Changelog for version 5.1.1#

Released 14 October 2022#

Web UI Changes#

Bug Fixes#

  • Fixed issue where storage stats on indexers were not updating.

  • Fixed an issue where live search interval was ignored in Query Studio.

  • Fixed issue where non-self-describing modules were not using the ax module when applying element filters.

  • Corrected details pane entry count.

  • Fixed issue where applying element filters would not use arguments.

  • Fixed a display issue with Template name/description in Dashboard query picker.

  • Fixed an issue where users could not set configuration macros on kit install.

  • Removed outdated release notification.

  • Fixed issue where ingester list displayed incorrect grouped entries count.

  • Changed scheduling toggle so that enabling the control also enables scheduling

  • Fixed an issue where dashboard queries could be overwritten in dashboard settings

  • Fixed changelog link on the welcome screen.

  • Added granularity disclaimer to point2point chart.

  • Removed TimestampComponent that reformatted timestamps in a table.

  • Disabled details pane toggle button when search entries are not text|raw.

  • Moved RowNav into meta column instead of floating buttons.

  • Fixed issue where a search could not be backgrounded on the Persistent Searches page.

  • Fixed issue where words parsing would not display depending on scrolling state.

  • Disabled “send to background” when a search is live.

  • Fixed issue where incorrect dashboards were shown as having a dependency on a template while editing the template.

  • Allowed save on resources modal form when labels/permissions change.

  • Fixed issue where non-admin user was able to see and interact with “Admin only” UI elements.

  • Fixed issue with invalid settingsInput form causing DE search to hang.

  • Fixed video chapters selection on home page.

  • Updated to wipe element filters after they’ve been applied and query has updated.

  • Changed ingester list to update every five seconds.

New Additions#

  • Add prompt for user to decide on query param timeframe or lock timeframe in dashboards.

  • Add details pane for table results.

  • Use associated ax to display nested entries for binary data when possible.

Backend Changes#

New Features#

  • The geoip module now supports IPv6 for ASN lookups.

  • Data explorer with XML is now more robust with regards to whitespace.

  • The iplookup module now supports inline filtering.

  • Relaxed RFC3164 rules for data extraction to support more (invalid) forms of RFC3164.

  • The kv module now supports any available flags in pre made AX descriptions in Data Explorer.

  • Searchagent now can optionally backfill missed runs.

Bug Fixes#

  • Fixed an issue that prevented the limit module from correctly reporting stats in cluster mode.

  • Improved handling of values that need to be quoted in Data Explorer.

  • Complex mode is no longer engaged in the stats module when all by keywords are identical.

  • Fixed an issue that prevented the tab character from correctly rendering in PDFs.

Ingester Changes#

  • Added RFC6587 support to Simple Relay.

Other Changes#

  • Added the Unified Generator.