Aug 10, 2023

In Open Beta

Features in open beta are available to all customers. To share any bug reports or feature requests, please contact your Panther representative.

  • Added raw event filters to log sources.
    • These allow you to filter raw events that are ingested into Panther by using regex or substring filters. 
    • Filtering helps you realize the value of your high-volume logs and use logs that were previously cost-prohibitive when connected with Panther.
  • Onboard Carbon Black logs with our new log source integration.


  • Field discovery can now be enabled for CSV logs with headers.
  • You can now define and discover fields with the following names:
    • year
    • month
    • day
    • hour
    • partition_time
  • Added support for scientific float notation to the unix_ns timestamp format. 
  • In the Panther Console, when editing an alert destination, log types are now grouped by category.

Panther Developer Workflows

  • Versions 3.13.0 and 3.14.0 of panther-analysis have been released, featuring the following updates:
    • Added a new detection for Azure.SignIn.
    • Added GitHub.Audit actor IP to lookup tables.
    • Various bug fixes and improvements.
  • Version 0.25.0 of panther_analysis_tool has been released, featuring the following updates:
    • Added a benchmark subcommand that tests rules against one hour of data for one log type. This enables you to evaluate the performance of your rules prior to uploading them.
    • You can now use the fieldDiscoveryEnabled property to enable or disable field discovery.

Bug Fixes

  • Fixed a bug that caused certain events to drop instead of raising a classification failure.
  • Fixed a bug that created broken breadcrumb links on the alert details page.

Previous Releases

v1.77 Aug 3, 2023
Panther is now available as a provider with support for AWS S3 log sources in the HashiCorp Terraform Registry.
v1.76 Jul 27, 2023
Onboard auditd logs with our new log source integration.
v1.75 Jul 20, 2023
Onboard Heroku and Windows event logs with our new log source integrations.