Aug 10, 2023
In Open Beta
Features in open beta are available to all customers. To share any bug reports or feature requests, please contact your Panther representative.
- Added raw event filters to log sources.
- These allow you to filter raw events that are ingested into Panther by using regex or substring filters.
- Filtering helps you realize the value of your high-volume logs and use logs that were previously cost-prohibitive when connected with Panther.
- Onboard Carbon Black logs with our new log source integration.
- Field discovery can now be enabled for CSV logs with headers.
- You can now define and discover fields with the following names:
- Added support for scientific float notation to the
- In the Panther Console, when editing an alert destination, log types are now grouped by category.
Panther Developer Workflows
- Versions 3.13.0 and 3.14.0 of panther-analysis have been released, featuring the following updates:
- Added a new detection for Azure.SignIn.
- Added GitHub.Audit actor IP to lookup tables.
- Various bug fixes and improvements.
- Version 0.25.0 of panther_analysis_tool has been released, featuring the following updates:
- Added a
benchmarksubcommand that tests rules against one hour of data for one log type. This enables you to evaluate the performance of your rules prior to uploading them.
- You can now use the
fieldDiscoveryEnabledproperty to enable or disable field discovery.
- Added a
- Fixed a bug that caused certain events to drop instead of raising a classification failure.
- Fixed a bug that created broken breadcrumb links on the alert details page.