v1.104

Mar 20, 2024

New and Noteworthy

panther-analysis version 3.46.0 was released, featuring the following improvements among other changes:
- Added a is_base64 global helper function to determine whether a string is base64 encoded and return the decoded string.
- Improved public IP recognition in several detections.
Added support for Policy Denied audit logs to the GCP.AuditLog log type.

Enhancements

Deployed improvements to the normalization process for SQS, HTTP and Pub/Sub sources and the log processing pipeline that may lead to decreased AWS Lambda and AWS S3 costs, respectively, for Cloud Connected customers.

Bug Fixes

Fixed a bug that caused search summaries with empty values to not create the correct filter chips.
Fixed a bug that caused the cursor to displayed a few characters off in Data Explorer.
Fixed an issue that caused AWS VPC DNS logs in Parquet to result in classification errors.
Fixed a bug that caused false health alerts for Tenable log sources.
Fixed an issue where runaway rules would break Data Replay.

`

Previous Releases

v1.103 Mar 13, 2024

Send alerts to Discord using our new built-in alert destination integration.

v1.102 Mar 6, 2024

Added data models for AWS EKS and GCP GKE logs to map to normalized Kubernetes log fields.

v1.101 Feb 29, 2024

Use normalized event filtering to filter out events after they have been parsed by a log schema