Oct 4, 2022
- Pull Sysdig audit logs for infrastructure monitoring with Panther’s new Sysdig log puller.
Now Generally Available
- The Panther API is now generally available and no longer in beta.
- The following fields are no longer required in Amazon.EKS.Audit:
- The following field is no longer required in Gravitational.TeleportAudit:
- The field p_any_usernames has been added to the CloudTrail schema.
- The speed of inferring and testing schemas from raw data has been improved.
- In the Panther Console, on the Add New Source page, you can now use the search bar to filter for built-in log types.
- In the Panther Console, in a log source’s health tab, classification failure events are now only displayed if the log source becomes unhealthy.
- A new parameter has been added to Panther’s CloudFormation deployment parameters:
Panther Developer Workflows
- panther-analysis has been updated to version 1.36, which includes the following changes:
- Added detections for Sigma AWS and Okta password access.
- Deprecated the unusual logins detection.
- Various other enhancements and bug fixes.