Firest release
- Tested on v3.1.21_250823
Support 2 detection rules
- ML rule app is required.
- High-Risk Web Exploit Detection (T1190)
- Web Scanning Detection (T1595.002)
Added chatgpt-audit-logs query command.
Changelog
- Fixed an issue where, if the last character in a custom parser format string was a separator, it was incorrectly included in the parse result.
- Enabled time filtering for eWalker SWG widgets.
- Added support for unknown schemas in the eWalker SWG logger model.
Fixed OSGi Export-Package manifest for Splunk package.
First release
- Support Zero Trust Alarm log parser, log schema, logger model, and dashboard
Bug fix
- Fixed HTTP Proxy not working
- Fixed criminal-ip-asm-groups command error when result is empty
Fix: File Size Unit Handling Error
- Resolved an issue where the logger failed to operate correctly when an invalid file size unit was included in the collected data.
Fix: Connect Profile Creation Error
: Resolved an issue where the connect profile could not be created when the **Authentication Algorithm** was not specified. Additionally, the **None** option has been removed from the Authentication Algorithm dropdown and **SCRAM‑SHA‑256** is now used as the default.
First release
- Use Mongo Java Sync Driver v5.2.1
* Support Mongo v4.0 to v8.0
* [https://www.mongodb.com/ko-kr/docs/drivers/java/sync/current/compatibility/](https://www.mongodb.com/ko-kr/docs/drivers/java/sync/current/compatibility/#compatibility-table-legend)
- Support 6 query commands.
* mongodb-dbs, mongodb-cols, mongodb-docs, mongodb-insert-batch, mongodb-update-batch, mongodb-delete-batch
* Up to 20x performance improvement with batchsize option support for insert, update, and delete operations
Bug fix
- Fixed a recursive reference issue that could cause high system load in the sonar-departments query command.
Bug fix
* Added Major Version option to Fortigate Connect profile
* Fixed fortigate-src-stats, fortigate-dst-stats commands having no result
* Added device option for fortigate-src-stats, fortigate-dst-stats commands
* Fixed NPE error when there are no query results for fortigate-add-address, fortigate-detected-devices command
First release
- Support datadog-logs query command.
First release
- Support dedicated log parser, log scheams, logger model and dashboards for Cisco Meraki appliances
First release
- Tested on ISEMS S-check v3.0
- Support log schemas, extended query commands, and dashboards
Support 22 query commands and automated response model - Tested on V5.0.2_2h build 4753
* aiwaf-system-status
* aiwaf-users
* aiwaf-commit-changes
* aiwaf-revert-changes
* aiwaf-user-defined-rules
* aiwaf-ip-blacklist-rules
* aiwaf-ip-whitelist-rules
* aiwaf-ip-block-pages
* aiwaf-add-ip-blacklist-rule
* aiwaf-remove-ip-blacklist-rule
* aiwaf-add-ip-whitelist-rule
* aiwaf-remove-ip-whitelist-rule
* aiwaf-add-ip-blacklist-item
* aiwaf-remove-ip-blacklist-item
* aiwaf-add-ip-whitelist-item
* aiwaf-remove-ip-whitelist-item
* aiwaf-add-ip-blacklist-item-batch
* aiwaf-remove-ip-blacklist-item-batch
* aiwaf-add-ip-whitelist-item-batch
* aiwaf-remove-ip-whitelist-item-batch
* aiwaf-add-user-defined-rule
* aiwaf-remove-user-defined-rule
First release
- Support fraud account search command
- Support fraud phone search command
First release
- Support Juniper SSG dedicated log parser, log schemas, logger models, and dashboards
First release
- Support Juniper SRX dedicated log parser, log schemas, logger models, and dashboards
Changelog
- Added support for CloudFront-scope response targets via AWS WAF. Select Cloudfront in region dropbox in AWS WAF target response screen. (Empty value cannot be applied)
- Added support for CloudFront in AWS WAF related commands by using region=cloudfront option.