Logpresso Store

1.0.2606.0 2026-06-26 16:16

First Release - Add FOCS firewall and application lookup commands - Add FOCS malicious IP lookup, add, and delete commands

Azure Network Watcher

1.1.2606.0 2026-06-24 17:21

Adds VNet flow logs(v4) support and new query commands

Experimental

1.12.2602.3 2026-06-18 19:48

Bug fix - Fix missing login name mapping in sonar-sync-employees command - Add user_guid to output fields in sonar-employees command

TMAXSOFT JEUS

1.0.2606.0 2026-06-17 13:44

First Release - Provides a parser, File/SFTP logger model, log schema and dashboard for TmaxSoft JEUS Access logs.

SNIPER APTX

1.0.2606.0 2026-06-12 17:15

First Release - Provides a parser, logger model, log schema and dashboard for SNIPER APTX logs - Supported log type : System Status Information(5), File Analysis Logs(7), Network Detection Events(9), Ransomware Detection(10), File Detection(11)

FortiGate

1.4.2606.1 2026-06-12 16:17

Improved log schema rules in logger model - Added `type` condition to `IPSEC` and `SSL VPN` rules - Refined stream query to `Unknown` rule

TACHYON Total Security

1.0.2606.0 2026-06-11 10:40

First Release - Provides a parser, logger model, log schema and dashboard for TACHYON Total Security 4.0 logs - Supported category(Server, Agent, DeviceControl, SelfProtection)

SECUI MFD

1.2.2310.1 2026-06-09 14:12

Fix parser logic - Implemented 31 fields from the RAW log

CTILab DTI

1.0.2606.0 2026-06-08 14:21

First Release - Provides a parser, logger model and log schema for CTILab DTI Anomaly, Auto Profiling syslog messages.

Experimental

1.12.2602.2 2026-06-05 15:04

Bug fixes and improvements for employee, department, and boss sync commands - Common: Expanded required permission to company admin level and above; improved input error handling - `sonar-sync-employees`: Fixed an issue where the query would not terminate when there are no employees to deactivate - `sonar-sync-departments`: Departments with no changes are now included in the output (action=skip) - `sonar-sync-bosses`: Department leads with no changes are now included in dry run output (action=skip)

AhnLab XTG

1.0.2606.0 2026-06-04 12:35

First Release - Supported parsers and collection models for 37 AhnLab XTG log types - Added 35 log schemas

FortiGate

1.4.2606.0 2026-06-01 19:08

Enhancements - Added `fortigate-virus` log schema - Added `fortigate-webfilter` log schema Bug Fixes - Improved `action` field normalization in traffic logs: map `accept` to `PERMIT` - Added wildcard support to dataset query table names

AbuseIPDB

1.4.2606.0 2026-06-01 17:41

Feature Improvements - Fix error in converting last_report - Fix missing usage_type field error - Enhance handling of empty hostname values - Improve error message display for query results

CHAEWOOL UTMP

1.0.2605.0 2026-05-27 15:58

First release - Provides a dedicated logger model, schema and dashboard for CHAEWOOL UTMP logs.

Palo Alto Networks NGFW

1.7.2605.1 2026-05-27 14:42

Feature Modifications - Dynamic Address Group Updates: * Renamed query commands. - paloalto-ngfw-register-ip -> paloalto-ngfw-add-dynamic-address - paloalto-ngfw-unregister-ip -> paloalto-ngfw-remove-dynamic-address - paloalto-ngfw-registered-ips -> paloalto-ngfw-dynamic-addresses - paloalto-ngfw-register-ip-batch -> paloalto-ngfw-add-dynamic-address-batch - paloalto-ngfw-unregister-ip-batch -> paloalto-ngfw-remove-dynamic-address-batch - Added validation for single tag registration. - External SSH Connection Detection: * Updated the rule query.