Changelog for version 1.0.0#

User interface changes#

  • Force directed graphs - FDGs for graphing relationships between edges and nodes. Tremendously useful for high level insights into entry relationships such as network asset discovery based on passive observation of network connections.

  • Added zoom and pan controls to FDG

  • Now supports highlighting of nodes and selection via doubleclick

  • Dashboards

  • Syncing of searches upon zoom should be more consistent

  • Better notifications and UX on searches-to-tiles management

  • Better error handling and notifications

  • Improved search progress UX

  • Much better handling of window resizing – rotating from portrait to landscape on mobile should no longer be super ugly

  • Charts

  • Added support for area charts

  • Pixel pushing…a lot of pixel pushing.

  • Numerous other bug fixes and enhancements

Backend and Ingester changes#

  • Added Admin control panel to see users active queries and users total storage usage

  • Admin to terminate user searches

  • Added ability to search on and exclude empty matches

  • Enhanced the math modules to be context aware.

  • Type now transparently merge in the pipeline.

  • Stacked math modules condense appropriately.

  • Fixed installer bug where network capture would fail to recognize and use an old config file

  • Fixed issue where repeating a search would use a processed query, removing user formatting

  • Fixed issue with installer where web files did not receive the correct permissions

  • Enhanced pipeline transport reducing memory pressure

  • Throughput increased by up to 30%

  • Fixed issue where members of a group could delete dashboards they did not own

  • Enhanced licensing system to detect and thwart clock rollbacks

  • Slice search module now support relative slice bounds

  • Network log ingest module appropriately detects and removes Linux SLL headers

  • Added ingester log path for metrics on ingester behavior

  • Fixed a potential livelock on ingesters when cache is heavily utilized

  • Enhanced table renderer to intelligently sort using previous module hints

  • Open-sourced components with BSD license.

  • 802.11 & modbus support in packet module.

  • ‘eval’ module provides a basic dynamically-typed programming language for use in search queries.

  • ‘limit’ module allows user to place hard limits on the number of entries returned in a search.

  • Federator to move data across trust boundaries.

  • Improved documentations and examples throughout.