Sep 13, 2023

New and Noteworthy

Panther Developer Workflows

  • Version 0.26.0 of panther_analysis_tool has been released, featuring the following updates:
    • Improved log schema regexes.
    • Policy resource types may now be optional.
    • Added enrich-test-data command.
    • Added pat command line alias for panther_analysis_tool.
    • Additional bug fixes and improvements.

Now Generally Available

  • Use raw event filters with log sources to filter raw events that are ingested into Panther by using regex or substring filters.
    • Filtering helps you realize the value of your high-volume logs and use logs that were previously cost-prohibitive when connected with Panther.
  • Extract a specific value from a string field with the split transformation for custom logs. This allows you to create new schema fields which you can then designate as indicators.
  • Use the mask transformation to conceal sensitive information within your logs.
    • Redact or obfuscate (using MD5, SHA-1, SHA-256, or SHA-512 hashes) data in the masked fields.
    • Note: Masking a field means you cannot later use Panther’s search tools to query for its original value.