v1.102

Latest release

calendar

Mar 6, 2024

New and Noteworthy
  • In Panther version 1.103, targeted for release beginning March 12, 2024, we will introduce a change to our beta REST API endpoints and parameters that will cause pre-existing implementations to no longer function as anticipated.

    • All endpoints and query parameters that previously contained _ will be updated to use - instead. The impacted endpoints are as follows:

      • data models: data_models will become data-models

      • simple rules: simple_rules will become simple-rules

      • scheduled rules: scheduled_rules will become scheduled-rules

    • If you utilize these endpoints, to ensure that your implementations of the Panther API continue working after next week, please update your configurations after your instance is upgraded to version 1.103.

    • This change will take effect with the release of Panther version 1.103 beginning on March 12, 2024.

    • We do not intend to make any breaking changes to our API endpoints after they are out of their beta phase.

  • panther-analysis versions 3.43.0 and 3.44.0 were released, featuring the following changes among other additions and improvements:

    • Converted several rules to Python from SDYAML.

    • Added data models for AWS EKS and GCP GKE logs to map to normalized Kubernetes log fields. 

Enhancements
  • Renamed “Rule Matches” to “Alerts” on the rule details page.

  • Added a “Copy ID” button to the rule details page in the Panther Console.

  • Added a clearer error message when users attempt to run data replay on data from within the last 24 hours.

  • When exporting search results from the Panther Console as a CSV, the columns users select to show in their results as well as their order will persist into the exported CSV.

  • Added the ability to use nested fields with JSON path notation in the Simple Detection builder in the Panther Console.

Panther Developer Workflows
Bug Fixes
  • Fixed an issue with an indicator search pivot button in alerts.

  • Fixed an issue with breakpoints in detection code that would cause the detections engine to hang.

  • The “download all entities” button no longer retrieves cached results, enabling users to obtain a more up-to-date export.

  • Fixed an issue that caused scheduled queries above 128KB to fail.

  • Fixed an issue that caused the detection page to crash when attempting to create a detection with an existing ID.

  • The ingestion dashboard in the Panther Console now displays the number of bytes filtered over the past month.

Previous Releases

v1.101

Feb 29, 2024

check-circle

Use normalized event filtering to filter out events after they have been parsed by a log schema

v1.101

Feb 29, 2024

check-circle

Use normalized event filtering to filter out events after they have been parsed by a log schema

v1.101

Feb 29, 2024

check-circle

Use normalized event filtering to filter out events after they have been parsed by a log schema

v1.101

Feb 29, 2024

check-circle

Use normalized event filtering to filter out events after they have been parsed by a log schema

v1.100

Feb 22, 2024

check-circle

Our built-in Carbon Black, Netskope, and Tenable log sources are out of their open beta phase and are now generally available.

v1.100

Feb 22, 2024

check-circle

Our built-in Carbon Black, Netskope, and Tenable log sources are out of their open beta phase and are now generally available.

v1.100

Feb 22, 2024

check-circle

Our built-in Carbon Black, Netskope, and Tenable log sources are out of their open beta phase and are now generally available.

v1.100

Feb 22, 2024

check-circle

Our built-in Carbon Black, Netskope, and Tenable log sources are out of their open beta phase and are now generally available.

v1.99

Feb 14, 2024

check-circle

Added the ability to configure dynamic severity, alert context, and groupby functions for Simple Detections in the Panther Console.

v1.99

Feb 14, 2024

check-circle

Added the ability to configure dynamic severity, alert context, and groupby functions for Simple Detections in the Panther Console.

v1.99

Feb 14, 2024

check-circle

Added the ability to configure dynamic severity, alert context, and groupby functions for Simple Detections in the Panther Console.

v1.99

Feb 14, 2024

check-circle

Added the ability to configure dynamic severity, alert context, and groupby functions for Simple Detections in the Panther Console.