Improved
- Collector Event Sources: Parsing update for collector event sources to support new fields added with Cisco umbrella V10 DNS and Proxy Log formats, which will be added on to the structured data.
- BitDefender Event Source: BitDefender will no longer parse AV events with a final status
deleted. - SentinelOne EDR Event Source: SentinelOne parsing improvements to populate Account Info to Third Party Alert docs.
- Fortinet Firewall Event Sources: Increased Parsing rates for Fortigate event sources.
- Palo Alto Cortex Data Lake Event Source: Alert name parsing for wildfire threat events will now be more informative for csv format. Also, malware documents produced off wildfire threat events now contain a threat ID for the signature name.
- Security Lake Event Source: We increased Parsing rates for Security Lake event sources.
- Event source credentials: We added clearer error messaging when creating or editing of event source credentials.
- UI changes: We updated some pages in Settings and User Details to be more visually modern and enhance clarity.
Fixed
- We fixed an issue with SQL server collection stopping across many customers unexpectedly.
- We fixed an issue where users couldn't set the TLS option for the Listen on Network Port configuration on FortiGate event sources.
- We fixed an issue where some links to documentation in Cloud Connection pop-ups were redirecting to a broken page.
- We fixed an issue where home page overview links were not available for some users.