Changelog for version 3.3.6#
Released Feb 20 2020#
GUI Changes#
Fixed issue where very large stackgraphs could not scroll
Fixed issues where labels were not being set on newly-created resources
Fixed issue where color assignments would change when changing orientation of a stackgraph
Backend Changes#
Fixed issue where charting with SRC as a key was condensing improperly
SOAR scripts started using debug interface will not throw notification on failure
Integrated ingest throttling so that we throttle ingesters when out of disk space
Added additional shorthand fields for extraction on winlog ingester
Added ability to pull fields from
UserDataas well asEventDataDramatically increased efficiency in
winlogquery moduleSeeing between 10-100X speedup depending on query
Fixed bug where heavily loaded indexers could cause webserver timeouts
Fixed issue where installers did not properly extract complext secrets during install
Updated syscall interface to deal with upcoming Golang 1.14 release and more agressive interrupts
Updated CSV handlers to better deal with poorly formed headers
Should handle dangling quotes better now
Added label support to all data types
SOAR changes#
Added call to reset proof of life timer
Added functions to get stats about Gravwell deployment
List ingesters
List indexers
Get system descriptions
List indexer stats and well stats
Get Indexer health status
Fixed issue where failed debug scripts would not display errors
Added IPExist access calls
Can now build optimized IPexist data sets in the SOAR system
Ingester Changes#
Updated ingest protocol to better throttle in low disk situations
Updated protocol to better handle older ingesters using old ingest library
Updated protocol to ask indexer if ingest is possible prior to starting
Updated ingesters to engage local caches if ingester can connect but cannot send data
Due to license controls or low disk
Updated KAFKA ingester to support extracting a SOURCE ip from a header value