Nov 9, 2021

New and Noteworthy

  • Generate a schema in the UI from uploaded sample logs for quicker data onboarding (docs)
  • New security content that will expand built-in detections, helpers, and data models in Panther (repo)


  • Pull your Zoom operation and activity logs with our new SaaS Log Puller (docs)
  • Pull your 1Password event logs with our new SaaS Log Puller (docs)
  • Map detections to frameworks to better track coverage against compliance frameworks (docs)


  • Log drop-off alarms now support minutes for more granular alarming
  • Built-in detections are non-editable to prevent overwriting modifications when Panther pushes an update
  • Panther Analysis Tool (PAT) can now ignore files entirely to prevent recurring failures during processing
  • Panther's alert listing page now supports filtering by log source
  • Don’t see your log source supported in Panther? Submit a request from the log source onboarding page

Bug Fixes and Migration Instructions

  • p_ field stored as string: this fixes an error when p_alert_context is stored as string of escaped JSON
  • Incorrect start time: this fixes the start time to reflect the alert's start time in Indicator Search
  • Query results show Trailing Z: this fix removes trailing Z on timestamps displayed in Snowflake query results

Previous Releases

v1.24 Oct 22, 2021
v1.23 Sep 28, 2021
v1.22 Sep 3, 2021