Changelog for version 5.0.3#

Released June 16 2022#

Web UI Changes#

Bug Fixes#

  • Fix an issue where pointmap tooltips won’t close

  • Fix an issue where the Location Settings modal on a pointmap repeatedly opens

  • Fix an issue where users could choose a search group that they did not belong to

  • Prevent nested token checkboxes from overlapping in Chrome 103/104.

  • Fix an issue where the UI would freezes when “Launch Search” button was pressed several times per second

  • Fix an issue where templates would not launch from actionables

  • Fix an issue where actionables were unable to launch certain dashboards

  • Fix an issue where dashboards could not be opened immediately after creation

  • Fix an issue where asset names were unnecessarily capitalized

  • Fix an issue where it was not possible to favorite a kit inside the kit tab

  • Remove old tutorial messages

  • Decode UTF-8 bytes before displaying data in raw/text renderers

  • Fix an apparently “infinite loading” issue due caused by lack of permission

  • Fix a reactivity problem with side menu favorites

  • Add missing styles for favorites

  • Fix a flows display issue

  • Fix an issue displaying Saved Queries recently installed from kits

  • Fix an issue with flows search/filtering

  • Fix an issue where favoriting a staged (not deployed) kit creates dead favorites link

  • Fix an issue where the erong owner was displayed when editing an user’s actionable as an admin

  • Fix an issue where dashboard minimized tile doesn’t dissapear when we maximize it

  • Add missing autoextractor modal info button styles

  • Buffer enter key presses in Query Studio

  • Show parsing status for user on query studio

  • Enable Firefox private browsing storage

  • Fix an issue where a dashboard won’t link to a playbook without hard reload

  • Fix an issue where the dashboard can get into a weird blank state

  • Fix a UX issue related to showing flow node inspector

  • Fix an issue where pointmap map markers remain in active state after de-selecting

  • Fix an issue where the Query Studio struggles to keep up with rapidly changing renderer type

  • Fix an issue where Query Studio does not update stats on long running queries

  • Fix an issue where the stats websocket is always fired and repeately times out

  • Handle a null-UUID error when displaying ingester info

  • Fix a style issue in favorites

  • Fix an issue where websocket connection banner shows unnecessarily

  • Fixed issue where non-admin users could not set their homepage

New Additions#

  • Filter autocomplete suggestions as user types flow variable name

  • Show search progress in Search Results and Query Studio

  • New query library list

  • Highlight data that is next to floating “expand” box on text renderer

Backend Changes#

  • Fixed a bug in the cef module that caused no entries to drop when using filters.

  • Fixed a bug in the ip module that caused no entries to drop when using the -or flag.

  • Propagate tag maps into eval module processing so TAG resolves to a name instead of a number.

  • Fixed a bug that prevented a non-admin user from making changes to globally accessible items that they own.

  • Added a “Last Scheduled” timestamp to flow and script info.

  • Fixed a bug in the searchgroup API that failed to remove a user from the group.

Ingesters & Ingest Library Changes#

  • Added SASL support to the Kafka Federator.

  • Added a Sysmon configuration option when installing the winevent ingester.

  • Updated the Google pubsub ingester to limit needed privileges.

General/Miscellaneous#

  • Installers now wrap Ingest-Secret and other secrets in quotes by default.

  • Added a type field to the lines ingest API.

  • Moved the /api/indexer/info API to /api/stats/wellstats