v1.82

New and Noteworthy

• Added the ability to infer schemas from data streamed into Panther for custom HTTP log sources.
  • You may now choose to attach schemas to custom HTTP log sources after initial setup. You may configure your custom sources to use pre-existing schemas or create new ones using our process.

Panther Developer Workflows

• Version 0.26.0 of panther_analysis_tool has been released, featuring the following updates:
  • Improved log schema regexes.
  • Policy resource types may now be optional.
  • Added enrich-test-data command.
  • Added pat command line alias for panther_analysis_tool.
  • Additional bug fixes and improvements.

Now Generally Available

• Use raw event filters with log sources to filter raw events that are ingested into Panther by using regex or substring filters.
  • Filtering helps you realize the value of your high-volume logs and use logs that were previously cost-prohibitive when connected with Panther.
• Extract a specific value from a string field with the split transformation for custom logs. This allows you to create new schema fields which you can then designate as indicators.
• Use the mask transformation to conceal sensitive information within your logs.
  • Redact or obfuscate (using MD5, SHA-1, SHA-256, or SHA-512 hashes) data in the masked fields.
  • Note: Masking a field means you cannot later use Panther’s search tools to query for its original value.