Fixed OSGi Export-Package manifest for Splunk package.
First release
- Support Zero Trust Alarm log parser, log schema, logger model, and dashboard
Bug fix
- Fixed HTTP Proxy not working
- Fixed criminal-ip-asm-groups command error when result is empty
Fix: File Size Unit Handling Error
- Resolved an issue where the logger failed to operate correctly when an invalid file size unit was included in the collected data.
Fix: Connect Profile Creation Error
: Resolved an issue where the connect profile could not be created when the **Authentication Algorithm** was not specified. Additionally, the **None** option has been removed from the Authentication Algorithm dropdown and **SCRAM‑SHA‑256** is now used as the default.
First release
- Use Mongo Java Sync Driver v5.2.1
* Support Mongo v4.0 to v8.0
* [https://www.mongodb.com/ko-kr/docs/drivers/java/sync/current/compatibility/](https://www.mongodb.com/ko-kr/docs/drivers/java/sync/current/compatibility/#compatibility-table-legend)
- Support 6 query commands.
* mongodb-dbs, mongodb-cols, mongodb-docs, mongodb-insert-batch, mongodb-update-batch, mongodb-delete-batch
* Up to 20x performance improvement with batchsize option support for insert, update, and delete operations
Bug fix
- Fixed a recursive reference issue that could cause high system load in the sonar-departments query command.
Bug fix
* Added Major Version option to Fortigate Connect profile
* Fixed fortigate-src-stats, fortigate-dst-stats commands having no result
* Added device option for fortigate-src-stats, fortigate-dst-stats commands
* Fixed NPE error when there are no query results for fortigate-add-address, fortigate-detected-devices command
First release
- Support datadog-logs query command.
First release
- Support dedicated log parser, log scheams, logger model and dashboards for Cisco Meraki appliances
First release
- Tested on ISEMS S-check v3.0
- Support log schemas, extended query commands, and dashboards
Support 22 query commands and automated response model - Tested on V5.0.2_2h build 4753
* aiwaf-system-status
* aiwaf-users
* aiwaf-commit-changes
* aiwaf-revert-changes
* aiwaf-user-defined-rules
* aiwaf-ip-blacklist-rules
* aiwaf-ip-whitelist-rules
* aiwaf-ip-block-pages
* aiwaf-add-ip-blacklist-rule
* aiwaf-remove-ip-blacklist-rule
* aiwaf-add-ip-whitelist-rule
* aiwaf-remove-ip-whitelist-rule
* aiwaf-add-ip-blacklist-item
* aiwaf-remove-ip-blacklist-item
* aiwaf-add-ip-whitelist-item
* aiwaf-remove-ip-whitelist-item
* aiwaf-add-ip-blacklist-item-batch
* aiwaf-remove-ip-blacklist-item-batch
* aiwaf-add-ip-whitelist-item-batch
* aiwaf-remove-ip-whitelist-item-batch
* aiwaf-add-user-defined-rule
* aiwaf-remove-user-defined-rule
First release
- Support fraud account search command
- Support fraud phone search command
First release
- Support Juniper SSG dedicated log parser, log schemas, logger models, and dashboards
First release
- Support Juniper SRX dedicated log parser, log schemas, logger models, and dashboards
Changelog
- Added support for CloudFront-scope response targets via AWS WAF. Select Cloudfront in region dropbox in AWS WAF target response screen. (Empty value cannot be applied)
- Added support for CloudFront in AWS WAF related commands by using region=cloudfront option.
Support VPC Endpoint for AWS cloudwatch metrics, stats query.
First release
- Support dedicated log parser, log schema, logger model, dashboard, and detection rule.
New features
- Added sonar-indicators query command
- Added syslog query command
Improvements
- Support AWS VPC Endpoint
- Support AWS Network Firewall logs
- Support AWS CloudWatch VPC Flow custom log format
- Support AWS STS authentication
- Added log start/end regex option to AWS S3 Daily Directory watcher
- AWS S3 Daily Directory Watcher can now collect logs when some target paths contain OID and some target paths don't contain OID
- Added Date regex option for AWS S3 Daily Directory Watcher
- Support Playbook execution for AWS app commands