Releases
|
1.2.2410.1
Improved error when a CEF field has an empty value that requires casting
logpresso-ahnlab-epp-1.2.2410.1.app (229,181 bytes)
Nov 11, 2024, 4:31:55 PM
1.2.2410.0
Add supported log types (log format)
- EDR_V3_DETECT (CEF)
- EDR_AGENT_EVENT (CEF)
- EDR_OS_EVENT (CEF)
- AGENT_TASK_STATUS (CEF)
- AGENT_SW_ALL (CEF)
- AGENT_HW_ALL (CEF)
- SERVICE_EVENT (JSON)
- AUDIT_EVENT (JSON)
- ESA_EVENT (JSON)
- V3_MALWARE (JSON) - Add fields
Support for profile parameter in EPP extended query commands
logpresso-ahnlab-epp-1.2.2410.0.app (229,144 bytes)
Oct 21, 2024, 8:57:48 PM
1.1.2311.1
Changes
- Improved parser to correct CEF format inconsistencies (missing escapes) in EDR_POWER_SHELL logs to be parsed
logpresso-ahnlab-epp-1.1.2311.1.app (218,836 bytes)
Mar 5, 2024, 12:51:05 AM
1.1.2311.0
Added parser, logger model, and dashboard.
- Support EPP 1.0.14 version.
logpresso-ahnlab-epp-1.1.2311.0.app (217,654 bytes)
Nov 27, 2023, 4:53:41 PM
1.0.2205.0
First release. Support following commands:
- ahnlab-epp-ack-unknown
- ahnlab-epp-block-network-result
- ahnlab-epp-collect-ahnreport-result
- ahnlab-epp-collect-file-result
- ahnlab-epp-match-node
- ahnlab-epp-nodes
- ahnlab-epp-search-file-result
- ahnlab-epp-start-block-network
- ahnlab-epp-start-collect-ahnreport
- ahnlab-epp-start-collect-file
- ahnlab-epp-start-search-file
- ahnlab-epp-start-unblock-network
- ahnlab-epp-start-v3-scan
- ahnlab-epp-tasks
- ahnlab-epp-unblock-network-result
- ahnlab-epp-unknown-behaviors
- ahnlab-epp-unknown-detail
- ahnlab-epp-unknowns
- ahnlab-epp-v3-scan-result
logpresso-ahnlab-epp-1.0.2205.0.app (118,826 bytes)
May 22, 2022, 8:35:15 PM