Changelog
- Fix errors when misc data does not exist
* Added response module
* Added 16 query commands
* webfront-system-status
* webfront-system-time
* webfront-users
* webfront-ip-blocklist
* webfront-block-ip
* webfront-block-ip-batch
* webfront-unblock-ip
* webfront-unblock-ip-batch
* webfront-performance-license
* webfront-warranty-license
* webfront-programs
* webfront-signatures
* webfront-signature-version
* webfront-url-regex-signatures
* webfront-add-url-regex-signature
* webfront-remove-url-regex-signature
First Release
- HubSpot audit logger, login logger and dashboard
Changes
- Add hack_count field to intrusion detection logs
First Release
- FortiWeb log parser, log schemas, logger model, dashboard
Firest release
- Defender for Endpoint alert logger and logger model
- Host and Alert dashboards
- Extended query commands for machines and alerts
First Release
- DDEI log parser, log schemas, logger model, dashboard
First Release
- DDAN log parser, log schemas, logger model, dashboard.
First release
- DDI log parser, log schemas, logger model, Threat and File Analysis dashboards
Changes
- Add support for setting timeout for Rest API (use connection profile option)
Changes
- Resolve parsing errors due to unspecified Syslog PRI part range
First release
- Log parser, log schemas, logger model, and dashboard
- Normalized message codes
* ivanti-vpn-login: AUT24414, AUT31985, AUT22673
* ivanti-vpn-auth: AUT32033, AUT31829, AUT22886, AUT24326, AUT32051, AUT24327, AUT22927
* ivanti-vpn-tunnel: NWC30477, NWC23464, NWC23465, NWC30993, NWC23508, NWC32164, NWC32185, NWC32001, NWC24328, ERR24670, ERR31271
* ivanti-vpn-host-checker: AUT24803, AUT31984
Improvements
- Support for event logs in firmware 2.1.21 log format with headers removed (mds-event)
First release
- v3.0.8 or above
- Darktrace log parser, log schema, logger model, and dashboard
Changes
- Improved parser to correct CEF format inconsistencies (missing escapes) in EDR_POWER_SHELL logs to be parsed
Improvements
- Supports log formats with yyyyMMddHHmmss prefixed to the <PRI> part
- Collect and parse DDoS logs.
Changelog
- Fixed parsing errors in Giga units for byte, packet related fields
- Normalized action field's value.
- Added wildcard to table namespace of dataset.
Changelog
- Added 382 new website category and subcategory codes.
- Removed sc_bytes, added msg_len from OfficeGuard log schema.
First release
- Support log parser, 4 log schemas, logger model, and dashboard for DBSAFER DB.
First release
- Support AIRTMS log parser, log schemas, logger model, and dashboard.