New and Noteworthy

In the Panther Console, in the Dashboard’s Data tab, the total volume of events processed now accurately displays data for all ingested log types. In previous versions of Panther, only log types that had data processed in the last 14 days were included in the display.

Please note that because this update now correctly accounts for all ingested log types, your total volume of events processed may appear larger than before.

In Open Beta

Added the ability to define a field schema with the copy:from transformation for custom logs.

This allows you to select a field and promote it to a top-level field in the nested hierarchy, helping you flatten your data’s JSON structure.

In Closed Beta

Assign role-based access control (RBAC) by log type for alerts.

This feature allows you to create roles that are only permitted to view or manage certain alerts based on log type, enhancing your ability to add more granular authorization controls.

Enhancements

• Lookup Tables now support array primary keys.

• The following enhancements have been made to pantherlog:

  • pantherlog infer can now output a schema name by taking the --name flag.

  • pantherlog test now ignores p_event_time when an event field is not provided.

  • Added additional context to validation errors in pantherlog test for improved troubleshooting.

Panther Developer Workflows

Version 3.2.2 of panther-analysis has been released, featuring the following updates:

• Added new Snyk detections.

• Name and ID fields are now wrapped in double quotes to account for special characters in those fields. If these fields do not have any special YAML characters and you do not rely on Panther Console's Export option to be identical to the original YAML file, the double quotes are not required.

Bug Fixes

• Resolved an issue that caused events to have inconsistent timestamps for the p_alert_creationfield.

• Added missing fields to the AWS.WAFWebACL schema.

• Fixed missing hostname and domain name indicators in the SentinelOne CloudFunnel 2.0 schema.