v1.101
Feb 29, 2024
New and Noteworthy
The following features are in open beta and are available to all Panther customers.
- Use normalized event filtering to filter out events after they have been parsed by a log schema.
- Use our two new REST API endpoints for data models and queries to programmatically manage more of your detection content.
Now Generally Available
- Our Simple Detections feature is now out of its open beta phase and is generally available.
Enhancements
- Data replay now supports inline filters.
- Our existing Lacework log source integration has been split into two options in the log source setup page in the Panther Console: Lacework Export and Lacework Alert Channel Webhook.
- These options more clearly represent previously-existing configuration options when setting up a Lacework log source.
Bug Fixes
- Fixed a bug with re-delivering alerts where only rule alerts would get re-delivered (and not, for example, system health alerts) when a user manually clicked the “re-deliver alert” button.
- Fixed an issue with detection rule match list filters in the Console that prevented them from functioning as intended.
- Alert IDs will now be deduplicated when a user requests the same alert ID multiple times in a public API request, instead of returning an error.
- The Simple Detection Console builder now supports boolean False and empty string comparisons.
- Fixed a bug with Simple Detection KeyPaths where uppercase keys after an array index were impossible to match against.
- Fixed a bug that treated rule errors as rule matches when attempting to re-deliver alerts.