Jul 27, 2022


  • Pull Dropbox Event Logs with Panther’s new Dropbox log puller. With this puller, you can monitor the following Dropbox team events:
    • User logging into or out of Dropbox (including device information)
    • Changing a user’s role in Dropbox
    • Adding, editing, viewing, and sharing files and folders and by whom
    • Creating and sharing links within your team
  • The alarm logic behind classification errors has been improved to reduce alert fatigue. 
    • In previous versions of Panther, every misclassification triggered a classification error, creating a new alert. With this update, log sources will now fire a single classification alert, which you can mark as resolved to dismiss. New classification errors will re-trigger the same alert.
    • A visualization of misclassifications has also been added to the Panther Console’s Log Sources details page under the Health tab.
    • Note: After updating to Panther version 1.39, the classification error alarm for all log sources will restart, which may cause classification error alerts to re-trigger.
  • You can now stream Jamf Pro Access Logs via S3 to Panther without creating a custom schema.

Schema Changes

  • Additional Lacework schemas have been added to better support Lacework log ingestion.
  • Added the JA3Hash field to Cloudflare’s Cloudflare.HttpRequest log type.