v1.103

Mar 13, 2024

New and Noteworthy

Send alerts to Discord using our new built-in alert destination integration.
Leverage our new REST API playground in the Panther Console to test out APIs, validate API keys, and examine return values.
All beta REST API endpoints and query parameters that previously contained _ have been updated to use - instead.
- The impacted endpoints are as follows:
  - data models: data_models is now data-models
  - simple rules: simple_rules is now simple-rules
  - scheduled rules: scheduled_rules is now scheduled-rules
- Configurations that used the previous versions of these endpoints will no longer function as anticipated. Please update your API integrations if you utilize these endpoints.

Enhancements

Incorporated the following improvements to Detection Packs in the Panther Console:
- Pack updates will now utilize Notifications to communicate status of a pack update.
- Added a confirmation modal when attempting to disable a Pack.
The behavior of “contains” in Simple Detections and filters has been updated to support partial matches on strings when the filter includes *.

Panther Developer Workflows

panther-analysis version 3.45.0 was released. It rolls back a change that created the simple_rules directory, among other fixes and adjustments.
panther_analysis_tool version 0.42.0 was released, featuring a minor update.

Bug Fixes

Pack versions now show the accurate version in the dropdown.
Updated Data Replay to more accurately state when no objects are found.

`

Previous Releases

v1.102 Mar 6, 2024

Added data models for AWS EKS and GCP GKE logs to map to normalized Kubernetes log fields.

v1.101 Feb 29, 2024

Use normalized event filtering to filter out events after they have been parsed by a log schema

v1.100 Feb 21, 2024

Our built-in Carbon Black, Netskope, and Tenable log sources are out of their open beta phase and are now generally available.