Jun 8, 2021

New and Noteworthy

  • View and clone Panther-managed schemas in the UI for simpler schema management
  • Pivot from IP addresses, ARNs, and other indicators in alerts to investigate hits across data sources


  • Data that fails to normalize due to a parsing error is now searchable in the data lake
  • Mock external API calls when unit testing detections to build effective detections (docs)


  • Scheduled queries and saved queries are now supported in Detection Packs
  • A table with "flat" GSuite data is created to more easily query and write detections against GSuite logs
  • CrowdStrike event tables are available to more easily query and write detections against CrowdStrike logs
  • Snowflake configuration steps have been updated for self-hosted customers upgrading to 1.18

Bug Fixes

  • Password reset flow is broken: this fixes a blank screen that appears after resetting a password
  • UI loses query ID: this fixes the query ID being dropped when toggling between Query History to Data Explorer

Previous Releases

v1.17 May 12, 2021
Create alarms to alert you when logs drop off from a log source or Panther loses permission
Pull your Salesforce logs with our new SaaS Log Puller
Pull your Microsoft Office 365 logs with our new SaaS Log Puller
v1.16 Mar 31, 2021
Analyze historical data and generate scheduled alerts with Scheduled Queries
Quickly view your query history and rerun past queries in the UI
Simplified detection management with "detection packs"
v1.15 Mar 1, 2021
Health monitoring for Snowflake to validate your logs are flowing as expected
Pull your Duo logs with our new SaaS log puller.
Cloud Security scan history is now stored in your data lake