Release History

First release * Dedicated parser (supports log format config) * Logger model * Access log dashboard

Bug patch * Fixed feed sync issue due to time range filtering when querying MISP attributes.

Added parsers, log schemas, dashboards. * High performance log parser * Log Schemas * BLUEMAX NGF HA Status * BLUEMAX NGF HA Traffic Statistics * BLUEMAX NGF Interface Statistics * BLUEMAX NGF NAT Rule Statistics * BLUEMAX NGF NAT Traffic Statistics * BLUEMAX NGF Performance * BLUEMAX NGF Rule Statistics * BLUEMAX NGF Traffic Statistics * Traffic, Performance, HA dashboards

First release * Provides a parser, logger model, and dashboard

Added IP request dashboard and query command. * genian-nac-ip-requests

First Release Support parser for 23 log formats - Supported message codes: 106015, 106021, 106023, 106100, 302013, 302014, 302015, 302016, 302020, 302021, 305006, 305011, 305012, 313005, 410001, 500004, 605005, 710002, 710003, 710005, 710006, 725002, 725016

First release - Support for a proprietary collector to receive Web Insight TCP syslogs. - Support v3, v4.1, v5.0 log formats.

First release. Provides the Pub/Sub logger and the following commands: * gcp-pubsub-messages * gcp-pubsub-publish

Added commands for [NGFCTI TAXII API](https://ngfcti.kfisac.or.kr/assets/API/index.html). * ngfcti-advisories - Get security advisories from NGFCTI service. * ngfcti-alerts - Get alerts from NGFCTI service. * ngfcti-crisis-alerts - Get crisis alerts from NGFCTI service. * ngfcti-emergencies - Get emergency alerts from NGFCTI service. * ngfcti-fsc-notices - Get financial service commission notices from NGFCTI service. * ngfcti-ip-watchlist - Get IP watchlist from NGFCTI service. * ngfcti-malware-urls - Get malware deployment URLs from NGFCTI service. * ngfcti-news - Get security news from NGFCTI service. * ngfcti-phishing-urls - Get phishing URLs from NGFCTI service. * ngfcti-threat-reports - Get threat reports from NGFCTI service.

First Release - Tested against Check Point Gaia version R80.10 - Support for OPSEC LEA-based remote firewall log collection - Support for SSLCA and Clear authentication modes

First release. Support following query commands and threat intelligence feeds. * misp-attributes * misp-events Works on Logpresso Sonar 4.0.2306.0 or above.

Fixed a bug where the ncloud-monthly-costs-by-contract command would fail due to an null defaultAmount value.

First release * jira-audit-logs command

First release * Version: Quadminers Network Blackbox 3.3.6 or above * Parser: support session, meta, packet rule, content file, CPU, NIC log types * Query Commands * nbb-content: Get content body. * nbb-contents: Get contents. * nbb-custom-alerts: Get custom alerts. * nbb-custom-rules: Get custom rules. * nbb-download-file: Download content file. * nbb-download-pcap: Download PCAP file. * nbb-packets: Get packets for specified session. * nbb-sessions: Get sessions. * nbb-suricata-alerts: Get suricata alerts. * nbb-suricata-rules: Get suricata rules.

First release. Supports the following extended commands: - ngfcti-ip-addresses - ngfcti-files - ngfcti-urls - ngfcti-domains

New command: * abuseipdb-check-ip-batch

Changes * Added idle timeout option for BLUEMAX NGF session. * Added expiration period option for BLUEMAX blacklist registration. * Fixed concurrency error when executing multiple BLUEMAX NGF commands at the same time.

First release. Support following commands: * google-workspace-users * google-workspace-domains * google-workspace-drive-logs * google-workspace-meet-logs * google-workspace-oauth-logs

First release. Support following commands: * notion-users * notion-pages * notion-blocks * notion-blocks-batch

Added missing output fields: * Added missing output fields to bluemax-ngf-add-blacklist-rule command. * Added profile field to output of bluemax-ngf-blacklist-rules command. * Added profile field to output of bluemax-ngf-system-time command. * Added profile field to output of bluemax-ngf-system-info command.