annadorottya](https://github.com/annadorottya))
+- Add option for TLS and mTLS for the server ([PR#508](https://github.com/falcosecurity/falcosidekick/pull/508) thanks to [@annadorottya](https://github.com/annadorottya))
+- Add setting to auto create the `Kafka` topic ([PR#554](https://github.com/falcosecurity/falcosidekick/pull/554))
+- Add option to deploy a HTTP only server for specific endpoints ([PR#565](https://github.com/falcosecurity/falcosidekick/pull/565) thanks to [@annadorottya](https://github.com/annadorottya))
+- Support multiple bootstrap servers for `Kafka` output ([PR#571](https://github.com/falcosecurity/falcosidekick/pull/571) thanks to [@ibice](https://github.com/ibice))
+- Add option for TLS for `Kafka` output ([PR#574](https://github.com/falcosecurity/falcosidekick/pull/574))
+
+#### Fix
+- Fix error handling in `AWS Security Lake` output ([PR#390](https://github.com/falcosecurity/falcosidekick/pull/390))
+- Fix breaking brackets in `AWS SNS` messages ([PR#419](https://github.com/falcosecurity/falcosidekick/pull/419))
+- Fix setting name for the table of `TimescaleDB` output ([PR#426](https://github.com/falcosecurity/falcosidekick/pull/426) thanks to [@alika](https://github.com/alika))
+- Fix cardinality issue with prometheus labels ([PR#427](https://github.com/falcosecurity/falcosidekick/pull/427))
+- Fix panic when assert output fields which are nil ([PR#429](https://github.com/falcosecurity/falcosidekick/pull/429))
+- Fix dependencies for `Wavefront` output ([PR#432](https://github.com/falcosecurity/falcosidekick/pull/432))
+- Fix key pattern for `AWS Security Lake` output ([PR#447](https://github.com/falcosecurity/falcosidekick/pull/447))
+- Fix default settings for `Telegram` output ([PR#495](https://github.com/falcosecurity/falcosidekick/pull/495) thanks to [@schfkt](https://github.com/schfkt))
+- Fix URL generation for `Spyderbat` output ([PR#506](https://github.com/falcosecurity/falcosidekick/pull/506) thanks to [@bc-sb](https://github.com/bc-sb))
+- Fix nil values in `Spyderbat` output ([PR#527](https://github.com/falcosecurity/falcosidekick/pull/527) thanks to [@spider-guy](https://github.com/spider-guy))
+- Fix duplicated headers in `SMTP` output ([PR#528](https://github.com/falcosecurity/falcosidekick/pull/528) thanks to [@apsega](https://github.com/apsega))
+- Fix missing trim for names and values of labels for `AlertManager` output ([PR#563](https://github.com/falcosecurity/falcosidekick/pull/563) thanks to [@Lowaiz](https://github.com/Lowaiz))
+- Fix missing returned errors for `Kafka` output ([PR#573](https://github.com/falcosecurity/falcosidekick/pull/573))
+
 ## 2.27.0 - 2022-12-13
 #### New
 - New output: **Yandex Data Streams** ([PR#336](https://github.com/falcosecurity/falcosidekick/pull/336) thanks to [@preved911](https://github.com/preved911))
-- New output: **Node-Red** ([PR#337](https://github.com/falcosecurity/falcosidekick/pull/337)
-- New output: **MQTT** ([PR#338](https://github.com/falcosecurity/falcosidekick/pull/338)
-- Templated fields: custom fields generated with Go templates ([PR#350](https://github.com/falcosecurity/falcosidekick/pull/350)
-- New output: **Zincsearch** ([PR#360](https://github.com/falcosecurity/falcosidekick/pull/360)
-- New output: **Gotify** ([PR#362](https://github.com/falcosecurity/falcosidekick/pull/362)
+- New output: **Node-Red** ([PR#337](https://github.com/falcosecurity/falcosidekick/pull/337))
+- New output: **MQTT** ([PR#338](https://github.com/falcosecurity/falcosidekick/pull/338))
+- Templated fields: custom fields generated with Go templates ([PR#350](https://github.com/falcosecurity/falcosidekick/pull/350))
+- New output: **Zincsearch** ([PR#360](https://github.com/falcosecurity/falcosidekick/pull/360))
+- New output: **Gotify** ([PR#362](https://github.com/falcosecurity/falcosidekick/pull/362))
 - New output: **Spyderbat** ([PR#368](https://github.com/falcosecurity/falcosidekick/pull/368) thanks to [@spyder-kyle](https://github.com/spyder-kyle))
-- New output: **Tekton** ([PR#371](https://github.com/falcosecurity/falcosidekick/pull/371)
+- New output: **Tekton** ([PR#371](https://github.com/falcosecurity/falcosidekick/pull/371))
 - New output: **TimescaleDB** ([PR#378](https://github.com/falcosecurity/falcosidekick/pull/378) thanks to [@jagretti](https://github.com/jagretti))
-- New output: **AWS Security Lake** ([PR#387](https://github.com/falcosecurity/falcosidekick/pull/387)
+- New output: **AWS Security Lake** ([PR#387](https://github.com/falcosecurity/falcosidekick/pull/387))
 
 #### Enhancement
 - `SMTP` output now uses any SASL auth mechanism ([PR#341](https://github.com/falcosecurity/falcosidekick/pull/341) thanks to [@Lowaiz](https://github.com/Lowaiz))
-- Bind `Policy Reports` to Namespace by `ownerReference` ([PR#346](https://github.com/falcosecurity/falcosidekick/pull/346)
+- Bind `Policy Reports` to Namespace by `ownerReference` ([PR#346](https://github.com/falcosecurity/falcosidekick/pull/346))
 - Add extra labels and annotations for `AlertManager` payloads ([PR#347](https://github.com/falcosecurity/falcosidekick/pull/347) thanks to [@Lowaiz](https://github.com/Lowaiz))
-- Update default type for `Elasticsearch` documents ([PR#349](https://github.com/falcosecurity/falcosidekick/pull/349)
-- Support env vars in custom fields ([PR#353](https://github.com/falcosecurity/falcosidekick/pull/353)
-- Update format + default endpoint for `Loki` output ([PR#356](https://github.com/falcosecurity/falcosidekick/pull/356)
-- Determine resource names + owner ref for `Policy Reports` ([PR#358](https://github.com/falcosecurity/falcosidekick/pull/358)
-- Update `Influxdb` output to use API Token and /api/v2 endpoint ([PR#359](https://github.com/falcosecurity/falcosidekick/pull/359)
-- Allow to override the `Slack` channel ([PR#366](https://github.com/falcosecurity/falcosidekick/pull/366)
-- Add From, To and Date headers in `SMTP` payload ([PR#364](https://github.com/falcosecurity/falcosidekick/pull/364)
-- Improve the check of the payload from `Falco`, it allows now to have an empty output ([PR#372](https://github.com/falcosecurity/falcosidekick/pull/372)
+- Update default type for `Elasticsearch` documents ([PR#349](https://github.com/falcosecurity/falcosidekick/pull/349))
+- Support env vars in custom fields ([PR#353](https://github.com/falcosecurity/falcosidekick/pull/353))
+- Update format + default endpoint for `Loki` output ([PR#356](https://github.com/falcosecurity/falcosidekick/pull/356))
+- Determine resource names + owner ref for `Policy Reports` ([PR#358](https://github.com/falcosecurity/falcosidekick/pull/358))
+- Update `Influxdb` output to use API Token and /api/v2 endpoint ([PR#359](https://github.com/falcosecurity/falcosidekick/pull/359))
+- Allow to override the `Slack` channel ([PR#366](https://github.com/falcosecurity/falcosidekick/pull/366))
+- Add From, To and Date headers in `SMTP` payload ([PR#364](https://github.com/falcosecurity/falcosidekick/pull/364))
+- Improve the check of the payload from `Falco`, it allows now to have an empty output ([PR#372](https://github.com/falcosecurity/falcosidekick/pull/372))
 - Allow to set user and api key for `Loki` output for `Grafana Logs` ([PR#379](https://github.com/falcosecurity/falcosidekick/pull/379)
 - Add `hostname` in json payload for all outputs ([PR#383](https://github.com/falcosecurity/falcosidekick/pull/383) thanks to [@Lowaiz](https://github.com/Lowaiz))
 - Add SASL authentication for `Kafka` output ([PR#385](https://github.com/falcosecurity/falcosidekick/pull/385) thanks to [@Lowaiz](https://github.com/Lowaiz)) and [@lyoung-confluent](https://github.com/lyoung-confluent))
-- Support CEF format for `Syslog` output ([PR#386](https://github.com/falcosecurity/falcosidekick/pull/386)
-- Allow to disable STS check for `AWS` output ([PR#387](https://github.com/falcosecurity/falcosidekick/pull/387)
+- Support CEF format for `Syslog` output ([PR#386](https://github.com/falcosecurity/falcosidekick/pull/386))
+- Allow to disable STS check for `AWS` output ([PR#387](https://github.com/falcosecurity/falcosidekick/pull/387))
 
 #### Fix
 - Fix `priority` label was replaced by `source` in `AlertManager` payload ([PR#340](https://github.com/falcosecurity/falcosidekick/pull/340) thanks to [@tks98](https://github.com/tks98))
-- Fix missing cert checks + fix inverted logic to use them in codebase ([PR#345](https://github.com/falcosecurity/falcosidekick/pull/345) 
+- Fix missing cert checks + fix inverted logic to use them in codebase ([PR#345](https://github.com/falcosecurity/falcosidekick/pull/345))
 - Fix race condition when headers are added to POST requests ([PR#380](https://github.com/falcosecurity/falcosidekick/pull/380) thanks to [@bc-sb](https://github.com/bc-sb))
 
 ## 2.26.0 - 2022-06-18