Changelog
- Added support for V3_MALWARE logs
- Added schema for unknown, HIPS_FW logs
First release
Changelog
- Added log_type field
- Improved WEBFRONT Audit log parsing
Add parser support and log schema for 6 new log types:
- Group VPN Tunnel Statistics
- IPsec Events
- IPsec Per-Line Statistics
- IPsec Tunnel Statistics
- IPsec Tunnel Status
- IPsec Per-Tunnel Statistics
First release
First release
Added Web Search functionality and connection profile options.
- Added a web-search option to the chatgpt-ask and chatgpt-ask-batch commands
- Fixed an error where the `chatgpt-audit-logs` extension command profile could not be specified
- Added support for configuring allowed web search domains in connection profiles (up to 100 domains)
- Added support for selecting the GPT-5.4 model in connection profiles
Feature Improvements
- Added blocking integration functionality
- Added support for AhnLab TrusGuard API access profiles
- Added the `trusguard-blacklist-rules` command to query blacklist rules
- Added the `trusguard-add-blacklist-rule` command to add blacklist rules
- Added the `trusguard-update-blacklist-rule` command to modify blacklist rules
- Added `trusguard-remove-blacklist-rule` command to delete blacklist rules
- Added `trusguard-blacklist-files` command to list blacklisted files
- Added `trusguard-remove-blacklist-file` command to delete blacklisted files
- Added `trusguard-ipv4-addresses` command to list IPv4 address objects
- Added `trusguard-add-ipv4-address` command to add an IPv4 address object
- Added `trusguard-update-ipv4-address` command to update an IPv4 address object
- Added `trusguard-remove-ipv4-address` command to delete an IPv4 address object
- Added `trusguard-ipv4-address-groups` command to query IPv4 address groups
- Added `trusguard-add-ipv4-address-group` command to add IPv4 address groups
- Added `trusguard-update-ipv4-address-group` command to update IPv4 address groups
- Added `trusguard-remove-ipv4-address-group` command to delete an IPv4 address group
- Added `trusguard-policies` command to list policies
- Added `trusguard-commit` command to commit configuration changes
First release
- Support for Akamai Guardicore collection models, parsers, and 5 types of log schemas
Changelog
- Supports v2.0.11 firmware
- Added support for following log types
- 3013 Interface(Ethernet)
- 3014 Interface(Bridge)
- 3241 Global Protocol Anomaly Rule Block
- 3251 Region Based Filter Block
- 3300, 3310, 3320, 3330, 3340, 3350, 3360, 3370, 3380, 3390, 3400, 3410, 3420, 3430, 3440, 3450, 3460, 3470 Filter Stats
- 3461 Anti-Spoofing(NXDomain) Filter Block
- 3462 Anti-Spoofing(NXDomain) Filter Allow
- 3471 Anti-Spoofing(UDP) Filter Block
- 3472 Anti-Spoofing(UDP) Filter Allow
- 3500 NMS Audit
- 3501 NMS Performance
- Added log schema
- dpx-alert
- dpx-filter-stats
- dpx-iface-bridge
- dpx-iface-ethernet
- dpx-system-perf
- Added **Unknown stream** to logger model
- Added **Filter Stats** dashboard
API Endpoint Migration
- Removed integration features for portal.quaxar.io
HTTP Proxy Support & Profile Options
- Added support for HTTP Proxy and new profile configuration options
New Commands
TAP Related:
- quaxar-threat-actors
- quaxar-threat-actor-indicators
- quaxar-threat-actor-malwares
- quaxar-threat-actor-tools
- quaxar-threat-actor-ttps
- quaxar-threat-actor-vulnerabilities
- quaxar-threat-actor-reports
- batch command
Report Related:
- quaxar-threat-reports
- quaxar-indicator-reports
- (Current API method) quaxar-talon-reports
- (Current API method) quaxar-vulnerability-reports
SIGV Related:
- quaxar-snort
- quaxar-yara-rules
Removed Incompatible Commands & Dashboards
- quaxar-attack-surface-reports
- quaxar-exposed-services
- quaxar-exposure-service-stats
- quaxar-exposure-trends
- quaxar-open-indicators
- quaxar-security-news
Bug Fixes
Fixed an issue where the days option in the quaxar-recent-indicators command was not functioning
Added response validation for API Key errors, Server errors, and other exceptions
Migrated Attack Surface Intelligence features to SecurityTrails app.
Added SecurityTrails Attack Surface Intelligence integration
Changelog
- Added Exosphere Web Control Logger
- Added exosp-webcontrol-logs command
First release
- Event logger and dashboard
Remove unnecessary rule object, 'tip test'.
Bug Fix
- Skip hostname verification when SSL certificate validation is disabled
First release
- Support slide report generation
#### Key Features
- Secure credential management via connect profiles (no credentials exposed in queries)
- Auth types: Bearer, Basic, custom header, None
- All HTTP methods including PATCH, HEAD, OPTIONS
- `brex`/`erex` multiline streaming for large responses
- Auto body assembly in batch commands
#### Query Commands (12)
Driver commands (7):
- `http-get` - Send HTTP GET request.
- `http-post` - Send HTTP POST request.
- `http-put` - Send HTTP PUT request.
- `http-patch` - Send HTTP PATCH request.
- `http-delete` - Send HTTP DELETE request.
- `http-head` - Send HTTP HEAD request.
- `http-options` - Send HTTP OPTIONS request.
Batch commands (5):
- `http-get-batch` - Send HTTP GET requests for each input row.
- `http-post-batch` - Send HTTP POST requests for each input row.
- `http-put-batch` - Send HTTP PUT requests for each input row.
- `http-patch-batch` - Send HTTP PATCH requests for each input row.
- `http-delete-batch` - Send HTTP DELETE requests for each input row.
New Feature
- Rule export/import support in the /rule-exchange path