Release History

First release - Added Tgate log parser, log schema, logger model, and dashboard

Stellar Cyber alert logger, log schema, logger model, dashboard.

Add HTTP proxy support

Added CRITICAL_ACTION monitoring dashboard - Download (EXPORT), create (CREATE), modify (UPDATE), and delete (DELETE) actions

Support Azure DevOps audit logger model, log schema, dashboard.

Added Splunk HEC logger.

Ehhanced XSS, XXE, double encoding feature detection of ml-scan-http-request command.

kakaowork-send-msg extended command improvements * Added support for multiple emails to email option * Added conversation-name option (to set chat room name) * Added conversation-id option (to send a message to an existing chat room)

Add comment extend command - Added agit-comment extend command to register comments on original posts

First release - REST API based loggers, log schemas, query commands, dashboards, and detection rules. - Support antivirus scan, antivirus alerts, web filter, ransomware execution, ransomware file access logs.

Improved error when a CEF field has an empty value that requires casting

Support for two additional log types - SYSTEM - NETWORK Improved parsing failures due to difference in delimiter space count

First release - Support dedicated log parser, logger model, and dahsboard.

Support Azure Front Door integration. - Dedicated log parser, logger model, and dashboards.

First release - Dedicated log parser, log schemas, logger model, and dashboard - Extended query commands for eWalker WAF device

Fixed audit log collection delays due to Link header parsing failures.

Expanded AWS WAF collection fields and added concise option. Added support for Organization ID on AWS S3 log path.

Fix ECS normalization typemapping error

Add supported log types (log format) - EDR_V3_DETECT (CEF) - EDR_AGENT_EVENT (CEF) - EDR_OS_EVENT (CEF) - AGENT_TASK_STATUS (CEF) - AGENT_SW_ALL (CEF) - AGENT_HW_ALL (CEF) - SERVICE_EVENT (JSON) - AUDIT_EVENT (JSON) - ESA_EVENT (JSON) - V3_MALWARE (JSON) - Add fields Support for profile parameter in EPP extended query commands

Support New Logger and dashboard - AWS SQS logger - AWS Shield Advanced logger - AWS Aurora with Database Activity Streams log integration - AWS Shield, Aurora DB Activity dashboards