Release History

View all app release history.

SECUI MFD
1.2.2310.1 2026-06-09 14:12
Fix parser logic - Implemented 31 fields from the RAW log
CTILab DTI
1.0.2606.0 2026-06-08 14:21
First Release - Provides a parser, logger model and log schema for CTILab DTI Anomaly, Auto Profiling syslog messages.
Experimental
1.12.2602.2 2026-06-05 15:04
Bug fixes and improvements for employee, department, and boss sync commands - Common: Expanded required permission to company admin level and above; improved input error handling - `sonar-sync-employees`: Fixed an issue where the query would not terminate when there are no employees to deactivate - `sonar-sync-departments`: Departments with no changes are now included in the output (action=skip) - `sonar-sync-bosses`: Department leads with no changes are now included in dry run output (action=skip)
AhnLab XTG
1.0.2606.0 2026-06-04 12:35
First Release - Supported parsers and collection models for 37 AhnLab XTG log types - Added 35 log schemas
FortiGate
1.4.2606.0 2026-06-01 19:08
Enhancements - Added `fortigate-virus` log schema - Added `fortigate-webfilter` log schema Bug Fixes - Improved `action` field normalization in traffic logs: map `accept` to `PERMIT` - Added wildcard support to dataset query table names
AbuseIPDB
1.4.2606.0 2026-06-01 17:41
Feature Improvements - Fix error in converting last_report - Fix missing usage_type field error - Enhance handling of empty hostname values - Improve error message display for query results
CHAEWOOL UTMP
1.0.2605.0 2026-05-27 15:58
First release - Provides a dedicated logger model, schema and dashboard for CHAEWOOL UTMP logs.
Palo Alto Networks NGFW
1.7.2605.1 2026-05-27 14:42
Feature Modifications - Dynamic Address Group Updates: * Renamed query commands. - paloalto-ngfw-register-ip -> paloalto-ngfw-add-dynamic-address - paloalto-ngfw-unregister-ip -> paloalto-ngfw-remove-dynamic-address - paloalto-ngfw-registered-ips -> paloalto-ngfw-dynamic-addresses - paloalto-ngfw-register-ip-batch -> paloalto-ngfw-add-dynamic-address-batch - paloalto-ngfw-unregister-ip-batch -> paloalto-ngfw-remove-dynamic-address-batch - Added validation for single tag registration. - External SSH Connection Detection: * Updated the rule query.
TESS TMS
1.0.2605.0 2026-05-26 18:39
First Release - provides a dedicated log parser, logger model, and dashboard for KORNIC GLORY TESS TMS logs.
Cisco FTD
1.1.2605.0 2026-05-26 11:58
Add parsing support for new message codes - Severity6 (Info): 111009 - Severity7 (Debug): 302015, 302016, 302020, 302021
Cisco Firepower
1.1.2605.0 2026-05-26 11:50
Add new fields to `Cisco Firepower Session` schema
Trellix Malware Analysis
1.0.2605.0 2026-05-22 15:10
First Release - Provides a parser, logger model, and log schema for Trellix Malware Analysis sandbox-based alerts.
AhnLab CPP
1.0.2310.3 2026-05-22 11:38
Rename `HIPS_FW` log schema code - CPP Host Firewall(`cpp-hips-fw`) -> CPP Session(`cpp-session`)
Okta
1.2.2605.0 2026-05-21 20:35
Feature Improvements - Add output fields (type, credentials, okta_profile) to the okta-users command - Add device information output field to the okta-system-logs command - Improved compatibility for sonar 4.0 installation; SSO functionality requires Logpresso Sonar 5.0.2605.0 or higher. - Improve parsing stability for device-related information
Okta
1.1.2604.1 2026-05-20 15:12
Feature Update (Requires **Logpresso Sonar version 5.0.2605.0** or higher) - Changed the provider identifier key from id to code.
Okta
1.1.2604.0 2026-05-20 15:12
Feature Enhancement (Requires **Logpresso Sonar version 5.0.2603.0**) - Added support for Okta SAML 2.0 Single Sign-On (SSO)
AhnLab EPP
1.4.2605.0 2026-05-20 14:08
Parser Improvements - Added 6 CEF Log Types: - EDR_ALERT_DETECT, EDR_INOUT_FLOW, APRM_AGENT_EVENT, APRM_PRIVACY_INFO_EVENT, APRM_PRIVACY_LEAKAGE_EVENT, APRM_PRINT_EVENT - Added 16 JSON Log Types: - AGENT_CONNECTION_STATUS_EVENT, AGENT_EVENT, AGENT_HW_ALL, AGENT_INSTALL_PKG_EVENT, AGENT_SW_ALL, AGENT_TASK_STATUS, APM_AGENT_EVENT, APM_PATCH, APM_SW, AUDIT_EVENT, PATCH_UPDATE_EVENT, PKG_DIST_EVENT, SERVICE_EVENT, UPDATE_EVENT, V3_INTERNET, V3_SCAN, V3_SUP - Improved MAC address normalization - Enhanced performance for time value/timestamp processing - Added array handling for log_string_args - Improved file path escape handling - Resolved type conversion errors in code mappings Query Command Improvements - Added Query Commands and Enhanced Options: - ahnlab-epp-query: Interface ID-based DB query lookup (New) - ahnlab-epp-nodes: Added interface-id option (Modified) - ahnlab-epp-match-node: Added interface-id option (Modified) - ahnlab-epp-search-file-result: Added interface-id option and improved error response handling (Modified) - Added timeout settings - Improved resource cleanup logic - Enhanced error handling logging Schema / Model / Resource Improvements - Added 6 new log schemas and applied them to the collection model - Added APrM-related log templates
Cisco FTD
1.0.2605.0 2026-05-19 17:30
First Release - Provides a parser, logger model for Cisco Secure Firewall Threat Defense syslog messages. - Supports Messages: - Severity2 (Critical): 106007, 106017 - Severity3 (Error): 106014 and 5 others - Severity4 (Warning): 113019 and 10 others - Severity5 (Notification): 109201 and 20 others - Severity6 (Info): 110002 and 30 others
Cisco Firepower
1.0.2605.0 2026-05-19 17:06
First Release - Provides a parser, logger model and log schema for Cisco Firepower syslog messages.
SecuwaySSL
1.2.2605.0 2026-05-18 14:18
Enhancements - Supports parsing and log schema for `block_log` of U 2.1 model - Added `unknown` in the logger model