Changelog for version 5.4.0#

Released 29 September 2023#

Added acceleration support for eval when using ax.
Added filter bar to the CBAC Tag Access Summary table.
Added the ability to edit permissions on a Kit after it has been installed.
Added the ability to share a Kit with multiple groups after it has been installed.
Added Alert Context debugging to Flows to aid development of consumer flows.
Added an optional Timeframe Offset for Scheduled Searches.
Added wordcloud settings to allow user to adjust font size when rendering words with very different magnitudes.
Added Systems & Health pages as options for Home Page preferences.
Added the ability for JS and Go flow nodes to halt execution.
Added support for setting output name in JSON Encode flow node.
Added hinting for macros and iplookup columns.
Added other type of C-style comments: //
Added ingest time EV attach in global config.
Improved support for overlapping wildcard tags on well definitions.
Improved performance in the winlog module.
ip module now supports multiple filters when using the same EV.

Allowed gif uploads for Playbook covers.
Disabled Kit Download when building a kit form is incomplete.
Fixed an issue where tooltips were unreadable in light theme.
Fixed an issue where Query Studio tab data could leak across user accounts.
Fixed an issue where Playbook was still saved even if autosave was disabled.
Fixed an issue where an admin user was unable to see other users in the filters for Flows.
Fixed an issue where an admin user was unable to see flows belonging to other users.
Fixed an issue where a Scheduled Search sometimes could not be saved if only the timeframe was edited.
Fixed an issue where Actionables run query action was expanded before executing the query.
Fixed an issue where Last Run time was not updated for disabled automations (Flows, Scheduled Searches, Scripts).
Fixed an issue where deleting an uploaded Extractor would not reactively remove it from the list - a refresh was required.
Fixed an issue where ingester list page would not show calendar data for all wells.
Fixed an issue where topology view would send many preferences requests.
Improved consistency of time format across charts.
Improved performance in Query Studio when there are multiple tabs open and extensive search history.
Improved performance loading Flows when there are many in the system.
Improved performance loading Extractors when there are many in the system.
Required Scheduled Search timeframe to be greater than 0s.
Required Search capability to be a dependency for ScheduleWrite capability.

Added support for multifiltering hints on ax derived extractions.
Added multifiltering acceleration support to the words module.
Added strict flag to CEF and fixed malformed data edge case.
Changed ipexist module to drop all unsupported ipv6 matches.
Changed JSON Encode flow node to output a string instead of a byte array.
Fixed an edge case in the webserver that could cause a crash.
Fixed behavior with duplicate search library entries from Kits.
Fixed an issue with handling the BOM character in fulltext and syslog.
Fixed an issue with EV timestamp helper and eval duration arithmetic that caused problems casting time() on a slice.
Fixed an issue with error diagnostic on reserved word in eval.
Fixed an issue with completions and diagnostics when comments are present.
Fixed an issue where Get Table Results and Get Text Results would allow negative counts.
Fixed an issue where ipfix module was not handling mac addresses correctly with data exploration.
Fixed an issue where time module wouldn’t work when using the -oformat flag when combined with a string input.
Fixed various edge cases with stats module.
Improved overview chart tracking of certain queries.
Improved behavior when dealing with large attachments in Email flow node.
Improved handling of webserver startup when datastore is unreachable.
Improved handling of loadbalancer startup when datastore is unreachable.
Improved performance for Ingest flow node.

Fixed an issue that prevented an ingester from exiting if it got into a bad state with both disk and cache being full.