Experimental

Bug Fixes

• Fixed an issue where using log command in subqueries caused a NullPointerException.
• Removed explain command that had been moved to the query optimizer app, resolving conflicts with the query optimizer app.

sonar sync commands improvements

• Added locale input to the sonar-sync-employees command
• Fixed an NPE issue 발생 when dept_code is empty
• Improved error cause reporting

Fixed compatibility issues in the sonar-users command

Changed ordinal of log command rewriting planner.

Add query commands and functions

• Add top and rare commands
• Add filter function

Query Optimization Bug Fixes

• Support for wildcards during table and full-text conversion
• Ensuring semantic equivalence when converting null comparison using the fulltext command
• Compatibility ensured up to Logpresso Sonar version 4.0.2409.0

Query Optimization

• Automatically converts table | search commands to a fulltext command
• Automatically converts log | search commands to a single log command

Misc.

• Renames the query_string field in sonar-stream-rules output fields to query field
• Requires Logpresso Sonar 4.0.2507.0 or higher

Added Log Schema and Collector Management Commands

• log: Search logs based on schema, model, or collector (supports raw search, aliasing, and subqueries)
• sonar-log-schemas: Retrieve a list of log schemas
• sonar-log-schema-fields: Retrieve log schema fields
• sonar-loggers: Retrieve a list of collectors
• sonar-logger-models: Retrieve a list of collection models

Added SSL Certificate Management Commands

• sonar-check-cert-batch: Batch verification of SSL certificates

Added Address Group and Blocking Integration Management Commands

• sonar-address-groups: Retrieve a list of address groups
• sonar-address-objects: Retrieve address objects
• sonar-remove-address-batch: Batch deletion of address objects
• sonar-response-targets: Retrieve a list of response targets
• sonar-response-models: Retrieve a list of response models

Added Detection Rule Management Commands

• sonar-stream-rules: Enumerate real-time detection rules
• sonar-batch-rules: Enumerate batch detection rules
• sonar-add-stream-rule-command-batch: Batch addition of real-time rule commands
• sonar-update-stream-rule-command-batch: Batch modification of real-time rule commands
• sonar-delete-stream-rule-command-batch: Batch deletion of real-time rule commands
• sonar-update-batch-rule-query-batch: Batch modification of batch rule queries

Added App Management Commands

• sonar-apps: Retrieve a list of apps

Bug fix

• Fixed a recursive reference issue that could cause high system load in the sonar-departments query command.

New features

• Added sonar-indicators query command
• Added syslog query command

Support create, enable loggers query commands

• sonar-create-loggers
• sonar-enable-loggers

Support dashboard, widget, and dataset clone query commands

• sonar-dashboards
• sonar-widgets
• sonar-datasets
• sonar-clone-dashboards
• sonar-clone-widgets
• sonar-clone-datasets

Improvements

• Added ticket webhook logger.
• Added SAML2 integration
• Added sonar-verify-query command

Support boot logging and lookup related query commands.

• sonar-boot-logs
• sonar-insert-lookup-records
• sonar-delete-lookup-records

Added HR database sync commands.

• sonar-departments
• sonar-employees
• sonar-sync-departments
• sonar-sync-employees
• sonar-sync-bosses