InsightIDR Release Notes / Jul 31, 2020

Jul 31, 202020200731

New Features

  • Windows Defender Antivirus: You can now view log entries from the Defender Antivirus operational Windows event log on all Windows endpoints where the Rapid7 Insight Agent is installed. The Insight Agent automatically collects these events and sends them to InsightIDR, where they generate Antivirus alerts. Check out the documentation.
  • Investigations API: Platform Administrators can now use the InsightIDR Investigations API to assign a user to a specific investigation. Check out the documentation.
  • Statistical Search: When running a Log Search, you can select the Summary function to view the results of 5 calculations simultaneously, displayed as a chart and a table so you can visualize the results and drill into the details.
  • New Event Source: InsightIDR now supports Zoom Pro! Now you can send reports and activity logs to InsightIDR to track and generate alerts based on user sign-in and sign-out activities. Check out the documentation..
  • New Event Source: We have added support for Palo Alto Traps TSM! Check out the documentation.

Improvements

  • Ingress Locations Map Refresh: We updated the look and feel of the Ingress Locations Map and added guidance about what to do if you don't see any map data. Check it out by logging into InsightIDR and look for the "Ingress Locations" map on the Home page.
  • Collector: We will now notify you when a collector contains more than the maximum recommended (80) event sources, or is nearing capacity. This way, you can proactively assess your event source distribution, and add an additional collector as needed.

Fixes

  • We fixed an issue where group names in log search were sometimes displayed as numbers.
  • We fixed an issue where "sum" calculations in Log Search were not always displaying results correctly.
  • We fixed an issue where the correct key was not always selected in the log search dropdown.
  • We fixed an issue where links in the Groupby results table in Log Search did not always run the correct query.
  • We fixed an issue where some Log Search Alerts didn't send if an invalid email address was included in the list of recipients.